Could Accumulate mobile payment service also be hit by the Google Wallet hack?

After the two security incidents with the Google Wallet the last weeks (PIN hack), questions are raised if the same issues could hit the Accumulate mobile payment solution.

The general and simple answer is no. The technique and security processes in the Accumulate mobile solution are more sophisticated than other mobile wallet solutions on the market today, like for example Google Wallet.

In the Accumulate solution sensitive information like user name, password, credit card number, expire date, CCV-code, account number, PIN, etc. are never stored in the mobile. The Accumulate solution is based on a connected mobile device and all sensitive information is validated server side, where eventual account information or alias could be stored.

On a wallet solution based on a so called NFC scheme (like Google Wallet or ISIS) all sensitive information is stored in the mobile on a secure element (a special chip or special SIM-card for storage). When doing a purchase at POS all secret information (name, card number, expire date, CCV-code, etc.) is transmitted from the mobile to the payment terminal.

When using the Accumulate process only an OTT (One Time Ticket), a onetime code that "lives" for a very short time period, is used and it the code is  useless if captured or copied.