SRC is recognised as a security expert for the security of electronic payment systems by the German Banking Industry (DK).
SRC is a PCI SSC, Currence PCI+ (Netherlands), APCA (Australia) and PNC (Sweden, Denmark, Norway, Finland and the Baltic States) approved security assessor for payment terminals and their components such as PIN input devices and smart card readers. SRC is also a participating laboratory in the Visa Ready Program for mPos.
DK has defined a catalogue of criteria for components for use in electronic payment systems. SRC employees have extensive experience in the security investigation of payment system components. For example, SRC identifies the security aspects to be checked for distributed payment transaction terminals and presents the test results to DK, taking into account the requirements for form and content. Due to our precise knowledge of all aspects of the DK approval procedure, we not only uncover weak points, but also successfully lead our customers to the goal of timely approval.
SRC has extensive knowledge of other verification programs in the field of international payment systems such as the Payment Card Industry (PCI). SRC carries out expertises according to the requirements for PIN Entry Devices (PED) or Encrypting PIN Pads (EPP) and advises already before the development. Involving our experts as early as possible in the development process is worthwhile for you, as we can help you to consider the requirements of all desired approvals right from the start.
SRC offers safety investigations in all test procedures.
In principle, it is possible to combine the review processes so that synergy effects result for you.
SRC can, for example, carry out the DK assessment in such a way that the results can also be used for a global approval. The criteria of Currence PCI+, APCA and PNC require either an add-on (Currence PCI+, PNC) to the PCI PTS criteria or the requirements can be proven as an add-on to a PCI PTS report (APCA). Common Criteria, UKCA’s test method, can also be combined. For example, security analyses and penetration tests can be used across methods.
SRC has prepared security assessments for payment terminals for Cryptera, GMX, VeriFone and XAC, among others, and the certifications were successfully completed.
SRC has successfully presented network concept and integration reports for electronic cash network operators at DK.