{"id":1107,"date":"2014-09-01T15:39:51","date_gmt":"2014-09-01T15:39:51","guid":{"rendered":"http:\/\/www.gmarwaha.com\/blog\/?p=1107"},"modified":"2014-09-22T02:46:31","modified_gmt":"2014-09-22T02:46:31","slug":"mobile-payments-what-is-a-secure-element","status":"publish","type":"post","link":"https:\/\/www.gmarwaha.com\/blog\/2014\/09\/01\/mobile-payments-what-is-a-secure-element\/","title":{"rendered":"Mobile Payments: What is a Secure Element?"},"content":{"rendered":"<h4 style=\"text-align: justify;\">What is a Secure Element (SE)?<\/h4>\n<p style=\"text-align: justify;\">\n<div class=\"row-fluid\" style=\"min-height:0;\">\n<div class=\"span12\" style=\"min-height:0; border-bottom:1px dotted rgba(0,0,0,0.1); margin-top:10px; margin-bottom:10px; \"><\/div>\n<\/div>\n<\/p><p style=\"text-align: justify;\"><a href=\"http:\/\/www.globalplatform.org\/\">GlobalPlatform<\/a> defines Secure Element (SE) as\u00a0a tamper-resistant platform capable of securely hosting applications and their confidential and cryptographic data in accordance with the rules and security requirements set forth by a set of well-identified trusted authorities. Put simply, a Secure Element can be considered to be a chip that offers a dynamic environment to\u00a0store data securely, process data securely and perform communication with external entities securely. If you try to mess with it by tampering in any form, it may self-destruct, but will not allow you to gain unauthorized access.<\/p>\n<p style=\"text-align: justify;\">While not all <a href=\"http:\/\/www.gmarwaha.com\/blog\/2014\/08\/03\/mobile-payments-what-is-nfc\/\">NFC<\/a> applications require security, those that involve financial transactions do. The Secure Element resides in highly secure cryto chips. It also\u00a0provides delimited memory for each application stored in it and other functions that can encrypt, decrypt and sign the data packet.<\/p>\n<p style=\"text-align: justify;\">In today&#8217;s smartphones, a Secure Element can be found as a chip <code>embedded<\/code> directly into the phone&#8217;s hardware, or in a <code>SIM\/UICC<\/code> card provided by your network operator or in an <code>SD card<\/code> that can be inserted into the mobile phone.<\/p>\n<p style=\"text-align: justify;\">To put things into context, when you are using an\u00a0NFC enabled mobile device\u00a0to <a href=\"http:\/\/www.gmarwaha.com\/blog\/2014\/05\/11\/mobile-payments-what-is-tap-pay\/\">Tap &amp; Pay<\/a>, the NFC controller goes into <a href=\"http:\/\/www.gmarwaha.com\/blog\/2014\/08\/07\/mobile-payments-what-is-nfc-card-emulation-mode\/\">card-emulation<\/a> mode. The NFC controller itself does not deal with the data or processing associated with the payment transaction. It is just an interface that allows communication using standard protocols.<\/p>\n<p style=\"text-align: justify;\">It is the Secure Element that actually emulates the <a href=\"http:\/\/www.gmarwaha.com\/blog\/2014\/05\/11\/mobile-payments-what-is-a-contactless-chip-card\/\">contactless card<\/a>. It performs handshake with the terminal, sends the right responses to the right queries, generates dynamic cryptograms, authenticates the stored card and so on.\u00a0\u00a0To take it a step further and be even more accurate, it is not the Secure Element that emulates the card. The software that emulates a <a href=\"http:\/\/www.gmarwaha.com\/blog\/2014\/05\/11\/mobile-payments-what-is-a-contactless-chip-card\/\">contactless card<\/a> is the one that is stored inside the secure element in the form of payment applications or applets. The Secure Element provides secure\u00a0storage and execution environment for the payment applications to do its job.<\/p>\n<p style=\"text-align: justify;\">Secure Element is not a necessity to\u00a0emulate contactless cards although it is the most secure to date.\u00a0An alternative is to use Host-based Card Emulation (HCE) which moves the secure storage and execution environment to the cloud instead of the Secure Element. We will discuss <code>HCE<\/code>\u00a0next.<\/p>\n<h4 style=\"text-align: justify; margin-top: 30px;\">Mobile Payments Blog Series<\/h4>\n<p style=\"text-align: justify;\">\n<div class=\"row-fluid\" style=\"min-height:0;\">\n<div class=\"span12\" style=\"min-height:0; border-bottom:1px dotted rgba(0,0,0,0.1); margin-top:10px; margin-bottom:10px; \"><\/div>\n<\/div>\n<\/p><p style=\"text-align: justify;\">Welcome to the <a href=\"http:\/\/www.gmarwaha.com\/blog\/2014\/01\/24\/mobile-payments-faq-and-not-so-faq\/\">Mobile payments FAQ and\u00a0not so FAQ<\/a>\u00a0series\u00a0and you are on FAQ\u00a0#14.\u00a0The idea behind this series is to\u00a0share and learn as much as possible about the field of mobile payments.\u00a0If you like, you can read all of the FAQs on the <a href=\"http:\/\/www.gmarwaha.com\/blog\/category\/mobile-payments\/\">Mobile Payments<\/a>\u00a0category or by visiting the <a href=\"http:\/\/www.gmarwaha.com\/blog\/mobile-payments-faq\/\">Table of contents<\/a> page.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>What is a Secure Element (SE)? GlobalPlatform defines Secure Element (SE) as\u00a0a tamper-resistant platform capable of securely hosting applications and their confidential and cryptographic data in accordance with the rules and security requirements set forth by a set of well-identified trusted authorities. Put simply, a Secure Element can be considered to be a chip that offers a dynamic environment to\u00a0store data securely, process data securely and perform communication with external entities securely. If you try to mess with it by tampering in any form, it may self-destruct, but will not allow you to gain unauthorized access. While not all NFC... <br \/><a class=\"moretag\" href=\"https:\/\/www.gmarwaha.com\/blog\/2014\/09\/01\/mobile-payments-what-is-a-secure-element\/\">Continue reading...<\/a>","protected":false},"author":1,"featured_media":1013,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"image","meta":{"footnotes":""},"categories":[52,48,49,53],"tags":[],"class_list":["post-1107","post","type-post","status-publish","format-image","has-post-thumbnail","hentry","category-emv","category-mobile-payments","category-nfc","category-secure-element","post_format-post-format-image"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/www.gmarwaha.com\/blog\/wp-json\/wp\/v2\/posts\/1107","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.gmarwaha.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.gmarwaha.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.gmarwaha.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.gmarwaha.com\/blog\/wp-json\/wp\/v2\/comments?post=1107"}],"version-history":[{"count":3,"href":"https:\/\/www.gmarwaha.com\/blog\/wp-json\/wp\/v2\/posts\/1107\/revisions"}],"predecessor-version":[{"id":1164,"href":"https:\/\/www.gmarwaha.com\/blog\/wp-json\/wp\/v2\/posts\/1107\/revisions\/1164"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.gmarwaha.com\/blog\/wp-json\/wp\/v2\/media\/1013"}],"wp:attachment":[{"href":"https:\/\/www.gmarwaha.com\/blog\/wp-json\/wp\/v2\/media?parent=1107"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.gmarwaha.com\/blog\/wp-json\/wp\/v2\/categories?post=1107"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.gmarwaha.com\/blog\/wp-json\/wp\/v2\/tags?post=1107"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}