Cloud Based Payments
The inception of Cloud Based Payments is seen as the future of card issuance where the emphasis is placed upon digital cards rather than the physical plastic cards that we are familiar with and use daily. In recent years NFC-enabled mobile phones have seen a transformation of the consumer shopping experience allowing consumers to pay for their goods and services using their smartphone and digital wallet. However the marketplace has been slow to adopt this technology, largely due to the complexity and size of the ecosystem.
Host Based Emulation could help reclaim lost ground in digital payments
Cloud Based Payments offers the same contactless payment functionality on a mobile device that is currently provided by ‘Visa payWave’ contactless cards, but develops this further by removing the need for a hardware secure element on the smartphone by allowing the secure deployment of accounts in the cloud.
Cloud Based Payments allows cardholders to conduct their payment transactions in participating merchant locations using their smartphone with card emulation capabilities built outside of the secure element. Current examples of Host Based Emulation offered in the market are Android’s Host Card Emulation and BlackBerry’s Software Card Emulation.
How Does Cloud Based Payments Work
The current Cloud Based Payments program offered by Visa aims to support payments across various channels and technologies. The Cloud Based Payments program consists of a number of functional components that support 'Visa payWave' payments using Host Card Emulation:-
Cloud Based Payments Platform
The platform to provision and manage accounts according to issuer preferences.
-
Mobile Application
The application installed on the smartphone to allow the management of enrolment, provisioning, lifecycle management and payment by the consumer.
-
Mobile Application Platform
The platform to securely transmit messages for enrolment, provisioning, active account management between the CBPP and Mobile Application.
Compliance Requirements
For third parties seeking to offer services within the Cloud Based Payments ecosystem the following compliance requirements are applicable:As a Cloud Based Payment Platform (CBPP) provider you must comply with the following requirements:
- Visa Cloud-Based Payments Program Minimum Requirements and Guidelines
- Visa Cloud-Based Payments Provider Security Requirements
- Mobile Application
As a Mobile Application (MA) provider you must comply to the following requirements:
- Visa Cloud-Based Payments Contactless Specification
- Visa Cloud-Based Payments Program Minimum Requirements and Guidelines (functional & Security)
- Visa Brand Standards
- Mobile Application Platform
As a Mobile Application Platform (MAP) provider you must comply with the following requirements:
- Visa Cloud-Based Payments Program Minimum Requirements and Guidelines
- PCI Data Security Standard (if the MAP transmits and or process cardholder information)