SRC is recog­nised as a security expert for the security of electronic payment systems by the German Banking Industry (DK).
SRC is a PCI SSC, Currence PCI+ (Nether­lands), APCA (Australia) and PNC (Sweden, Denmark, Norway, Finland and the Baltic States) approved security assessor for payment terminals and their compo­nents such as PIN input devices and smart card readers. SRC is also a partic­i­pating laboratory in the Visa Ready Program for mPos.

Our compe­tence

DK has defined a catalogue of criteria for compo­nents for use in electronic payment systems. SRC employees have extensive experience in the security inves­ti­gation of payment system compo­nents. For example, SRC identifies the security aspects to be checked for distributed payment trans­action terminals and presents the test results to DK, taking into account the require­ments for form and content. Due to our precise knowledge of all aspects of the DK approval procedure, we not only uncover weak points, but also success­fully lead our customers to the goal of timely approval.
SRC has extensive knowledge of other verifi­cation programs in the field of inter­na­tional payment systems such as the Payment Card Industry (PCI). SRC carries out exper­tises according to the require­ments for PIN Entry Devices (PED) or Encrypting PIN Pads (EPP) and advises already before the devel­opment. Involving our experts as early as possible in the devel­opment process is worth­while for you, as we can help you to consider the require­ments of all desired approvals right from the start.

Our offer

SRC offers safety inves­ti­ga­tions in all test procedures.
In principle, it is possible to combine the review processes so that synergy effects result for you.
SRC can, for example, carry out the DK assessment in such a way that the results can also be used for a global approval. The criteria of Currence PCI+, APCA and PNC require either an add-on (Currence PCI+, PNC) to the PCI PTS criteria or the require­ments can be proven as an add-on to a PCI PTS report (APCA). Common Criteria, UKCA’s test method, can also be combined. For example, security analyses and penetration tests can be used across methods.

creden­tials

SRC has prepared security assess­ments for payment terminals for Cryptera, GMX, VeriFone and XAC, among others, and the certi­fi­ca­tions were success­fully completed.
SRC has success­fully presented network concept and integration reports for electronic cash network operators at DK.