Click here to close now.

SYS-CON MEDIA Authors: Dana Gardner, Elizabeth White, Liz McMillan, AppDynamics Blog, Pat Romanski

News Feed Item

INSIDE Secure Launches HCE-Based Software Payments Application

INSIDE Secure, a leader in embedded security solutions for mobile and connected devices, today announces at CARTES America the launch of a white-label Android application for Host Card Emulation (HCE) based payments. The new MatrixHCE product enables mobile payment application providers to accelerate time to market by using the pre-validated HCE payment functionality. It includes the highest level of software security to defend against any attacks in the hostile mobile environment.

Introduced on Android 4.4 (KitKat), Host Card Emulation (HCE) allows for contactless payments (and other services including loyalty programs, building access and transit passes) to be made directly between the consumers' bank mobile application and the retailers point-of-sale, using NFC technology. It allows sensitive data used to facilitate transactions to be stored on, and accessed from, cloud servers rather than a mobile device and without the use of a hardware secure element. HCE therefore enables widespread deployment of mobile payments, which have previously been restricted by the limited deployment of hardware secure elements in mobile devices. However HCE adoption has been hampered by the security concerns associated with software payment applications running on open mobile platforms. MatrixHCE combines INSIDE Secure’s long expertise in payments security with the software security expertise it gained from Metaforic, a company acquired by INSIDE Secure on April 5, 2014, to address these concerns and offer the highest possible level of software security.

MatrixHCE supports the HCE payment standards announced by major payment brands such as Mastercard and VISA, in preparation for the global commercial rollout later this year. It benefits from the software obfuscation and whitebox encryption security technologies developed by Metaforic. These have successfully undergone extensive penetration tests at external security labs. MatrixHCE also embeds secure networking communication technologies to protect the exchanges between the cloud server and the mobile application, thereby further protecting banking and payment data.

“The mobile payment market has tremendous potential and we are excited to bring this innovative offering to market to accelerate deployments,” said Simon Blake-Wilson, executive vice president of Mobile Security division at INSIDE Secure. “Our solution raises the bar on software security by combining application and cloud security to solve the critical problem in delivering workable HCE based payment solutions.”

With the addition of MatrixHCE, INSIDE Secure offers the most complete range of client security solutions for the payments market, comprising:

  • Micropass, consisting of chip, OS and payments applications for traditional card-based payments
  • VaultSEcure, a hardware secure element solution consisting of chip, OS and payments applications for hardware-based mobile payments
  • MatrixHCE, a white-label application, building on HCE for software-based mobile payments

INSIDE Secure is uniquely positioned as the only company able to provide security solutions for enterprise secure access, digital entertainment and financial services markets, the three key market drivers for mobile security. Benefitting from this expertise, MatrixHCE is built upon the trusted foundation of MatrixSSE, INSIDE’s software secure element, including anti-tampering and code obfuscation technologies, which allows the application to defend itself against malware, “man-in-the-app” attacks (Trojan horse) and communication spoofing attacks. MatrixSSE provides security capabilities for general applications, while MatrixHCE adds payment specific security mechanisms and transaction security capabilities on top of MatrixSSE. With this level of security, banks and financial applications providers who plan to deploy secure mobile apps can insure the highest level of protection for the payment transactions.

About INSIDE Secure

INSIDE Secure (NYSE Euronext Paris FR0010291245 – INSD) provides comprehensive embedded security solutions. World-leading companies rely on INSIDE Secure’s mobile security and secure transaction offerings to protect critical assets including connected devices, content, services, identity and transactions. Unmatched security expertise combined with a comprehensive range of IP, semiconductors, software and associated services gives INSIDE Secure customers a single source for advanced solutions and superior investment protection. For more information, visit www.insidesecure.com.

