Welcome!

News Feed Item

INSIDE Secure Launches HCE-Based Software Payments Application

INSIDE Secure, a leader in embedded security solutions for mobile and connected devices, today announces at CARTES America the launch of a white-label Android application for Host Card Emulation (HCE) based payments. The new MatrixHCE product enables mobile payment application providers to accelerate time to market by using the pre-validated HCE payment functionality. It includes the highest level of software security to defend against any attacks in the hostile mobile environment.

Introduced on Android 4.4 (KitKat), Host Card Emulation (HCE) allows for contactless payments (and other services including loyalty programs, building access and transit passes) to be made directly between the consumers' bank mobile application and the retailers point-of-sale, using NFC technology. It allows sensitive data used to facilitate transactions to be stored on, and accessed from, cloud servers rather than a mobile device and without the use of a hardware secure element. HCE therefore enables widespread deployment of mobile payments, which have previously been restricted by the limited deployment of hardware secure elements in mobile devices. However HCE adoption has been hampered by the security concerns associated with software payment applications running on open mobile platforms. MatrixHCE combines INSIDE Secure’s long expertise in payments security with the software security expertise it gained from Metaforic, a company acquired by INSIDE Secure on April 5, 2014, to address these concerns and offer the highest possible level of software security.

MatrixHCE supports the HCE payment standards announced by major payment brands such as Mastercard and VISA, in preparation for the global commercial rollout later this year. It benefits from the software obfuscation and whitebox encryption security technologies developed by Metaforic. These have successfully undergone extensive penetration tests at external security labs. MatrixHCE also embeds secure networking communication technologies to protect the exchanges between the cloud server and the mobile application, thereby further protecting banking and payment data.

“The mobile payment market has tremendous potential and we are excited to bring this innovative offering to market to accelerate deployments,” said Simon Blake-Wilson, executive vice president of Mobile Security division at INSIDE Secure. “Our solution raises the bar on software security by combining application and cloud security to solve the critical problem in delivering workable HCE based payment solutions.”

With the addition of MatrixHCE, INSIDE Secure offers the most complete range of client security solutions for the payments market, comprising:

  • Micropass, consisting of chip, OS and payments applications for traditional card-based payments
  • VaultSEcure, a hardware secure element solution consisting of chip, OS and payments applications for hardware-based mobile payments
  • MatrixHCE, a white-label application, building on HCE for software-based mobile payments

INSIDE Secure is uniquely positioned as the only company able to provide security solutions for enterprise secure access, digital entertainment and financial services markets, the three key market drivers for mobile security. Benefitting from this expertise, MatrixHCE is built upon the trusted foundation of MatrixSSE, INSIDE’s software secure element, including anti-tampering and code obfuscation technologies, which allows the application to defend itself against malware, “man-in-the-app” attacks (Trojan horse) and communication spoofing attacks. MatrixSSE provides security capabilities for general applications, while MatrixHCE adds payment specific security mechanisms and transaction security capabilities on top of MatrixSSE. With this level of security, banks and financial applications providers who plan to deploy secure mobile apps can insure the highest level of protection for the payment transactions.

