ICICI Bank has enabled HCE through its wallet.
Imagine walking into a department store , picking out all the things you need ( and don’t really need), and queuing up at the billing counter only to realise that you forgot your wallet at home. Usually , walking out empty- handed is the only option. Today , enabling virtual cards on your phone can save you this or deal and perhaps , you can make forgetting wallet at home a usual practise.
Touted to be the future of mobile payments , a virtual card is securely saved on the cloud to let you transact without producing a physical card or entering a PIN at the merchant’s. The host card emulation (HCE) technology enables a computerised emulation of your physical debit/credit card on you smartphone within a bank’s mobile app. HCE for offline retail works closely with near field communication (NFC) , and both the smartphones and the point-of-sale terminal or machine need to be NFC-enabled for the transaction.
ICICI Bank has already leveraged HCE technology to launch India’s first contactless mobile payments solution, which is available in the bank’s “Pockets” app , eliminating the need to carry a physical card or cash to pay in stores that support contactless payments. The virtual card stored on the phone bears a different card number , while the credit limit and expiry date remain the same as on the physical card. A customer needs to just wave the NFC-enabled mobile phone with a virtual card in front of the terminal to make payment. Launched in April this year, the bank claims that close to 2,500 of its customers are already using this technology.
Since this is a cloud based technology , it can enable a large number of customers to avail contactless payments without the hassle of re-carding their existing physical card.
HDFC Bank is also working on a mobile payments service that will support NFC, HCE and QR code based payments. This will be integrated in the bank’s PayZapp mobile app that contains a prepaid card, SBI cards too, is working on the same technology. However , there are only 100,000 NFC enabled terminals across the country that accept contactless ( or tap and pay) payment solutions. By the end of March next year , the industry expects close to 200,000 terminals to come up.
Vouchers for the security and convenience of HCE. ” With explosion of smartphone adoption in India, most consumers already have a high-end device that can initiate NFC transactions. Hence , HCE has the potential to become a popular alternative form of payment from the mobile. Since the card credentials are tokenised , and also helps in device identifications and other validations. It rides on the EMV contactless acceptance infrastructure , which is already in place in India.
This technology can be used for online transaction as well. For instance , ICICI Bank has launched a quick checkout facility for existing credit and debit customers where in nothing has to keyed in. The verification is done within phone itself and the customer has to only enter the CVV number to make payment. The service is currently live on a few select websites.
To activate Virtual Card.
- Download Pockets App from play store on your NFC-enabled Android smartphone.
- Login with four digit MPIN.
- Click on touch & Pay icon.
- Activate virtual card/s , which will be linked to existing debit or credit card/s.
To make Payment.
- Log in to the wallet app with MPIN.
- Select Touch & Pay.
- Select the virtual Card.
- Bring the phone near merchant terminal where contactless payment is accepted; touch on ‘ Tap Now’ to make a payment.
What’s the big deal?
While it all sounds fancy , do we really need this technology , especially since the standard procedure of swiping cards is convenient and popular? Experts say that making payments through the HCE client app is quicker-it only takes one fourth of the time to make the payment compare to regular swipe/chip payment methods. But the biggest benefit of HCE is that it makes transactions much more secure. Whenever you swipe your card, all your personal account details are passed on to the merchant; but not with HCE. On your smartphone only the last four digits of your virtual card will be visible as you tap to make the payment.
A one-time unique token number is created by the bank’s server, which is encrypted and send to the merchant’s terminal, without disclosing any other information.
Card tokenisation for data security is used where it substitutes sensitive data with a token, which in-turn traces back to the card details with the merchant, but the only the token. It reduces the risk of accidental exposure or unauthorised access to sensitive card data.
The chances of a virtual card being misused are almost negligible. Firstly , virtual card payments can be done only through the registered SIM. Secondly, even if a customer loses his/her mobile phone, there would not be any loss of confidential information, because the virtual card-accessible only through the app-requires the MPIN, Which only the card holder has, besides even if the app has been launched the session expires after 10-seconds , which reduces the chances of misuse of a great extent. Lastly , as per RBI regulations , only transactions of up to 2000 can be performed using mobile contactless solutions. There is still a long HCE’s popularity to pervade, but when it does, pickpockets will be out of business.