Home News Riscure now offers the EMVCo Evaluation Service for Multi-Factor Authentication Solutions

Riscure now offers the EMVCo Evaluation Service for Multi-Factor Authentication Solutions

Riscure announces the availability of the security evaluation service to test payment solutions against the EMVCo Multi-Factor Authentication requirements. This allows Riscure to deliver comprehensive security assessments for payment Authenticators and Verifiers used across a variety of consumer devices, ensuring they meet EMVCo’s stringent security requirements for payment authentication.

Multi-Factor Authentication is an advanced authentication method that requires the payee to provide two or more factors to confirm their identity. These factors include ‘knowledge’ (e.g., PIN or password), ‘possession’ (e.g., smartphone), and ‘inherence’ (e.g., biometrics). As the adoption of MFA solutions in payments grows, EMVCo’s security requirements address potential security threats, supporting the development of robust MFA solutions capable of preventing or detecting attacks that could compromise payment authentication security.

The EMVCo MFA security requirements cover payment Authenticators and Verifiers used in a variety of consumer devices, including smartphones, laptops, vehicles and IoT devices. The security evaluation process tests both software and hardware components involved in data collection, processing, storage, transmission, and verification for authentication during payment transactions. The standard supports both Authenticators and Verifiers, along with their interfaces and communication processes, allowing various components to be certified separately.

As an accredited lab, Riscure is equipped to support solution providers with security evaluation services and pre-assessment for their MFA solutions. The EMVCo MFA requirements follow a modular approach, meaning that not all components of an MFA solution need to be present to be evaluated. Riscure services include thorough evaluations of SDKs, libraries, APIs, platform authenticators, and back-end systems to ensure compliance with EMVCo’s security requirements.

“EMVCo’s newly defined security requirements for Multi-Factor Authentication solutions represent a major step forward in the ongoing effort to advance payment security. The framework addresses the growing need to provide the industry the flexibility in authentication methods while safeguarding sensitive information. Riscure is proud to support the industry in adopting robust MFA solutions that effectively protect users and build consumer confidence in payment technologies,” commented Pascal van Gimst, VP of Sales and Business Development at Riscure.

Riscure is ready to support payment Authenticators and Verifiers in the security evaluations against the new EMVCo MFA standards. Get in touch with us today – fill out the contact form below or send an email to inforequest@riscure.com.

Share This