Welcome!

News Feed Item

INSIDE Secure Launches HCE-Based Software Payments Application

INSIDE Secure, a leader in embedded security solutions for mobile and connected devices, today announces at CARTES America the launch of a white-label Android application for Host Card Emulation (HCE) based payments. The new MatrixHCE product enables mobile payment application providers to accelerate time to market by using the pre-validated HCE payment functionality. It includes the highest level of software security to defend against any attacks in the hostile mobile environment.

Introduced on Android 4.4 (KitKat), Host Card Emulation (HCE) allows for contactless payments (and other services including loyalty programs, building access and transit passes) to be made directly between the consumers' bank mobile application and the retailers point-of-sale, using NFC technology. It allows sensitive data used to facilitate transactions to be stored on, and accessed from, cloud servers rather than a mobile device and without the use of a hardware secure element. HCE therefore enables widespread deployment of mobile payments, which have previously been restricted by the limited deployment of hardware secure elements in mobile devices. However HCE adoption has been hampered by the security concerns associated with software payment applications running on open mobile platforms. MatrixHCE combines INSIDE Secure’s long expertise in payments security with the software security expertise it gained from Metaforic, a company acquired by INSIDE Secure on April 5, 2014, to address these concerns and offer the highest possible level of software security.

MatrixHCE supports the HCE payment standards announced by major payment brands such as Mastercard and VISA, in preparation for the global commercial rollout later this year. It benefits from the software obfuscation and whitebox encryption security technologies developed by Metaforic. These have successfully undergone extensive penetration tests at external security labs. MatrixHCE also embeds secure networking communication technologies to protect the exchanges between the cloud server and the mobile application, thereby further protecting banking and payment data.

“The mobile payment market has tremendous potential and we are excited to bring this innovative offering to market to accelerate deployments,” said Simon Blake-Wilson, executive vice president of Mobile Security division at INSIDE Secure. “Our solution raises the bar on software security by combining application and cloud security to solve the critical problem in delivering workable HCE based payment solutions.”

With the addition of MatrixHCE, INSIDE Secure offers the most complete range of client security solutions for the payments market, comprising:

  • Micropass, consisting of chip, OS and payments applications for traditional card-based payments
  • VaultSEcure, a hardware secure element solution consisting of chip, OS and payments applications for hardware-based mobile payments
  • MatrixHCE, a white-label application, building on HCE for software-based mobile payments

INSIDE Secure is uniquely positioned as the only company able to provide security solutions for enterprise secure access, digital entertainment and financial services markets, the three key market drivers for mobile security. Benefitting from this expertise, MatrixHCE is built upon the trusted foundation of MatrixSSE, INSIDE’s software secure element, including anti-tampering and code obfuscation technologies, which allows the application to defend itself against malware, “man-in-the-app” attacks (Trojan horse) and communication spoofing attacks. MatrixSSE provides security capabilities for general applications, while MatrixHCE adds payment specific security mechanisms and transaction security capabilities on top of MatrixSSE. With this level of security, banks and financial applications providers who plan to deploy secure mobile apps can insure the highest level of protection for the payment transactions.

