Inside Contactless proposes to put many Virtual Secure Elements in a cloud server, rather than having a Secure Element on every device. Only authentication is performed on the deive, with the SIM. This is quite daring for a silicon vendor, since the virtual SEs are obviously not small chips (they mentioned that it would run 1000 times faster).
One of the issues is latency. Network latency is not a big issue. But speed of light can be an issue for long distances. Some locality is required, as well as LTE to get the right speed. However, LTE should come fast. Tests with the magstripe version of EMV have met the performance requirements (under 150ms). Add RSA, and things get better, because the performance of a cloud SE will be much better than a real SE.
Security is also an issue, but they didn’t insist on it, simply stating that authentication of the user and device needs to be enhanced. I personally believe that improving the security on the cloud side would be nice as well.
Interesting question on the ownership of virtual secure elements. Of course, the cloud provider owns them, which is an interesting development.
Would that mean that Inside has given up on providing secure elements with their NFC chipsets? I don’t know, but they are looking for partners for doing this cloud-based thing.