Skip to Main Content Skip to Footer Content
Close Search

Increase customer loyalty and control costs with an in-house smart chip management system.

EMV is a fact of life. With the US now on the path to migrating to EMV technology the key question becomes: “How do I get the most out of the investment in my smart chip technology?”

Token management for mobile is offered in partnership with Visa. It is a full suite of mobile solutions supporting cloud-based payments using Host Card Emulation (HCE), EMVCo tokenization, trusted services management (TSM) for SIM-based projects and for embedded secure element solutions such as Apple Pay and Samsung Pay.

Contact Sales
Token Manager


Secure Element has been made famous by Apple Pay, as well as mobile network operators, payment instrument distributors (e.g. plastics production organizations moving into mobile) and Samsung. Secure Element was one of first technologies to support mobile NFC payments.

The approach centralizes around the replacement of the PAN with a surrogate “tokenized” PAN which is made resident on the phone’s Secure Element. This can be an onboard mobile chip (owned by the manufacturer), the SIM card (owned by the mobile network operator) or an SD Card.

Secure Element is considered to be one of the most secure solutions available in mobile payments. New players are introduced to the Secure Element pattern, such as the Root-TSM (manages the Secure Element) and the SP-TSM (manages the interaction between Root-TSM and Issuer, and may also provide Tokenization services).


Host Card Emulation (HCE) is an alternative approach to mobile payment security where critical payment credentials are stored in a secure shared repository in “the cloud” rather than in a Secure Element inside the phone.

Secure Element in the Cloud further expands the ACI Token Manager for Mobile platform to enable payment and other credentials such as transit, identity and loyalty to be issued and managed in a secure cloud server.

With HCE, an application issuer is no longer dependent on the mobile device SE owner for storing credentials and instead has its own SE in a cloud environment. This offers independence and greater control.