Private scheme Evaluation

  • CAST laboratory for MasterCard Worldwide
  • EMVCo full service laboratory
  • VCSP laboratory for VISA International
  • CSPN evaluations with ANSSI
  • AMEX accredited laboratory
  • DISCOVER accredited laboratory
  • NXP MIFARE accredited laboratory
  • PCI PTS recognized laboratory

For several years, due to their particular constraints in terms of security and time-to-market, major international payment schemes have set up their own security evaluation programs. Other industrial actors also request customized assessment of their new product designs or protection techniques. Our ITSEF has worked in close collaboration with them and enforced all required processes internally in order to answer all these specific needs.


MasterCard CAST

Our laboratory has been accredited by MasterCard Worldwide for security expertises within the CAST program (contact and contactless smart cards). Based on the results of the expertise of a product, MasterCard Worldwide provides the product vendor with a specific reference authorising the branding of the product.

As for CC, we offer full CAST expertises to developers or vendors of MasterCard applications (M/Chip, Paypass, …). Such expertise include a detailed code review, vulnerability analysis and hardware semi-invasive tests.

 

EMVCo

EMVCo was created by the three major international payment schemes (JCB, Visa International and MasterCard Worldwide).

EMVCo manages, maintains and enhances the EMV™ Integrated Circuit Card Specifications for Payment Systems.

Our ITSEF has also been approved by EMVCo as Full Service Laboratory in the context of its new security evaluation program for Integrated Circuits and Integrated Circuits Cards.

 

VISA VCSP

Previously called the ‘RISK’ program, our laboratory has been accredited by VISA International for security expertise within VCSP (VISA Chip Security Program) for contact and contactless smart cards.

 

CSPN evaluation with ANSSI

Our laboratory has been accredited by ANSSI for security expertise within the CSPN program. This program intents to offer to the administration, companies and the general public IT products whose security has been assessed.

A CSPN evaluation checks that the product is compliant with its security specification; it rates the security mechanisms, identifies the vulnerabilities known from similar products, and tests the product in a limited time frame. This scheme allows to certify free licensed software in limited time and cost.