The fundamental advancements in mobile technology are changing the way consumers shop today. As mobile payment technology replaces plastic cards, consumers expect the same ease of use as paying with plastic, and the convenience of "everything being in my phone."
Yet the rapid advancements in the field of mobile payment create dilemmas for companies that want to embrace the opportunity. They are not sure of what kind of technology will be around for the long haul and they don't know which companies will provide them with the infrastructure flexibility they will need to deploy and ultimately evolve with the market. Consequently, some companies – particularly smaller ones – postpone decisions and miss opportunities to offer their customers the latest and most secure payment options available.
Beginning with Android's KitKat operating system release, Google now offers host card emulation or HCE, which stores payment credentials in the cloud instead of in the phone itself. The option introduces risks that the HCE-enabled app can be compromised. Businesses must weigh their choices carefully to ensure that every necessary step is taken to provide a secure environment for mobile payments, how to securely provision payment credentials, and how to refresh the payment "tokens."
Consumers need assurances that their smartphone mobile payment credentials will not be easy targets for hackers. Issues to be addressed are how to perfectly secure a consumer's information, store, and manage lifecycle events like lost/stolen, while still making it easy for the consumers. The user experience in paying at the point of sale has historically been defined mostly by Visa and MasterCard, as the primary rule makers of the payment industry. With the advent of mobile payments comes new technology implications that will establish new definition around how these digital payment solutions will work, and how they will be secured.