Skip navigation
Please use this identifier to cite or link to this item:

Title: Host card emulation with tokenisation: security risk assessment
Authors: Fonte, Luís Pereira da
Oliveira, Valentim Vieira
Barros, João Paulo
Keywords: Host Card Emulation
Risk Assessment
Near-Field Communication
Mobile Device
Issue Date: Oct-2019
Publisher: APSI
Abstract: Host Card Emulation (HCE) is an architecture that provides virtual representation of contactless cards, enabling transactional communication for mobile devices with Near-Field Communication (NFC) support without the need of Secure Element (SE) hardware. Performing the card emulation mainly by software, usually in wallet-like applications which store payment tokens for enabling transactions, creates several risks that need to be properly evaluated in order to be able to materialise a risk-based implementation. This paper describes the HCEt and proposes the identification and assessment of its risks through a survey conducted to specialists in the subject matter, analysing the model from the point of view of a wallet application on a mobile device that stores payment tokens to be able to perform contactless transactions. Despite the increasing complexity and specialisation of software, hardware, and the respective technical cyberattacks we conclude that the human nature remains the easiest to exploit, with greater gains.
Peer reviewed: yes
Appears in Collections:D-ENG - Comunicações com peer review

Files in This Item:
File Description SizeFormat 
2019_CAPSI_2019_Host Card Emulation with Tokenisation Security Risk Assessment .pdf2.39 MBAdobe PDFView/Open

FacebookTwitterDeliciousLinkedInDiggGoogle BookmarksMySpace
Formato BibTex MendeleyEndnote Currículo DeGóis 

This item is licensed under a Creative Commons License Creative Commons