Security

Certifications


EMV 4.3 Specification

EMVco is an organization consisting of 6 members such as, e.g. American Express, Master Card or Visa. The task of the organization is to develop and support specifications to help secure the global interoperability and acceptance of secure payment transactions. Book 1 of the EMVco Specification 4.3 describes the minimum requirements placed on chip manufacturers to ensure the correct operation and the interoperability irrespective of the application involved. This encompasses the electromechanical properties and transfer protocols.


Common Criteria
Part 1 - 3, Revision 3.1

The "Common Criteria for Information Technology Security Evaluation" is an international standard which serves the IT security - as a basis for testing and assessing (evaluation) of the security properties for IT components and IT systems, - as a guidelines for the development and procurement of products and systems with IT security functions. In Germany, compliance with the common criteria with an evaluation level EAL 3+ can also be used for confirmation of the German Signature Act (SigG / SigV). Only products that comply with the German Signature Act can be used for creating qualified electronic signatures.


BSI-TR-03119

Chip card readers that are also suitable for reading the new ID cards (nPa) must be certified in accordance with BSI Directive BSI-TR-03119. The Directive defines 3 different reader types (Basic reader, Standard reader and Comfort reader). The devices are tested by an accredited inspection agency, whereby protocol tests and functional tests are performed.


FIPS 201-1

Chip card readers used by members of the US Government, must be certified in accordance with the NIST Standard FIPS 201-1. This standard defines the minimum requirements placed on access control systems as specified, e.g. in the Homeland Security Presidential Directive 12 (HSPD 12). Approved products are published through GSA (General Services Administration) in the APL (Approved Product List)

To Top