Welcome!

News Feed Item

INSIDE Secure Launches HCE-Based Software Payments Application

INSIDE Secure, a leader in embedded security solutions for mobile and connected devices, today announces at CARTES America the launch of a white-label Android application for Host Card Emulation (HCE) based payments. The new MatrixHCE product enables mobile payment application providers to accelerate time to market by using the pre-validated HCE payment functionality. It includes the highest level of software security to defend against any attacks in the hostile mobile environment.

Introduced on Android 4.4 (KitKat), Host Card Emulation (HCE) allows for contactless payments (and other services including loyalty programs, building access and transit passes) to be made directly between the consumers' bank mobile application and the retailers point-of-sale, using NFC technology. It allows sensitive data used to facilitate transactions to be stored on, and accessed from, cloud servers rather than a mobile device and without the use of a hardware secure element. HCE therefore enables widespread deployment of mobile payments, which have previously been restricted by the limited deployment of hardware secure elements in mobile devices. However HCE adoption has been hampered by the security concerns associated with software payment applications running on open mobile platforms. MatrixHCE combines INSIDE Secure’s long expertise in payments security with the software security expertise it gained from Metaforic, a company acquired by INSIDE Secure on April 5, 2014, to address these concerns and offer the highest possible level of software security.

MatrixHCE supports the HCE payment standards announced by major payment brands such as Mastercard and VISA, in preparation for the global commercial rollout later this year. It benefits from the software obfuscation and whitebox encryption security technologies developed by Metaforic. These have successfully undergone extensive penetration tests at external security labs. MatrixHCE also embeds secure networking communication technologies to protect the exchanges between the cloud server and the mobile application, thereby further protecting banking and payment data.

“The mobile payment market has tremendous potential and we are excited to bring this innovative offering to market to accelerate deployments,” said Simon Blake-Wilson, executive vice president of Mobile Security division at INSIDE Secure. “Our solution raises the bar on software security by combining application and cloud security to solve the critical problem in delivering workable HCE based payment solutions.”

With the addition of MatrixHCE, INSIDE Secure offers the most complete range of client security solutions for the payments market, comprising:

  • Micropass, consisting of chip, OS and payments applications for traditional card-based payments
  • VaultSEcure, a hardware secure element solution consisting of chip, OS and payments applications for hardware-based mobile payments
  • MatrixHCE, a white-label application, building on HCE for software-based mobile payments

INSIDE Secure is uniquely positioned as the only company able to provide security solutions for enterprise secure access, digital entertainment and financial services markets, the three key market drivers for mobile security. Benefitting from this expertise, MatrixHCE is built upon the trusted foundation of MatrixSSE, INSIDE’s software secure element, including anti-tampering and code obfuscation technologies, which allows the application to defend itself against malware, “man-in-the-app” attacks (Trojan horse) and communication spoofing attacks. MatrixSSE provides security capabilities for general applications, while MatrixHCE adds payment specific security mechanisms and transaction security capabilities on top of MatrixSSE. With this level of security, banks and financial applications providers who plan to deploy secure mobile apps can insure the highest level of protection for the payment transactions.

