Online banking and eCommerce are spreading rapidly. Banks therefore want to equip their customers with devices and applications that enable them to securely authenticate towards the background system. In particular, payment transactions with smartphones and tablets are driven by customer needs. Despite simple operation, security must not be neglected. Such devices and applications must meet the requirements of the Regulatory Technical Standard (RTS) within the Payment Service Directive 2 (PSD2). In addition, devices that require approval from the German banking industry (Secoder) can also be used.
SRC’s security reports provide a quick insight into the security level to be achieved with a product; the reports can be designed in such a way that they satisfy the obligation to provide evidence to supervisory authorities (SecuRePay). Thanks to our extensive know-how in electronic payment transactions, we also have extensive knowledge of security mechanisms used in online banking and e‑commerce.
SRC has already provided security-assessments for TAN-generators, smartphone-based authentication solutions and Secoder implementations.
In addition, SRC is a participating test laboratory in the VISA mPOS Technology programme for secure payment transactions and is therefore allowed to submit security assessments of mobile VISA applications to VISA.