About INSIDE Secure

INSIDE Secure (NYSE Euronext Paris FR0010291245 – INSD) provides comprehensive embedded security solutions. World-leading companies rely on INSIDE Secure’s mobile security and secure transaction offerings to protect critical assets including connected devices, content, services, identity and transactions. Unmatched security expertise combined with a comprehensive range of IP, semiconductors, software and associated services gives INSIDE Secure customers a single source for advanced solutions and superior investment protection. For more information, visit www.insidesecure.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Whether you like it or not, DevOps is on track for a remarkable alliance with security. The SEC didn’t approve the merger. And your boss hasn’t heard anything about it. Yet, this unruly triumvirate will soon dominate and deliver DevSecOps faster, cheaper, better, and on an unprecedented scale. In his session at DevOps Summit, Frank Bunger, VP of Customer Success at ScriptRock, discussed how this cathartic moment will propel the DevOps movement from such stuff as dreams are made on to a practic...
As software becomes more and more complex, we, as software developers, have been splitting up our code into smaller and smaller components. This is also true for the environment in which we run our code: going from bare metal, to VMs to the modern-day Cloud Native world of containers, schedulers and micro services. While we have figured out how to run containerized applications in the cloud using schedulers, we've yet to come up with a good solution to bridge the gap between getting your contain...
The modern software development landscape consists of best practices and tools that allow teams to deliver software in a near-continuous manner. By adopting a culture of automation, measurement and sharing, the time to ship code has been greatly reduced, allowing for shorter release cycles and quicker feedback from customers and users. Still, with all of these tools and methods, how can teams stay on top of what is taking place across their infrastructure and codebase? Hopping between services a...
Niagara Networks exhibited at the 19th International Cloud Expo, which took place at the Santa Clara Convention Center in Santa Clara, CA, in November 2016. Niagara Networks offers the highest port-density systems, and the most complete Next-Generation Network Visibility systems including Network Packet Brokers, Bypass Switches, and Network TAPs.
Zerto exhibited at SYS-CON's 18th International Cloud Expo®, which took place at the Javits Center in New York City, NY, in June 2016. Zerto is committed to keeping enterprise and cloud IT running 24/7 by providing innovative, simple, reliable and scalable business continuity software solutions. Through the Zerto Cloud Continuity Platform™, organizations can seamlessly move and protect virtualized workloads between public, private and hybrid clouds. The company’s flagship product, Zerto Virtual...
Without a clear strategy for cost control and an architecture designed with cloud services in mind, costs and operational performance can quickly get out of control. To avoid multiple architectural redesigns requires extensive thought and planning. Boundary (now part of BMC) launched a new public-facing multi-tenant high resolution monitoring service on Amazon AWS two years ago, facing challenges and learning best practices in the early days of the new service. In his session at 19th Cloud Exp...
For basic one-to-one voice or video calling solutions, WebRTC has proven to be a very powerful technology. Although WebRTC’s core functionality is to provide secure, real-time p2p media streaming, leveraging native platform features and server-side components brings up new communication capabilities for web and native mobile applications, allowing for advanced multi-user use cases such as video broadcasting, conferencing, and media recording.
WebRTC is about the data channel as much as about video and audio conferencing. However, basically all commercial WebRTC applications have been built with a focus on audio and video. The handling of “data” has been limited to text chat and file download – all other data sharing seems to end with screensharing. What is holding back a more intensive use of peer-to-peer data? In her session at @ThingsExpo, Dr Silvia Pfeiffer, WebRTC Applications Team Lead at National ICT Australia, looked at differ...
"Plutora provides release and testing environment capabilities to the enterprise," explained Dalibor Siroky, Director and Co-founder of Plutora, in this SYS-CON.tv interview at @DevOpsSummit, held June 9-11, 2015, at the Javits Center in New York City.
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo 2016 in New York. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place June 6-8, 2017, at the Javits Center in New York City, New York, is co-located with 20th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading industry p...
Security, data privacy, reliability and regulatory compliance are critical factors when evaluating whether to move business applications from in-house client hosted environments to a cloud platform. In her session at 18th Cloud Expo, Vandana Viswanathan, Associate Director at Cognizant, In this session, will provide an orientation to the five stages required to implement a cloud hosted solution validation strategy.
SYS-CON Events announced today that CA Technologies has been named "Platinum Sponsor" of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, New York, and 21st International Cloud Expo, which will take place in November in Silicon Valley, California.
The security needs of IoT environments require a strong, proven approach to maintain security, trust and privacy in their ecosystem. Assurance and protection of device identity, secure data encryption and authentication are the key security challenges organizations are trying to address when integrating IoT devices. This holds true for IoT applications in a wide range of industries, for example, healthcare, consumer devices, and manufacturing. In his session at @ThingsExpo, Lancen LaChance, vic...
SYS-CON Events announced today that delaPlex will exhibit at SYS-CON's @CloudExpo, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. delaPlex pioneered Software Development as a Service (SDaaS), which provides scalable resources to build, test, and deploy software. It’s a fast and more reliable way to develop a new product or expand your in-house team.
Wooed by the promise of faster innovation, lower TCO, and greater agility, businesses of every shape and size have embraced the cloud at every layer of the IT stack – from apps to file sharing to infrastructure. The typical organization currently uses more than a dozen sanctioned cloud apps and will shift more than half of all workloads to the cloud by 2018. Such cloud investments have delivered measurable benefits. But they’ve also resulted in some unintended side-effects: complexity and risk. ...