Crunchfish AB broadened the Digital Cash solution by patenting secure and scalable mobile wallets using Host-based Card Emulation (HCE) for online as well as offline EMV payments leveraging virtual secure elements. This patent-pending application is of strategic importance for Crunchfish as it extends the company's total addressable market and the near-term revenue opportunities considerably as mobile wallets with tokenized HCE payments is the major digital payment method in the world, with almost 5 billion mobile wallets at the end of 2023. It is a challenge to add secure HCE payment capabilities to payment applications on smartphones.

Payment applications running on smartphones are implemented in software-based Rich Execution Environments (REEs), which provide high level of scalability but have security issues for HCE payment applications. EMV tokens, credentials and other HCE assets are not safe from attacks. To be truly secure, HCE payments must be implemented as a Trusted Application (TA) within a Tamper Resistant Element (TRE) that protects the TA with an isolated secure runtime for storing of EMV tokens, credentials, and other HCE assets.

A key consideration for establishing the required additional security with maintained scalability is how the TRE is implemented. It could either be implemented in hardware or software. HCE payments implemented in a hardware-based TRE are hard to scale as such TREs are controlled by device manufacturers (OEMs) or mobile network operators (MNOs).

A software-based virtual TRE adds the required additional security whilst maintaining the desired scalability as it is easily deployable and maintainable on all smartphones, without any OS, OEM, or MNO dependencies. Furthermore, Crunchfish's novel approach for HCE payments has the potential to enrich HCE payments by adding novel use cases, e.g. offline, scan and pay and P2P payments.