About INSIDE Secure

INSIDE Secure (NYSE Euronext Paris FR0010291245 – INSD) provides comprehensive embedded security solutions. World-leading companies rely on INSIDE Secure’s mobile security and secure transaction offerings to protect critical assets including connected devices, content, services, identity and transactions. Unmatched security expertise combined with a comprehensive range of IP, semiconductors, software and associated services gives INSIDE Secure customers a single source for advanced solutions and superior investment protection. For more information, visit www.insidesecure.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
Organizations planning enterprise data center consolidation and modernization projects are faced with a challenging, costly reality. Requirements to deploy modern, cloud-native applications simultaneously with traditional client/server applications are almost impossible to achieve with hardware-centric enterprise infrastructure. Compute and network infrastructure are fast moving down a software-defined path, but storage has been a laggard. Until now.
We're entering the post-smartphone era, where wearable gadgets from watches and fitness bands to glasses and health aids will power the next technological revolution. With mass adoption of wearable devices comes a new data ecosystem that must be protected. Wearables open new pathways that facilitate the tracking, sharing and storing of consumers’ personal health, location and daily activity data. Consumers have some idea of the data these devices capture, but most don’t realize how revealing and...
Kubernetes is a new and revolutionary open-sourced system for managing containers across multiple hosts in a cluster. Ansible is a simple IT automation tool for just about any requirement for reproducible environments. In his session at @DevOpsSummit at 18th Cloud Expo, Patrick Galbraith, a principal engineer at HPE, discussed how to build a fully functional Kubernetes cluster on a number of virtual machines or bare-metal hosts. Also included will be a brief demonstration of running a Galera M...
Unless your company can spend a lot of money on new technology, re-engineering your environment and hiring a comprehensive cybersecurity team, you will most likely move to the cloud or seek external service partnerships. In his session at 18th Cloud Expo, Darren Guccione, CEO of Keeper Security, revealed what you need to know when it comes to encryption in the cloud.
"We build IoT infrastructure products - when you have to integrate different devices, different systems and cloud you have to build an application to do that but we eliminate the need to build an application. Our products can integrate any device, any system, any cloud regardless of protocol," explained Peter Jung, Chief Product Officer at Pulzze Systems, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
"We are an all-flash array storage provider but our focus has been on VM-aware storage specifically for virtualized applications," stated Dhiraj Sehgal of Tintri in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
In his general session at 19th Cloud Expo, Manish Dixit, VP of Product and Engineering at Dice, discussed how Dice leverages data insights and tools to help both tech professionals and recruiters better understand how skills relate to each other and which skills are in high demand using interactive visualizations and salary indicator tools to maximize earning potential. Manish Dixit is VP of Product and Engineering at Dice. As the leader of the Product, Engineering and Data Sciences team at D...
It's easy to assume that your app will run on a fast and reliable network. The reality for your app's users, though, is often a slow, unreliable network with spotty coverage. What happens when the network doesn't work, or when the device is in airplane mode? You get unhappy, frustrated users. An offline-first app is an app that works, without error, when there is no network connection. In his session at 18th Cloud Expo, Bradley Holt, a Developer Advocate with IBM Cloud Data Services, discussed...
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at 20th Cloud Expo, Ed Featherston, director/senior enterprise architect at Collaborative Consulting, will discuss the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
Between 2005 and 2020, data volumes will grow by a factor of 300 – enough data to stack CDs from the earth to the moon 162 times. This has come to be known as the ‘big data’ phenomenon. Unfortunately, traditional approaches to handling, storing and analyzing data aren’t adequate at this scale: they’re too costly, slow and physically cumbersome to keep up. Fortunately, in response a new breed of technology has emerged that is cheaper, faster and more scalable. Yet, in meeting these new needs they...
In addition to all the benefits, IoT is also bringing new kind of customer experience challenges - cars that unlock themselves, thermostats turning houses into saunas and baby video monitors broadcasting over the internet. This list can only increase because while IoT services should be intuitive and simple to use, the delivery ecosystem is a myriad of potential problems as IoT explodes complexity. So finding a performance issue is like finding the proverbial needle in the haystack.
When it comes to cloud computing, the ability to turn massive amounts of compute cores on and off on demand sounds attractive to IT staff, who need to manage peaks and valleys in user activity. With cloud bursting, the majority of the data can stay on premises while tapping into compute from public cloud providers, reducing risk and minimizing need to move large files. In his session at 18th Cloud Expo, Scott Jeschonek, Director of Product Management at Avere Systems, discussed the IT and busin...
According to Forrester Research, every business will become either a digital predator or digital prey by 2020. To avoid demise, organizations must rapidly create new sources of value in their end-to-end customer experiences. True digital predators also must break down information and process silos and extend digital transformation initiatives to empower employees with the digital resources needed to win, serve, and retain customers.
"We are the public cloud providers. We are currently providing 50% of the resources they need for doing e-commerce business in China and we are hosting about 60% of mobile gaming in China," explained Yi Zheng, CPO and VP of Engineering at CDS Global Cloud, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Fact is, enterprises have significant legacy voice infrastructure that’s costly to replace with pure IP solutions. How can we bring this analog infrastructure into our shiny new cloud applications? There are proven methods to bind both legacy voice applications and traditional PSTN audio into cloud-based applications and services at a carrier scale. Some of the most successful implementations leverage WebRTC, WebSockets, SIP and other open source technologies. In his session at @ThingsExpo, Da...