SECUREKEY BRIIDGE.NET CONNECT AUTHENTICATION SERVICE SUPPORTS GOOGLE ANDROID HCE 

Offers Greatest Flexibility for Storing Card Data Securely In the Cloud, On the Mobile Device or Both 

TORONTO, Canada, December 16, 2013 – SecureKey, the leading provider of trusted identity networks, today announced that its briidge.net Connect™ service can provide cloud-assisted device-based user authentication for mobile Near Field Communication (NFC) payments or other proximity transactions made using Google Android™ host-based card emulation (HCE). 

A new feature of the recently released Android 4.4 (Kit Kat), HCE allows any Android mobile phone to act like a contactless debit, credit or other card without needing a built-in secure element to store and protect the card data. 

The strong, multi-factor authentication provided by the briidge.net Connect service offers banks and other card issuers the greatest flexibility for ensuring the security of card data in their applications. It does this with or without a hardware secure element and regardless of where the data is stored—in the cloud, on the mobile device or both— and also supports emulation of the full range of common payment card brands. 

“We applaud Google for their efforts in opening up the mobile NFC market by implementing host-based card emulation in the latest release of the Android operating system, but HCE is only a part of the solution for enabling high-value NFC-initiated transactions,” said Andre Boysen, executive vice president of marketing for SecureKey. “The SecureKey briidge.net Connect service extends strong device authentication to the cloud, providing the highest level of assurance for Android HCE transactions, greater confidence that card data is securely stored in any application, and an improved user experience.” 

The SecureKey briidge.net Connect-based solution builds upon the work the company has done providing similar authentication capabilities to MasterCard® for its NFC-based MasterPass™ cloud-based mobile wallet to allow tap-and-pay online transactions using NFC-enabled PCs. 

SecureKey has already tested and confirmed the ability of the briidge.net Connect service to work with the HCE protocol to conduct a secure payment transaction at a retail outlet using the standard acquirer-provided payment terminal. Using a payment app developed by SecureKey to emulate a branded payment card, the briidge.net Connect service successfully validated the user and the payment app, retrieved the secured card data and used the HCE protocol on the mobile device to conduct the transaction. 

The SecureKey briidge.net Connect solution enables issuers to easily take advantage of cloud-based tokenization trends for payment or other applications that employ the consumer device as a token. The SecureKey solution also offers easy integration into existing contactless smart card systems. It supports current and future card reader infrastructures, as well as PC-based platforms, and offers simple, efficient and proven integration with existing issuer payment systems. 

In addition to payment applications, the SecureKey solution is flexible and provides the critical authentication needed to enable additional high-value NFC-initiated applications in health care delivery, ticketing, public transport and secure access, among others, and also opens the door for NFC ID transactions. 

The SecureKey solution is extensible and technology-agnostic at the device level, supporting both hardware and software secure elements and multiple proximity interface protocols, including NFC, QR and Bluetooth low energy. 

"Host-based card emulation is an exciting development for the proximity market, but it is still an emerging technology, and there are still many questions that need to be answered before it is widely deployed, including ensuring that card data is securely stored without a hardware secure element,” said David Birch, founding director of UK-based secure electronic transactions specialists Consult Hyperion. “The SecureKey briidge.net Connect solution holds the promise of storing card data securely for a variety of high-value NFC transactions with Android HCE by providing simple, strong authentication.” 

About SecureKey Technologies Inc. 

SecureKey is the leading provider of cloud-based, trusted identity networks that reduce the burden, cost, and risks associated with user authentication. The company's federated authentication solutions ensure that users are properly authenticated regardless of the service, device or credential they prefer to use. Organizations can quickly and easily deliver high-value online services to millions of consumers and citizens with improved transaction privacy, simplicity, and convenience. SecureKey is headquartered in Toronto, with offices in Boston, Washington D.C., and San Francisco. The company is backed by a world-class group of venture and corporate investors. For additional information, please visit www.securekey.com. 

# # # 

Media and analyst contact: 

Patrick Corman 

Corman Communications, LLC 

+1.650.326.9648 

This email address is being protected from spambots. You need JavaScript enabled to view it. 

Sarah Douglas 

Director, Marketing Communications 

SecureKey Technologies Inc. 

416.477.5625, 5135 

This email address is being protected from spambots. You need JavaScript enabled to view it.