Home
  Aktuelles White Papers Kunden
  CA Kontakt Impressum
Chipkarten Sichere Netze Projektmanagement Prüfstelle CC-Prüfstelle Gutachten Best.stelle SigG JTEMS Test und Qualitätssicherung
SRC Academy
JTEMS
Druckversion

JTEMS - JIL Terminal Evaluation Methodology Subgroup

In November 2007, the European Parliament issued the Payment Service Directive to improve the efficiency of European payment instruments by erasing national borders for credit transfer, direct debit and cards, thus creating a Single Euro Payments Area (SEPA).

As a contribution to this harmonisation, European Governmental IT security organizations, who have been using the Common Criteria methodology to certify the security of smart cards for the past decade, have decided to enhance their support to the European credit industry by supporting the use of the Common Criteria to card-activated payment terminals.

The JTEMS (JIL Terminal Evaluation Methodology Subgroup) working group based on Common Criteria (CC) was founded to associate payment schemes, certification bodies and evaluation laboratories to this initiative. Vendors joined the group in 2009.

One of these product ranges, where common evaluation methods should be applied, is Point of Interaction (in short "POI") for payment systems and related products. The attack methods for this product range cover diverse fields of expertise such as physics, informatics, cryptography and engineering. The use of these expertises for attacks is very complex. This makes it very difficult for a single organisation to ensure "state of the art" over the whole range relying only on its own resources.

One of the objectives of JTEMS is to gather resources, knowledge and expertises in order to produce harmonised technical documentation supporting POI evaluation. The outputs of this working group will be integrated in the Joint Interpretation Library (JIL) for their application in the European certification scheme.

SRC has been supporting the JTEMS process from the very beginning. Sandro Amendola, employee of SRC, is chair of that group and one of the author of the Common Criteria POI Protection Profile. The Protection Profile was developed by the group to define security requirements for the Common Criteria evaluation of a POI. SRC as JTEMS chair is giving regularly presentations of the initiative to other working groups involved in the creation of SEPA. 

Infos
Dr. Bertolt Krüger
Detlef Kraus
Thilo W. Pannen


Telefon: +49(0)228 / 2806 - 0
Telefax: +49(0)228 / 2806 - 199
Nach oben Copyright ©  SRC Security Research & Consulting GmbH