Respected certification reinforces Licel’s commitment to providing a secure, reliable foundation for the next generation of mobile payment and digital identity solutions.
Licel, a leading provider of mobile application protection, has successfully renewed its EMVCo Security Evaluation and Approval for the Licel vTEE (Virtual Trusted Execution Environment) on iOS under the Software-Based Mobile Payment (SBMP) TEE program.*
The Licel vTEE functions as a software secure element (SE) embedded within a mobile application, providing an isolated environment for sensitive operations without reliance on a hardware SE for running Trusted Applications. When integrated with Licel’s full suite of protection, including DexProtector (for app and runtime protection) and Alice Threat Intelligence (real-time risk assessment), it offers an unparalleled, holistic defense for the mobile channel, preserving integrity.
The approval from EMVCo, a global technical body responsible for the secure integration of card-based payment products worldwide, confirms that the Licel vTEE continues to meet the very highest international standards for mobile payment security. In turn, it helps to enable and empower developers to build compliant, trusted solutions from mobile payments through to digital identity.
“Trusted” is the watchword, here, because in a mobile-first world where app-based payments and wallets are commonplace, external security verification and certification is essential for building trust. The Licel vTEE helps solution providers and developers to achieve compliance themselves – be that EMVCo SBMP or PCI MPoC – by delivering an already-certified and trusted foundation for secure cryptographic operations, secure storage, and secure execution; all without the need for hardware security modules.
For years, developers of payment wallets, digital ID solutions, and other high-security applications have been forced to build and maintain separate sets of security tools and solutions for Android, iOS, and now, emerging platforms like HarmonyOS. The Licel vTEE makes this paradigm obsolete, providing a certified, hardware-agnostic secure enclave; a universal, cross-platform layer for Trusted Applications (TAs). This enables developers to write their most sensitive code - for cryptographic operations, key management, and biometric authentication - once, and then deploy it consistently and securely across all major mobile operating systems. It’s an innovation that promises to dramatically simplify development, streamline compliance, and accelerate the launch of secure mobile services.
“We view EMVCo evaluation and approval as a marker of our ongoing process of improvement,” said Licel co-founder and CEO, Ivan Kinash. “Every renewal, like this one for the Licel vTEE for iOS, is a reflection of our continuous collaboration with our clients and our unwavering promise to keep them ahead of emerging threats and compliance requirements.”
Licel’s vTEE has been EMVCo evaluated and approved for both major mobile platforms.
*EMVCo issuance of a certificate for the Product shall mean only that the Product has been evaluated in accordance and for sufficient conformance with the EMV Security Guidelines for TEE-based Mobile Payment as of the date of evaluation. EMVCo's certificate is not in any way an endorsement or warranty regarding the completeness of the security evaluation process or the security, functionality, quality or performance of any particular product or service. EMVCo does not warrant any products or services provided by third parties, including, but not limited to, the producer or provider of the Product and EMVCo approval does not under any circumstances include or imply any product warranties from EMVCo, including, without limitation, any implied warranties of merchantability, fitness for purpose, or non-infringement, all of which are expressly disclaimed by EMVCo. All rights and remedies regarding products and services which have received EMVCo approval shall be provided by the party providing such products or services, and not by EMVCo and EMVCo accepts no liability whatsoever in connection therewith.
