Consult Hyperion Data & Privacy Policies 

GSMA Digital Commerce

Consult Hyperion has helped the GSMA demonstrate thought leadership in the rapidly evolving landscape for mobile payments.



Since 2014, Consult Hyperion has been working with the GSMA to examine, explain and explore what the changes in retail payments may mean for the GSMA’s members and the wider mobile payments community. This insight and analysis resulted in a series of papers, seminars and presentations that discussed the impact for different stakeholders. An early paper looked at the myths developing around mobile contactless payments with the introduction of host card emulation (HCE). This was followed by a discussion of the different population scale implementation models for the deployment of secure element (SE) and HCE mobile contactless payments, and papers on the impact of the international card schemes’ tokenisation initiative in EMVCo and the importance and opportunities resulting from the Payment Services Directive (PSD2) and European Banking Authority (EBA) guidelines in European markets. The audience for these assessment and discussion pieces covered mobile network operators (MNOs), retail banks, processors and vendors. Several of the papers and webinar outputs are available for download from the GSMA’s web site at


In the last few years, mobile payments have experienced significant change. Where five years ago payments from mobiles were only significant in emerging markets, such as M-PESA in Kenya, there is now a strong global trend. IMRG figures show that smart phone and tablet m-commerce overtook PC and laptop e-commerce for the first time in the UK in Q4 2015 . And, with mobile contactless payments rolling out on the three main handset platforms in many markets, payments at physical POS are becoming mobilised too.

For a new payments approach to be successful a number of potentially competing factors must come together; acceptance infrastructure, issuer commitment and regulation must align, normally well after the technology is available. Customers will then start to use those payments that offer real utility. This has happened with contactless cards in several markets, where the increase in transaction speed has opened new acceptance options such as mass transit, and is starting to happen with mobile contactless.

Grabbing headlines, Apple Pay and Samsung Pay launched mobile contactless payments using a secure hardware SE embedded in handsets to store tokenised payment data. These have mirrored the approach of SIM-centric deployments, which take advantage of the security of the SIM for tokenised payment data and add manageability over the complete customer lifecycle. On the Android and Windows platforms, the HCE approach is on the increase, using dynamic, limited use tokens to protect payment data rather than secure hardware.

Underpinning both approaches is EMVCo tokenisation which acts to disguise the real account details from those given to merchants to process transactions. Consult Hyperion and GSMA have helped the industry explore the overlap and synergies between the different mobile contactless approaches

Tokenisation is more than just mobile contactless. Its primary aim was to address rapidly rising remote payment fraud. Mobile has a key role to play in this, from in-app payments improving the user experience in-store and remotely, to mobile acting as an additional authentication factor for internet commerce. Security in these cases relies on the authentication of the user.

Mobile operators are working with partners to introduce stronger authentication through the GSMA’s Mobile Connect programme. This allows complementary identity services to come together with digital commerce services. Consult Hyperion has helped the GSMA identify deployment models that can support this programme and extend its reach to commerce services.

Strong mobile authentication is increasingly a key activity going forward for the future of payments, as the transactional model moves from a card payment ‘pull’ to a direct to bank account ‘push’.

Driving this change are regulators, who are looking to increase access, lower cost and reduce risk of retail payments. With support from Consult Hyperion, the GSMA is working with its members and the wider payments community to understand, explore and support this shift, as today’s mobile payments prepare for tomorrow’s ecosystem.

Our Approach

Selected because of our industry knowledge, relationships and payments expertise, Consult Hyperion has undertaken a series of engagements with the GSMA Digital Commerce team that have helped explore and explain the emerging mobile payments space.

We bring detailed understanding of payments models and technologies from working with the leading global organisations in retail payments and working on actual mobile payment implementations. We add value to the GSMA’s own work by delivering informed analysis of the key social, regulatory, business and technical drivers and barriers in the market, gained by working with MNOs, banks and schemes across all elements of the payments value chain and a genuinely independent viewpoint not tied to any product or specific solution.

Our work with GSMA Digital Commerce includes:

• To describe, analyse and discuss the payments landscape in terms of technical, commercial and regulatory aspects;

• To author, review and publish internal and external papers and discussion documents on specific topics for mobile payments:

• A series of papers on mobile contactless and tokenisation are available from the GSMA’s web site and include:

• “HCE and SIM Secure Element: It’s not Black and White”

• “HCE and Tokenisation for Payment Services”

• “The New Mobile Payment Landscape”

• To promote and disseminate the GSMA’s thought leadership in conferences and seminars both face to face at the GSMA industry events in Barcelona and Shanghai, and on the web. Links to events are available from the GSMA’s web site and include:

• “Webinar presentation: HCE and tokenisation for mobile payment”



About The GSMA

The GSMA represents the interests of mobile operators worldwide. Spanning more than 220 countries, the GSMA unites nearly 800 of the world’s mobile operators with 250 companies in the broader mobile ecosystem, including handset and device makers, software companies, equipment providers and Internet companies, as well as organisations in industry sectors such as financial services, healthcare, media, transport and utilities. The GSMA also produces industry-leading events such as Mobile World Congress and Mobile Asia Expo.

The GSMA’s Digital Commerce program works with mobile operators, merchants, banks, payment networks, transport operators and services providers to support the deployment of mobile commerce services. By fostering the ecosystem to encourage and facilitate collaboration, the program collaborates with the mobile ecosystem to develop specifications and guidelines for technical implementation and build value propositions for adjacent sectors.

For more information visit


GSMA, digital commerce, HCE, tokenisation, mobile payments, contactless, NFC, PSD2

You can sign up to our monthly e-newsletter by clicking on the sign up button and completing your details. Our e-newsletter contains links to our blogs and podcasts and information on our speaker engagements. If you decide you’d no longer like to hear from us, you can simply unsubscribe by clicking the unsubscribe link in the email newsletter sent to you. We use a 3rd party provider, Campaign Monitor, to deliver our monthly communication.


Back to Case Studies

Come and meet us
at these events:


We are speaking at:

Money2020 Europe

  Tue 16 Jun 2020 - Thu 18 Jun 2020, Amsterdam

We are attending:


  Wed 12 Aug 2020, London

We are speaking at:

Money2020 Asia

  Tue 25 Aug 2020 - Thu 27 Aug 2020, Singapore

We are speaking at:

Money2020 USA

  Sun 25 Oct 2020 - Wed 28 Oct 2020, Las Vegas
“We help Retail and Transit Organisations who are looking for next-generation ticketing and payment systems”Tell Me More!

Keywords: Contactless, Public Transport, Oyster, TfL, Transport for London, Reader, AFC, Card payments, Risk analysis, tokenisation, PCI DSS

View full website