What is a Secure Element?

This entry was posted on Thursday, May 22nd, 2014.

A lot is happening in the ecosystem of secure elements (SEs). As more and more people own a sophisticated smartphone, both companies and consumers are looking for new or modernized types of

A lot is happening in the ecosystem of secure elements (SEs). As more and more people own a sophisticated smartphone, both companies and consumers are looking for new or modernized types of applications, such as contactless payments, identification, loyalty programs, transit, ticketing and many other uses yet to be identified. The SE plays a very important role in the world of secure mobile computing. This blog discusses the SE and its relation to cloud-based computing.

What is a Secure Element?

An SE is a tamper resistant hardware platform, capable of securely hosting applications and storing confidential and cryptographic data. For example, in the finance industry SEs are used to host personalized card applications and cryptographic keys required to perform financial (EMV) transactions at a point-of-sale terminal. SEs used in the identity market may hold biometric data or certificates which can be used for signing documents. Whichever purpose, the secure environment provided by the SE protects the user’s credentials ensuring the safety of the user’s data.

Presently, SEs materialize in four different form factors. Removable form factors are universal integrated circuit cards (UICCs) and microSD cards. Embedded Secure Elements (ESEs) are chips directly bonded on the device motherboard. The fourth form factor is the cloud-based secure element.

Cloud-Based Secure Elements

By moving the SE to a remote environment (the cloud), the cost and complexity of managing a physical SE can be reduced significantly, ensuring a consistent user experience yet maintaining the security features of the conventional SEs. Cloud based SEs allow consumers to make contactless payments, even without an internet connection, by using preloaded tokens.

Historically, it has been cumbersome to integrate an SE on a mobile device due to the complex business models and interdependencies required to establish the relationships between the many stakeholders involved in the ecosystem. This was the main reason the industry started to explore remote or cloud-based SEs. Yet, there was still something missing, a ‘Higgs particle’, preventing the breakthrough and widespread adoption of contactless NFC payments.

Host Card Emulation – the missing link

Last year, Google announced support of this missing link: host card emulation (HCE). HCE provides the bridge between the point-of-sale, the remote SE and the issuing banks. HCE does not require any changes to acquiring infrastructure nor optimization specifically to support NFC.