The document compares two payment options for banks: OEM (Original Equipment Manufacturer) and HCE (Host Card Emulation), highlighting the benefits and drawbacks of each. OEM utilizes a secure element for payments, providing more security but with less flexibility, while HCE allows for easier deployment of mobile payments but has security vulnerabilities due to reliance on cloud processing. Ultimately, banks must choose the option that aligns best with their operational needs and customer requirements.

1. 1© Copyright Comviva Technologies Limited. 2015
HCE or OEM : Which option
should the banks go for?

2. 2© Copyright Comviva Technologies Limited. 2015
Overview of the Banking Ecosystem
 The power of several banking reforms, the immense complexity of the market and the powerful
bandwidth of mobile network operators are some of the factors that contributed in establishing the
wide network of new-age banking solutions in the world economy.
 The ease and intuitiveness with NFC technology opened up many opportunities for technology
players to innovate solutions and transform the banking ecosystem further.
 Thanks to a strong infrastructure and major players like Apple, Samsung and Google taking great
strides in the field of contactless payment system, today, the banks have an array of technological
options to choose from to facilitate transactions like OEM, HCE platforms, etc.

3. 3© Copyright Comviva Technologies Limited. 2015
OEM as a payment option
OEM or Original Equipment Manufacturer includes a device called a secure element (SE)
which mainly performs card emulation securing the storage of credentials and executing the
payment. The on-device secure element then sends the payment data to the contactless
terminal when the user acts with his smartphone.
+ -
• Use a token to send to a terminal, instead of
storing real card data in the SE.
• The platform owner owns and controls the SE.
• The approach is free from dependency on any
complex and convoluted process.
• Has no support for local schemes due to the
whole control over tokenization.
• The SE has limited storage and speed.
• Chances of safer transactions are less as when a
phone is stolen, fraudster attempting to transact
will still get the authorization.

4. 4© Copyright Comviva Technologies Limited. 2015
HCE technology in payment solutions
Host Card Emulation or HCE is a device technology that enables a phone to perform card
emulation on an NFC-enabled smart device. Google Wallet version 3.0 provides HCE for
android devices: Phone tapped on a contactless terminal communicated to the host OS by
NFC controller Virtual card number responded back Gets replaced with real card data at
Google’s servers authorization received transaction gets completed.
+ -
• Reduces complexities and transaction cost as, all
the processing is done by cloud servers.
• Helps the mobile wallet applications to
get converted into a virtual smart card and
support local schemes.
• Provides safety in case a fraudster attempts to
transact with a stolen phone as the transaction
succeeds only after servers’ authorization.
• The system needs to store and communicate with
real card data on the servers making transactions
less secured.
• The approach discourages the use of safer
methods of user authentication like biometric
fingerprint authentication.

5. 5© Copyright Comviva Technologies Limited. 2015
Which one banks should choose?
 Both Google Wallet (HCE platform) and ApplePay (OEM) have been facilitating the banks to create
a seamless system of mobile payments.
 Adapting HCE platform gives the banks an easier way to deploy the contactless payments system
as it frees them from the strenuous task of managing multiple relationships with OEMs, token
service providers, payment processors and many other external parties. Banks only need to
analyze and comprehend customer-driven solutions from the information gained in the process.
 HCE is not secured as compared to the Secured Element provided by OEMs, which requires a
tokenization process to ensure the transactions are completed securely.
 Sole objective in both options is to provide minimal contact with sound and secured transaction
protocol to customers, so banks should choose the option suited to their internal system.

6. 6© Copyright Comviva Technologies Limited. 2015
Disclaimer
Copyright © 2015: Comviva Technologies Ltd, Registered Office at A-26, Info City, Sector 34, Gurgaon-122001, Haryana, India.
All rights about this document are reserved and shall not be , in whole or in part, copied, photocopied, reproduced, translated, or reduced to any manner
including but not limited to electronic, mechanical, machine readable ,photographic, optic recording or otherwise without prior consent, in writing, of Comviva
Technologies Ltd (the Company).
The information in this document is subject to changes without notice. This describes only the product defined in the introduction of this documentation. This
document is intended for the use of prospective customers of the Company Products Solutions and or Services for the sole purpose of the transaction for which
the document is submitted. No part of it may be reproduced or transmitted in any form or manner whatsoever without the prior written permission of the
company. The Customer, who/which assumes full responsibility for using the document appropriately. The Company welcomes customer comments as part of the
process of continuous development and improvement.
The Company, has made all reasonable efforts to ensure that the information contained in the document are adequate, sufficient and free of material errors and
omissions. The Company will, if necessary, explain issues, which may not be covered by the document. However, the Company does not assume any liability of
whatsoever nature , for any errors in the document except the responsibility to provide correct information when any such error is brought to company’s
knowledge. The Company will not be responsible, in any event, for errors in this document or for any damages, incidental or consequential, including monetary
losses that might arise from the use of this document or of the information contained in it.
This document and the Products, Solutions and Services it describes are intellectual property of the Company and/or of the respective owners thereof, whether
such IPR is registered, registrable, pending for registration, applied for registration or not.
The only warranties for the Company Products, Solutions and Services are set forth in the express warranty statements accompanying its products and services.
Nothing herein should be construed as constituting an additional warranty. The Company shall not be liable for technical or editorial errors or omissions
contained herein.
The Company logo is a trademark of the Company. Other products, names, logos mentioned in this document , if any , may be trademarks of their respective
owners.
Thank you
Visit us at www.mahindracomviva.com

7. 7© Copyright Comviva Technologies Limited. 2015