Mobile Payments

Thales eSecurity's products help you incorporate mobile payments into your business while maintaining the highest levels of performance and security

Mobile Card Payments

The proliferation of mobile devices such as smartphones and tablets not only gives consumers more choice, it also has the potential to dramatically expand the mobile payments technology ecosystem, bringing new players such as mobile operators and handset manufacturers into the mix. Multiple payment advocates are competing for attention, with each party advancing a different vision for where the consumer’s electronic wallet—the trusted source of credentials—should reside: on a card, on a phone, or in the Cloud. These various approaches to mobile payments technology create new challenges and in some cases have the potential to establish new business models. The traditional role of banks in issuing physical cards that are mailed to users could be replaced by new classes of intermediaries such as Trusted Service Managers (TSMs) that provide over-the-air provisioning capabilities to mobile devices.

While new mobility for the customer continues to inspire innovation, these changes also create new data protection challenges. Whether organizations are issuing payment security credentials and applications, accepting mobile payments, or processing payments on the back end, they must keep stored customer and account information secure. Mobile payment transactions must be protected, whether they occur via Near Field Communication (NFC) in a store, on a tablet computer, or using a mobile phone over a wireless network. And every organization involved must continue to comply with an evolving set of mobile payment security industry mandates.

Thales eSecurity products and services can help you secure your digital transformation to mobile payments while maintaining the highest levels of performance.

Watch our video, Securing mobile payments with Thales

With the market in flux and plenty of innovation still to come, organizations are challenged to:
  • Remain flexible, prepared to support a range of mobile payment scenarios and business models as mobile payments technology evolves.
  • Be alert to disruptive change that can disturb existing revenue streams.
  • Run traditional and mobile payments processes in parallel, while avoiding as much as possible the need for duplication of processing infrastructure and creation of unnecessary silos.
  • Keep abreast of emerging technologies and standards for issuing credentials and applications, making payments, and accepting payments—and the business opportunities and risks they create.
  • Accommodate peer-to-peer payments as they expand the market beyond the world of retail. Even in developing countries, the need to exchange funds has already triggered innovation beyond the traditional banking model.
  • Accelerate the transition to a cashless society by embracing micropayments for parking meters, vending machines, highway tolls, and other purchases that otherwise involve the unnecessary costs and inconvenience of handling cash.
  • Build relationships with new players, including mobile device suppliers, peer-to-peer payment services, wallet providers, TSM services, loyalty applications, consumer credit scoring agencies, and others.
Mobile Payments: Thales eSecurity Solutions

Products and services from Thales eSecurity can help you incorporate mobile payments into your business while maintaining the highest levels of performance and mobile payment security. The payShield 9000 hardware security module (HSM) incorporates specially designed functionality that enables various parties involved in the issuance of applications to mobile phones to securely provision those applications. In addition, other types of applications can be provisioned securely, including contactless payment card applications using NFC, peer-to-peer payments applications, and many more. The Thales solution is based on the GlobalPlatform Card Specification Version 2.2 and EMV Card Personalization Specification (CPS V1.1), providing the ability to establish a secure session with the Secure Element (SE) based on Global Platform Secure Channel Protocol 02 (SCP02) and to prepare secure messages for the SE.

Combining proven products with deep expertise and experience in credential management, payments-related regulations, and the full range of data protection challenges faced by today’s organizations, Thales can help you take full advantage of emerging opportunities—while maintaining a high-assurance infrastructure that is both efficient and fully compliant with emerging industry mandates and standards of due care.

Thales eSecurity’s solutions offer several benefits, including:
  • Uncover and address new data protection challenges arising from evolving mobile payments models and processes.
  • Manage cryptographic keys effectively across the mobile payments process.
  • Implement proven, certified, tamper-resistant security solutions without compromising performance.
  • Accelerate deployments; Thales products integrate out of the box with payment processing software from leading vendors.
  • Stay flexible to adapt to changes in mobile payments processes and business models.

Related Solutions

Creating a Trust Infrastructure to Support Mobile Payments

The primary goal of this white paper is to provide practical assistance to banks so that they can best leverage and extend their existing trust infrastructure in order to launch a new range of secure mobile-based payment solutions for their customers. Based on experience with solutions that are live today, the paper describes options to use a mobile phone to support contactless payments at POS (both with and without a Secure Element) and the growing trend for person-to-person payments initiated by a mobile app.

Learn More

Trust in the phone or trust in the cloud?

Learn More