FIME and Thales Team Up on Host Card Emulation
New offering provides complete functional and security testing for HCE to NFC service providers and issuing banks
26 February 2015 – Advanced testing and consultancy provider, FIME and leading player in cybersecurity, Thales have announced the launch of a joint offering for the host card emulation (HCE) mobile services market. The partners have combined expertise to provide near field communication (NFC) service providers and issuing banks with a complete three-phase portfolio of functional and security consultancy and testing services.
From project initiation, FIME combines its established HCE training and consultancy package with support for specification development, request for proposal (RFP) drafting, pilot assessment and test plan advancements. At the same time, on the security side, Thales offers security pre-assessment and consulting to ensure the product or system is ready for official security evaluation.
In the second phase, FIME supports service providers and issuers with functional testing for their HCE mobile applications and servers, to ensure they work as intended once live in the market. Finally, Thales manages the security evaluation and certification, including analysis of the product documentation, source code examination which can either be conducted in its laboratory or at the customer’s premises, and penetration testing to confirm the resistance of the application to external threats.
“This is a new and rapidly evolving technology,” comments Stephanie El Rhomri, NFC & Payments Business Line Manager at FIME. “Service providers can draw on this partnership’s collective expertise to develop and launch fully functional, secure cloud-based NFC mobile services quicker, cheaper and more simply. We have a long history of working closely with the schemes and are carrying our NFC chip-based knowledge through into the cloud market to ensure product interoperability, a seamless user experience and to promote market confidence.”
Stanislas de Maupeou, Director for Cybersecurity Consulting & Evaluation at Thales, adds: “By working together, Thales and FIME are now able to assess and validate any form factor of NFC mobile application; whether it is to be deployed traditionally to a secure element via a trusted service manager (TSM) or to the cloud via HCE and token service providers. This collaboration is already supporting banks and service providers in reaching more customers than ever before with their applications, while ensuring they work as they should and meet the required security levels.”
Contact FIME and Thales to learn more.
Read FIME’s white paper on NFC security:
FIME is a trusted provider of consulting services, certification and tools. It enables customers to bring seamless card and mobile transactions services to market effectively and confidently using secure chip or cloud-based solutions.
Working with the payment, telecom, transit and identity sectors, FIME is an implementation services partner for customers using contact and contactless EMV, Near Field Communication (NFC), trusted service manager (TSM), trusted execution environment (TEE) and host card emulation (HCE) technologies. FIME supports customers from project initiation to completion by advising on technical requirements, consulting on industry regulations certification authority implementation and streamlining testing and certification activity.
With 12 offices around the world, serving more than 3,000 clients in 13 languages, FIME’s customers benefit from a combination of global expertise and local knowledge through a single point of contact. FIME’s dedicated team uses its expertise to create and actively contribute to the advancement and simplification of certification processes. Its service capacity also provides resource scalability to adapt to individual customer needs.
FIME currently has operations across America (Canada and the United States), Asia (Japan, South Korea and Taiwan), Europe (France), India and the Middle East (Dubai).
FIME partners with leading payment schemes and industry bodies to provide consultancy and certification services for: American Express, Calypso Networks Association, China UnionPay, Discover, eftpos, EMVCo, EMV Migration Forum, First Data, Global Certification Forum (GCF), GlobalPlatform, GSMA, Interac, JCB, MasterCard, Network for Electronic Transfers (NETS), NFC Forum, National Payments Corporation of India (NPCI), National Standard for Chip Card Specification (NSICC), OSCar Consortium, Softcard and Visa.
Thales is a global technology leader in the Aerospace, Transportation, Defence and Security markets. In 2013, the company generated revenues of €14.2 billion with 65,000 employees in 56 countries. With its 25,000 engineers and researchers, Thales has a unique capability to design, develop and deploy equipment, systems and services that meet the most complex security requirements. Thales has an exceptional international footprint, with operations around the world working with customers and local partners.
Drawing on its strong cryptographic capabilities, Thales is one of the world leaders in cybersecurity products and solutions for critical state and military infrastructures, satellite networks and industrial and financial companies. With a presence throughout the entire security chain, Thales offers a comprehensive range of services and solutions ranging from security consulting, intrusion detection and architecture design to system certification, development and through-life management of products and services, and security supervision with Security Operation Centres in France, the United Kingdom and in the Netherlands.
Thales offers Information Technology Security Evaluation Facilities, including, Security Evaluations (Common Criteria, VISA, MASTERCARD, JCB, AMEX, EMVCO, DISCOVER, CRI, AFSCM) for hardware and embedded software products for Banking, Identity, Transport, Telecom, Energy, Defence and Space, on Contact, Contactless and NFC technologies. We provide also Security Expertise and Consulting Services for IT Systems Security.