More Stories By Business Wire

Copyright © 2009 Business Wire. All rights reserved. Republication or redistribution of Business Wire content is expressly prohibited without the prior written consent of Business Wire. Business Wire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo in Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading in...
SAP is delivering break-through innovation combined with fantastic user experience powered by the market-leading in-memory technology, SAP HANA. In his General Session at 15th Cloud Expo, Thorsten Leiduck, VP ISVs & Digital Commerce, SAP, discussed how SAP and partners provide cloud and hybrid cloud solutions as well as real-time Big Data offerings that help companies of all sizes and industries run better. SAP launched an application challenge to award the most innovative SAP HANA and SAP HANA...
The widespread success of cloud computing is driving the DevOps revolution in enterprise IT. Now as never before, development teams must communicate and collaborate in a dynamic, 24/7/365 environment. There is no time to wait for long development cycles that produce software that is obsolete at launch. DevOps may be disruptive, but it is essential. The DevOps Summit at Cloud Expo – to be held June 3-5, 2015, at the Javits Center in New York City – will expand the DevOps community, enable a wide...
P2P RTC will impact the landscape of communications, shifting from traditional telephony style communications models to OTT (Over-The-Top) cloud assisted & PaaS (Platform as a Service) communication services. The P2P shift will impact many areas of our lives, from mobile communication, human interactive web services, RTC and telephony infrastructure, user federation, security and privacy implications, business costs, and scalability. In his session at @ThingsExpo, Robin Raymond, Chief Architect...
There is no question that the cloud is where businesses want to host data. Until recently hypervisor virtualization was the most widely used method in cloud computing. Recently virtual containers have been gaining in popularity, and for good reason. In the debate between virtual machines and containers, the latter have been seen as the new kid on the block – and like other emerging technology have had some initial shortcomings. However, the container space has evolved drastically since coming on...
Explosive growth in connected devices. Enormous amounts of data for collection and analysis. Critical use of data for split-second decision making and actionable information. All three are factors in making the Internet of Things a reality. Yet, any one factor would have an IT organization pondering its infrastructure strategy. How should your organization enhance its IT framework to enable an Internet of Things implementation? In his session at Internet of @ThingsExpo, James Kirkland, Chief Ar...
The 17th International Cloud Expo has announced that its Call for Papers is open. 17th International Cloud Expo, to be held November 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, brings together Cloud Computing, APM, APIs, Microservices, Security, Big Data, Internet of Things, DevOps and WebRTC to one location. With cloud computing driving a higher percentage of enterprise IT budgets every year, it becomes increasingly important to plant your flag in this fast-expanding bu...
Cloud Expo, Inc. has announced today that Andi Mann returns to DevOps Summit 2015 as Conference Chair. The 4th International DevOps Summit will take place on June 9-11, 2015, at the Javits Center in New York City. "DevOps is set to be one of the most profound disruptions to hit IT in decades," said Andi Mann. "It is a natural extension of cloud computing, and I have seen both firsthand and in independent research the fantastic results DevOps delivers. So I am excited to help the great team at ...
All major researchers estimate there will be tens of billions devices - computers, smartphones, tablets, and sensors - connected to the Internet by 2020. This number will continue to grow at a rapid pace for the next several decades. With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo, June 9-11, 2015, at the Javits Center in New York City. Learn what is going on, contribute to the discussions, and ensure that your enter...
The security devil is always in the details of the attack: the ones you've endured, the ones you prepare yourself to fend off, and the ones that, you fear, will catch you completely unaware and defenseless. The Internet of Things (IoT) is nothing if not an endless proliferation of details. It's the vision of a world in which continuous Internet connectivity and addressability is embedded into a growing range of human artifacts, into the natural world, and even into our smartphones, appliances, a...
In a recent research, analyst firm IDC found that the average cost of a critical application failure is $500,000 to $1 million per hour and the average total cost of unplanned application downtime is $1.25 billion to $2.5 billion per year for Fortune 1000 companies. In addition to the findings on the cost of the downtime, the research also highlighted best practices for development, testing, application support, infrastructure, and operations teams.
There is no doubt that Big Data is here and getting bigger every day. Building a Big Data infrastructure today is no easy task. There are an enormous number of choices for database engines and technologies. To make things even more challenging, requirements are getting more sophisticated, and the standard paradigm of supporting historical analytics queries is often just one facet of what is needed. As Big Data growth continues, organizations are demanding real-time access to data, allowing immed...
T-Mobile has been transforming the wireless industry with its “Uncarrier” initiatives. Today as T-Mobile’s IT organization works to transform itself in a like manner, technical foundations built over the last couple of years are now key to their drive for more Agile delivery practices. In his session at DevOps Summit, Martin Krienke, Sr Development Manager at T-Mobile, will discuss where they started their Continuous Delivery journey, where they are today, and where they are going in an effort ...
Enterprises are fast realizing the importance of integrating SaaS/Cloud applications, API and on-premises data and processes, to unleash hidden value. This webinar explores how managers can use a Microservice-centric approach to aggressively tackle the unexpected new integration challenges posed by proliferation of cloud, mobile, social and big data projects. Industry analyst and SOA expert Jason Bloomberg will strip away the hype from microservices, and clearly identify their advantages and d...
Container frameworks, such as Docker, provide a variety of benefits, including density of deployment across infrastructure, convenience for application developers to push updates with low operational hand-holding, and a fairly well-defined deployment workflow that can be orchestrated. Container frameworks also enable a DevOps approach to application development by cleanly separating concerns between operations and development teams. But running multi-container, multi-server apps with containers ...