Re: Maybe I just don't get it
"Google doesn't use a secure element for Android Pay - they use host card emulation. That's a software based solution so they can't allow rooted devices to use it because it would defeat the security - it also means compromising the security of Android compromises its security. Google made that choice because requiring a secure element would lock out the lower end Android phones that choose not to include it for cost reasons."
And by doing so, they improved uptake of Google Wallet which helped keep NFC on the map until EMV-on-NFC came along (Apple Pay and Android Pay both use this now. Google Wallet virtual cards are being retired IIRC). The main reason for this move in Android Pay is at the behest of the banks who basically made it a prerequisite. Given this security requirement, Google may be more inclined to set up a hardware-based trusted path for future Android phones and in particular for Android N going forward. It's more affordable to do it now especially since Apple are helping bring economies of scale to the Secure Element market.
Biting the hand that feeds IT
