KitKat, the newest operating system for Google’s Android, will allow apps based on Near Field Communication (NFC) to bypass the secure element (SE) that hosted card emulation (HCE) requires for NFC-based payments. This will diminish the power that telecommunication companies (telcos) wield within the mobile payments market.
In other words, the power of telcos has been severely compromised because they don’t control the cloud-based SE environment. Due to Android’s huge share in the smartphone market, the major telcos are not going to be able to affect Google’s place on the food chain regarding NFC mobile payments.
In 2011, Google launched Google Wallet, which includes NFC-based in-store proximity payments among its benefits. At&T, Verizon and T-Mobile, who have their own mobile wallet called Isis, responded to the launch by blocking the app from reaching the SE which is found in the SIM of their mobile devices.
This allows users of the Isis participants devices to use Google wallet for remote payments, but not for in-store proximity payments. It must be noted that Sprint is not associated with Isis, and found no reason to block Google Wallet.
Google had already taken steps to neutralise the telcos in 2012 by moving to card provisioning that is cloud-based. This allows users to connect all of their cards to their Google Wallet account without having to rely on work-arounds such as Google-friendly banks or virtual prepaid cards.
After Google removed the huge obstacle of connecting bank accounts to Google Wallet, their next obvious task was to find a way to neutralise the telcos which are involved in Isis. The companies involved in Isis have only themselves to blame; if they hadn’t initially tried to quash Google Wallet, Google wouldn’t have retaliated.
The Anticipated Effects
Because an SE is no longer needed due to HCE, an NFC handset can take the SE out of the picture, allowing services that are NFC-based, such as ticketing, payments and access control to be developed and implemented more quickly and efficiently. This removes most of the leverage that the Isis participants once had in the NFC ecosystem.
What it Means for Android App Developers and Builders
Without getting overly technical here, HCE can be used for much more than payments. This means that any app developer can have access to full NFC capability.
The most important idea that an android app developer or builder can take from this development is that any NFC handset can be turned into a fully functional contactless card reader. The implications for the mobile point of sale (mPOS) market are nearly limitless in their potential for wider development of NFC apps. The only possible snag is that security issues could appear due to open development and emulation.
The Big “If”
The big “if” here is whether HCE and Google Wallet catch on with financial providers, merchants and customers or if other solutions such as QR codes grab the lion’s share of the market. Financial institutions and merchants are concerned about security issues associated with NFC and HCE and many are in a “wait and see” mode.
The biggest fear is that HCE could be used in a malicious fashion to steal credit card information. Though it hasn’t been proven that this is even possible, many merchants and consumers distrust the current technology’s ability to provide adequate security for HCE and NFC.
We don’t know where the situation will lead, but it is definitely worth monitoring.