Discussion of Technology Risks Faced by Two Contemporary Mobile Payment Systems from the Perspectives of NFC and Tokenization

Research output: Journal Publications and Reviews (RGC: 21, 22, 62)21_Publication in refereed journalpeer-review

View graph of relations


  • Daniel W.K. TSE
  • Yiyi OUYANG

Related Research Unit(s)


Original languageEnglish
Pages (from-to)50-59
Journal / Publication電腦稽核
Issue number35
Publication statusPublished - 20 Jan 2017


Mobile payment systems are one of the key enablers in financial technology (FinTech). Because of its importance and big impact to the success of FinTech, its technology risks have to be dissected and fully understood so that the implementers can have sufficient knowledge in its risk management process. Among the numerous mobile payment systems available on the market, the research team has selected two contemporary ones for analysis. These two systems use two most popular mobile operating systems, namely, Apple’s iOS and Google’s Android. Apple Pay and Android Pay are two mobile payment systems equipped with different security mechanism based on those two types of operating systems. Since release of Apple Pay, NFC technology, tokenization, and Secure Element have become hot topics in m-payment ecosystem. In this paper, security of the two mobile payment systems in terms of NFC and tokenization is discussed. The conclusion would be that consistency of Apple operating system helps reduce complexity in building up security mechanism, EMVCo tokenization specification and device-centric Secure Element implementation help make responsibility division clearly among stakeholders in the mobile payment ecosystem.

Research Area(s)

  • Risk, Apple Pay, Android Pay, mobile payment systems, NFC, Secure Element, Tokenization

Bibliographic Note

Research Unit(s) information for this publication is provided by the author(s) concerned.