Deploying mobile payment solutions has proven to be a strong distinguisher and driver for smartphone OEMs. With deployed solutions like Android Pay, Samsung Pay, Apple Pa, and other OEM payment solutions most smartphone vendors are actively developing and deploying such solutions. Most often OEM Pay Solution is implemented utilizing the Trusted Execution Environment (TEE) and/or embedded or even Integrated Secure Element to make the solution more secure than regular HCE solutions.
OEM Pay solution and CDCVM have special attention from the Payment schemes. Riscure is performing scalable efficient security certification evaluations according to Visa, MasterCard, Discover, AMEX and other payment schemes requirements for both TEE and Secure Element based solutions.
In such assessments Riscure evaluates security sensitive parts of for instance the Mobile Payment Application (MPA), the Trusted User Input (TUI), biometric authentication features such as facial or fingerprint recognition, Trusted Applications, TEE Platforms, SE applets and payment interfaces such as NFC, In-App payment, QR based payment and emulated magstripe solutions.
Based on the strong partnership with key technology providers (e.g. Mobile chipset vendors, TEE vendors and SE vendors), Riscure has accumulated a vast experience in supporting our partners on each step of their solution development process starting from concept development and ending on formal security certification.