Secure payments

HCE payments

Introduced in Android KitKat (4.4) as a standard feature to enable the mobile to be used as a contactless card. Sotware residing in the device is used instead of a secure elemenet (SE).

For sensitive NFC transactions (ticketting, payments) security is important.


  • User credential is securely established in the trusted application
  • User credential persisted securely using the Kinibi secure file system
  • Secure channel established with the NFC reader
  • For payments, the TEE can calculate cryptograms
  • Logic associated with use of the credential implemented by the trusted application
  • Trused user interface to approve transactions