Conform to the latest state-of-the-art industry security implementation guidelines
Your product - embedded secure element, smart card, payment terminal, mobile handset, to name a few - is subjected to a detailed assessment of its security assets against known vulnerabilities and penetration testing. In transaction security industries, regulators require a high level of confidence on the degree of security examination and testing of your product.
In the payments’ ecosystem, EMVCo and PCI are responsible for overseeing the certification process of chip, chip cards, secure elements and open platforms as well as point-of-interaction (POI) devices. The payment schemes will be responsible of their own payment applications. The security evaluation processes defined by EMVCo, PCI and payments schemes are mandatory process for all IC-based products carrying payment schemes brand, regardless of the form factor.
In the mobile ecosystem, organizations such as GlobalPlatform are involved to set security guidance. At local organizational level, some specific security requirements may be mandated. For instance, the European Card Payment organization would regulate the Common Approval Program for cards and POI devices under a common criteria evaluation scheme.
Our expert consultants are capable of advising clients on latest security threats and industry requirements. Your benefits in partnering with us:
- Long-term relationship with payment industry regulators to help clients with best and optimized approaches for getting a product through the approval process.
- Strong experience of approval processes for all payment schemes so that the project team can efficiently manage an evaluation project.
- Industry-recognized quality of evaluation reports so that approval bodies reviewing process is optimized.
- Dedicated experts in all areas of security, such as cryptography, JavaCard, GlobalPlatform, software, micro-electronics, radio-frequency, laser, so that our experts can directly advise your team of experts.
- Comprehensive attack platforms which demonstrate our hands-on knowledge on state-of-art attacks methods.
- Experienced experts actively contributing to security working groups, such as JHAS, JTEMS, ISCI-WG1, to advise you of the latest threats and security requirements.
- Evaluation of closed and open platform embedded devices with complex form factors and interfaces.
- Our services are endorsed by regocnized regulators and certification bodies, such as EMVCo, PCI, as well as payment schemes, American Express, Discover Financial Services, JCB International, MasterCard and Visa, and UK CESG.