About INSIDE Secure

INSIDE Secure (NYSE Euronext Paris FR0010291245 – INSD) provides comprehensive embedded security solutions. World-leading companies rely on INSIDE Secure’s mobile security and secure transaction offerings to protect critical assets including connected devices, content, services, identity and transactions. Unmatched security expertise combined with a comprehensive range of IP, semiconductors, software and associated services gives INSIDE Secure customers a single source for advanced solutions and superior investment protection. For more information, visit www.insidesecure.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
"Tintri focuses on the Ops side of the DevOps, which basically is pushing more and more of the accessibility of the infrastructure to the developers and trying to get behind the scenes," explained Dhiraj Sehgal of Tintri in this SYS-CON.tv interview at 20th Cloud Expo, held June 6-8, 2017, at the Javits Center in New York City, NY.
Cloud applications are seeing a deluge of requests to support the exploding advanced analytics market. “Open analytics” is the emerging strategy to deliver that data through an open data access layer, in the cloud, to be directly consumed by external analytics tools and popular programming languages. An increasing number of data engineers and data scientists use a variety of platforms and advanced analytics languages such as SAS, R, Python and Java, as well as frameworks such as Hadoop and Spark...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know that not all workloads are suitable for cloud. You know that you want the kind of ease of use and scalability that you get with public cloud, but your applications are architected in a way that makes the public cloud a non-starter. You’re looking at private cloud solutions based on hyperconverged infrastructure, but you’re concerned with the limits inherent in those technologies.
The current age of digital transformation means that IT organizations must adapt their toolset to cover all digital experiences, beyond just the end users’. Today’s businesses can no longer focus solely on the digital interactions they manage with employees or customers; they must now contend with non-traditional factors. Whether it's the power of brand to make or break a company, the need to monitor across all locations 24/7, or the ability to proactively resolve issues, companies must adapt to...
Both SaaS vendors and SaaS buyers are going “all-in” to hyperscale IaaS platforms such as AWS, which is disrupting the SaaS value proposition. Why should the enterprise SaaS consumer pay for the SaaS service if their data is resident in adjacent AWS S3 buckets? If both SaaS sellers and buyers are using the same cloud tools, automation and pay-per-transaction model offered by IaaS platforms, then why not host the “shrink-wrapped” software in the customers’ cloud? Further, serverless computing, cl...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know that not all workloads are suitable for cloud. You know that you want the kind of ease of use and scalability that you get with public cloud, but your applications are architected in a way that makes the public cloud a non-starter. You’re looking at private cloud solutions based on hyperconverged infrastructure, but you’re concerned with the limits inherent in those technologies.
SYS-CON Events announced today that Enzu will exhibit at SYS-CON's 21st Int\ernational Cloud Expo®, which will take place October 31-November 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA. Enzu’s mission is to be the leading provider of enterprise cloud solutions worldwide. Enzu enables online businesses to use its IT infrastructure to their competitive advantage. By offering a suite of proven hosting and management services, Enzu wants companies to focus on the core of their ...
With major technology companies and startups seriously embracing Cloud strategies, now is the perfect time to attend 21st Cloud Expo October 31 - November 2, 2017, at the Santa Clara Convention Center, CA, and June 12-14, 2018, at the Javits Center in New York City, NY, and learn what is going on, contribute to the discussions, and ensure that your enterprise is on the right path to Digital Transformation.
In his session at @ThingsExpo, Eric Lachapelle, CEO of the Professional Evaluation and Certification Board (PECB), provided an overview of various initiatives to certify the security of connected devices and future trends in ensuring public trust of IoT. Eric Lachapelle is the Chief Executive Officer of the Professional Evaluation and Certification Board (PECB), an international certification body. His role is to help companies and individuals to achieve professional, accredited and worldwide re...
In the world of DevOps there are ‘known good practices’ – aka ‘patterns’ – and ‘known bad practices’ – aka ‘anti-patterns.' Many of these patterns and anti-patterns have been developed from real world experience, especially by the early adopters of DevOps theory; but many are more feasible in theory than in practice, especially for more recent entrants to the DevOps scene. In this power panel at @DevOpsSummit at 18th Cloud Expo, moderated by DevOps Conference Chair Andi Mann, panelists discussed...
Wooed by the promise of faster innovation, lower TCO, and greater agility, businesses of every shape and size have embraced the cloud at every layer of the IT stack – from apps to file sharing to infrastructure. The typical organization currently uses more than a dozen sanctioned cloud apps and will shift more than half of all workloads to the cloud by 2018. Such cloud investments have delivered measurable benefits. But they’ve also resulted in some unintended side-effects: complexity and risk. ...
With the introduction of IoT and Smart Living in every aspect of our lives, one question has become relevant: What are the security implications? To answer this, first we have to look and explore the security models of the technologies that IoT is founded upon. In his session at @ThingsExpo, Nevi Kaja, a Research Engineer at Ford Motor Company, discussed some of the security challenges of the IoT infrastructure and related how these aspects impact Smart Living. The material was delivered interac...
It is ironic, but perhaps not unexpected, that many organizations who want the benefits of using an Agile approach to deliver software use a waterfall approach to adopting Agile practices: they form plans, they set milestones, and they measure progress by how many teams they have engaged. Old habits die hard, but like most waterfall software projects, most waterfall-style Agile adoption efforts fail to produce the results desired. The problem is that to get the results they want, they have to ch...
IoT solutions exploit operational data generated by Internet-connected smart “things” for the purpose of gaining operational insight and producing “better outcomes” (for example, create new business models, eliminate unscheduled maintenance, etc.). The explosive proliferation of IoT solutions will result in an exponential growth in the volume of IoT data, precipitating significant Information Governance issues: who owns the IoT data, what are the rights/duties of IoT solutions adopters towards t...
Today we can collect lots and lots of performance data. We build beautiful dashboards and even have fancy query languages to access and transform the data. Still performance data is a secret language only a couple of people understand. The more business becomes digital the more stakeholders are interested in this data including how it relates to business. Some of these people have never used a monitoring tool before. They have a question on their mind like “How is my application doing” but no id...