SecureKey Connect Authentication Service Supports Google Android HCE

  SecureKey Connect Authentication Service Supports Google Android

 Offers Greatest Flexibility for Storing Card Data Securely In the Cloud, On
                          the Mobile Device or Both

Business Wire

TORONTO -- December 16, 2013

SecureKey, the leading provider of trusted identity networks, today announced
that its Connect™ service can provide cloud-assisted device-based
user authentication for mobile Near Field Communication (NFC) payments or
other proximity transactions made using Google Android™ host-based card
emulation (HCE).

A new feature of the recently released Android 4.4 (Kit Kat), HCE allows any
Android mobile phone to act like a contactless debit, credit or other card
without needing a built-in secure element to store and protect the card data.

The strong, multi-factor authentication provided by the Connect
service offers banks and other card issuers the greatest flexibility for
ensuring the security of card data in their applications. It does this with or
without a hardware secure element and regardless of where the data is
stored—in the cloud, on the mobile device or both—and also supports emulation
of the full range of common payment card brands.

“We applaud Google for their efforts in opening up the mobile NFC market by
implementing host-based card emulation in the latest release of the Android
operating system, but HCE is only a part of the solution for enabling
high-value NFC-initiated transactions,” said Andre Boysen, executive vice
president of marketing for SecureKey. “The SecureKey Connect
service extends strong device authentication to the cloud, providing the
highest level of assurance for Android HCE transactions, greater confidence
that card data is securely stored in any application, and an improved user

The SecureKey Connect-based solution builds upon the work the
company has done providing similar authentication capabilities to MasterCard®
for its NFC-based MasterPass™ cloud-based mobile wallet to allow tap-and-pay
online transactions using NFC-enabled PCs.

SecureKey has already tested and confirmed the ability of the
Connect service to work with the HCE protocol to conduct a secure payment
transaction at a retail outlet using the standard acquirer-provided payment
terminal. Using a payment app developed by SecureKey to emulate a branded
payment card, the Connect service successfully validated the user
and the payment app, retrieved the secured card data and used the HCE protocol
on the mobile device to conduct the transaction.

The SecureKey Connect solution enables issuers to easily take
advantage of cloud-based tokenization trends for payment or other applications
that employ the consumer device as a token. The SecureKey solution also offers
easy integration into existing contactless smart card systems. It supports
current and future card reader infrastructures, as well as PC-based platforms,
and offers simple, efficient and proven integration with existing issuer
payment systems.

In addition to payment applications, the SecureKey solution is flexible and
provides the critical authentication needed to enable additional high-value
NFC-initiated applications in health care delivery, ticketing, public
transport and secure access, among others, and also opens the door for NFC ID

The SecureKey solution is extensible and technology-agnostic at the device
level, supporting both hardware and software secure elements and multiple
proximity interface protocols, including NFC, QR and Bluetooth low energy.

"Host-based card emulation is an exciting development for the proximity
market, but it is still an emerging technology, and there are still many
questions that need to be answered before it is widely deployed, including
ensuring that card data is securely stored without a hardware secure element,”
said David Birch, founding director of UK-based secure electronic transactions
specialists Consult Hyperion. “The SecureKey Connect solution
holds the promise of storing card data securely for a variety of high-value
NFC transactions with Android HCE by providing simple, strong authentication.”

About SecureKey Technologies Inc.

SecureKey is the leading provider of cloud-based, trusted identity networks
that reduce the burden, cost, and risks associated with user authentication.
The company's federated authentication solutions ensure that users are
properly authenticated regardless of the service, device or credential they
prefer to use. Organizations can quickly and easily deliver high-value online
services to millions of consumers and citizens with improved transaction
privacy, simplicity, and convenience. SecureKey is headquartered in Toronto,
with offices in Boston, Washington D.C., and San Francisco. The company is
backed by a world-class group of venture and corporate investors. For
additional information, please visit


Corman Communications, LLC
Patrick Corman, +1-650-326-9648
SecureKey Technologies Inc.
Sarah Douglas, 416-477-5625 ext. 5135
Director, Marketing Communications
Press spacebar to pause and continue. Press esc to stop.