Talk:Host card emulation

Latest comment: 3 months ago by Atlant in topic this article needs rewriting

Unnamed section

edit

I wonder about the security vulnerability it raises: while SE/Smart card conduct the transaction protocol in cleartext behind the best known physical protection, HCE's application conduct it in one of the worst environment known today in temrs of security - Android. In other words, any targeted attack could plug into the process instead or in addition to pyament App?

where am I wrong? Did I miss something? I invite anyone to respond, especially the writers of this entry

Thx Sharon Peleg

Sharon, HCE is a communication architecture that allows the Near field communication radio of a mobile device to communication with more than just the SE. No doubt SE are very secure, Well expect for when the NSA hacks into them like in the case of Gemalto. Regardless, this post is meant to be a informational post based on fact. Security or how an individual or company uses HCE or SE or QR 3Dsecure, etc. is up to that individual or company. — Preceding unsigned comment added by Theodore9dw (talkcontribs) 06:19, 1 March 2015 (UTC)Reply

Apple Pay

edit

Initially I felt Apple Pay uses HCE, but found they use a chip Secure Element.

Tag.sb (talk) 04:06, 24 October 2014 (UTC)Reply

Hijacking of credit

edit

Please do not attribute the creation of the term to a private company name 'Simplytapp' without any sufficient citation. Card Emulation exists since around 2010, 2 years before the creation of that company. — Preceding unsigned comment added by Sawadikap (talkcontribs) 18:24, 25 February 2015 (UTC)Reply

Unfortunately, your statement is incorrect. The first use of the term "Host Card Emulation" was used by SimplyTapp and published by Engadget and NFCworld as the citation pointed out. — Preceding unsigned comment added by Theodore9dw (talkcontribs) 06:13, 1 March 2015 (UTC)Reply
This edit removed the mentioning of SimplyTapp, which was rather fine as the statement has been marked with {{Citation needed}} since October 2014. Also, this edit deleted more content, what I also find rather fine as "host card emulation" isn't even mentioned in the provided reference; we'd need a better reference if it is to be restored. — Dsimic (talk | contribs) 09:23, 1 March 2015 (UTC)Reply


The first reference to anything HCE related in a public medium was run by Sarah Clark of NFCworld. http://www.nfcworld.com/2012/09/19/317966/simplytapp-proposes-secure-elements-in-the-cloud/

Any reference to something called HCE prior to this has never been found. We did talk about Blackberry's version of what they believe was HCE however they called it "Remote object targeting"....yeah really crappy name on a really crappy OS unfortunately.

I do not take offense to the term HCE+ as prompted by this App company, they just need to have their own post in Wikipedia it the term has any merit. Right now their website is rather suspect considering they have posts in there that reference information that clearly took place after the cited date of the post. Just look for their reference to the inclusion of HCE in Android, took place in 2013, that is included in their post regarding their decision not to use HCE because of the security issues in 2012. Furthermore, no body in the industry has ever heard of "HCE+". Google it and you will see what I mean.

I could have made this post a complete spam but instead sought to keep it 100% factual.Theodore9dw (talk) 21:15, 16 March 2015 (UTC)Reply

NFC emulation doesn't use SIM cards

edit
"Prior to the HCE architecture, NFC transactions were mainly carried out using secure elements, which were integrated into carrier-issued SIM cards.[1]" -- https://en.wiki.x.io/w/index.php?title=Host_card_emulation&oldid=702216788

The citation suggests "[Prior to HCE], the card is emulated by a separate chip in the device, called a secure element." Which supports "Prior to the HCE architecture, NFC transactions were mainly carried out using secure elements." Although the citation mentions that "Many SIM cards ... contain a secure element." This does not imply that the secure element used for emulation were SIM cards. I'll drop "which were integrated into carrier-issued SIM cards." — Preceding unsigned comment added by 194.213.3.4 (talk) 14:51, 1 March 2016 (UTC)Reply

References

  1. ^ "Host-based Card Emulation". developer.android.com. Retrieved March 1, 2015.

Host card emulation vs. Host-based card emulation

edit

It seems that host card emulation, as defined by its inventor Yeager, is a software architecture that virtualizes NFC cards using "remote secure element." By comparison, host-based card emulation, as defined by Google, is a software architecture that virtualizes NFC cards using software only. Hence, there seems to be an issue with terminology.

References

edit

this article needs rewriting

edit

badly written article - sometimes reads like an industry advert, sometimes reads like a tech brief whitepaper from a vendor

android & google plenty mentioned, but ios & apple not mentioned (I'm personally indiferent so no bias from me) — Preceding unsigned comment added by 24.6.93.235 (talk) 04:31, 7 March 2016 (UTC)Reply

It made sense in the days before Apple announced support for HCE but now, since iOS 17.4, you're correct; the article should be expanded. Atlant (talk) 17:53, 17 September 2024 (UTC)Reply