Card issuers looking to deploy host card emulation (HCE) mobile payments should not rely on tokenization alone to secure their services, NFC technology provider Sequent recommends in a white paper that is now available to download from the NFC World Knowledge Centre.
“Beyond Tokenization: Ensuring secure mobile payments using dynamic issuance with on-device security and management” examines the security issues that arise with the deployment of HCE services and provides an overview of how cloud-based payments using tokenization and HCE are typically deployed today.
It also looks in-depth at the threats faced by HCE service providers, and why the dynamic management of account data should be a key consideration for card issuers intending to provision cloud-based payment credentials to mobile devices.
The white paper also explains the digital issuance and tokenization processes used in cloud-based mobile payments and the role on-device software plays in preventing a variety of potential attack types.
“The great strength of HCE cloud payments is linked to dynamic data, while the nature of security provided by tokenization is static,” the paper explains. “In a world of connected and always-on devices, static security is not enough. Security needs to be dynamic and continuously validated.”
You can download this document free of charge from the NFC World Knowledge Centre.