EPayStandards Consortium

Frenchsys, Elitt and SRC found the EPay Standards Consortium

Together with the French partners Frenchsys and Elitt, SRC founds the EPayStan­dards Consortium, a cooper­ation to expand the consulting and support of inter­na­tional customers in the European payment traffic.

As a subsidiary of Cartes Bancaires, Frenchsys signif­i­cantly supports the technical and functional speci­fi­ca­tions as well as the integration in the French acquirer market.

Elitt focuses its activ­ities on the devel­opment of test case catalogs and test tools for terminals. Elitt also stands for innov­ative payment solutions.

SRC supports devel­opment and mainte­nance of the German girocard system. This includes the creation of functional and security speci­fi­ca­tions for all system compo­nents involved. Also the conception of innov­ative solutions for mobile payment is part of SRC’s service spectrum.

All three companies know the world of payment trans­ac­tions as essential carriers of European standard­ization initia­tives such as nexo, CPACE and the Berlin Group.

The EPayStan­dards consortium gives the inter­na­tional market for payment trans­ac­tions access to bundled technical and strategic consulting services. The corner­stone of the cooper­ation is laid with workshops for customers with cross-border opera­tions such as terminal manufac­turers and processing service providers.

In recent years, the European standards for payment trans­action terminals have developed further. This offers oppor­tu­nities especially for inter­na­tionally active acceptors to harmonize their terminal infra­struc­tures across borders. SRC and Frenchsys contribute detailed knowledge of these new standards and the two largest European payment trans­action markets and systems. Elitt completes the cooper­ation with its expertise in the technical prepa­ration of imple­men­ta­tions and certi­fi­ca­tions. Thus, the inter­na­tional market for payment trans­ac­tions benefits from the combi­nation of the strengths of the consortium partners.



SRC recog­nised as SBMP Evalu­ation Laboratory by EMVCo

Mobile Payments: From chip card to mobile device

Mobile Payment is an electronic form of payment using mobile devices such as mobile phones, tablets or smart­watches. Electro­mag­netic, i.e. contactless, techniques are used to initiate, authorise and realise the payment. This makes the security of this form of payment a challenge.

EMVCo and Software-Based Mobile Payment (SBMP) Programme

EMVCo, which defines and further develops the EMV standard and checks its imple­men­tation, addresses these challenges with its new SBPM approval process. SBPM stands for Software-Based Mobile Payment Evalu­ation Process. This evalu­ation examines whether the security mecha­nisms and protective measures of a component or solution have the minimum security level defined by EMVCo. Manufac­turers are certified with a security assessment certificate that their products can withstand known attacks.

With the SBPM approval process, EMVCo supports the global security and inter­op­er­ability of mobile payment trans­ac­tions. The range of security assessment processes has so far included products for integrated circuits (IC), platforms and integrated circuits (ICC). For the first time, EMVCo has extended the scope of its approval processes to include software compo­nents and solutions for mobile payments.

EMVCo recog­nises SRC as SBPM Evalu­ation Laboratory

SRC is recog­nized by EMVCo as a security lab/assessor for the security assessment of software-based mobile payment solutions and compo­nents, in addition to the existing Mastercard and Visa recognitions.

SRC performs compre­hensive checks of the security mecha­nisms of a Mobile Payment App or its compo­nents. The imple­mented measures are examined using state-of-the-art methods, such as reverse engineering, side channel and runtime analyses, and their resilience/resistance to attackers and protection against misuse is evaluated.

If you are inter­ested in further infor­mation on the subject or the evalu­ation of your payment solution, please contact us.

SmartCard Workshop

SmartCard Workshop on 21 and 22 February 2018 in Darmstadt

Focus of the SmartCard Workshop

The SmartCard Workshop will take place on 21 and 22 February 2018 in Darmstadt. It is one of the most important events for smart cards in Germany. The partic­i­pants come from all areas of industry, science and politics. They partic­u­larly appre­ciate the technical orien­tation of the workshop and its extensive neutrality. The workshop offers partic­i­pants and experts a forum to present new operating system concepts and conceivable new features and appli­ca­tions, as well as to discuss the current state of devel­opment, cryptog­raphy, infor­mation security and standardization.

SRC expert explains authen­ti­cation procedures

This year, SRC expert Sandro Amendola will give a presen­tation on security-related and regulatory issues in the “Regis­tration of App-based authen­ti­cation proce­dures”. Such authen­ti­cation methods play an important role in many digital appli­ca­tions and have become very important for all users of online banking systems, especially due to the regulation of the banking market by the PSD2.

Evening event with award ceremony

A special highlight is the evening event. Each year, one expert is honored with the SmartCard prize for special achieve­ments. The prize is donated by Fraun­hofer SIT.

SRC actively partic­i­pates in SmartCard Workshop

SRC supports the workshop as sponsor and through active partic­i­pation in the Programme Advisory Board.

Image source: Fraun­hofer SIT