To use our site, you agree to the use of cookies and data processing according to our privacy statement.
Close
Search

OEM Mobile Payment Security Certification

Certify and protect your Mobile Payment Solution with a top lab with excellent performance, flexibility, and experience.

Get in touch with us

Deploying mobile payment solutions has proven to be a strong distinguisher and driver for smartphone OEMs. With deployed solutions like Android Pay, Samsung Pay, Apple Pa, and other OEM payment solutions most smartphone vendors are actively developing and deploying such solutions. Most often OEM Pay Solution is implemented utilizing the Trusted Execution Environment (TEE) and/or embedded or even Integrated Secure Element to make the solution more secure than regular HCE solutions.

OEM Pay solution and CDCVM have special attention from the Payment schemes. Riscure is performing scalable efficient security certification evaluations according to Visa, MasterCard, Discover, AMEX and other payment schemes requirements for both TEE and Secure Element based solutions.

In such assessments Riscure evaluates security sensitive parts of for instance the Mobile Payment Application (MPA), the Trusted User Input (TUI), biometric authentication features such as facial or fingerprint recognition, Trusted Applications, TEE Platforms, SE applets and payment interfaces such as NFC, In-App payment, QR based payment and emulated magstripe solutions.

Based on the strong partnership with key technology providers (e.g. Mobile chipset vendors, TEE vendors and SE vendors), Riscure has accumulated a vast experience in supporting our partners on each step of their solution development process starting from concept development and ending on formal security certification.

Benefits of working with Riscure

Proven track record with multiple smartphone OEMs

Endorsed and trusted by multiple payment schemes

Actively supporting clients in understanding the security vulnerabilities

Actively supporting clients to prioritize and define mitigation strategies

The most industry relevant attack methods helping to identify core vulnerabilities and fix them

Minimizing through-put time and de-risk projects by professional training and pre-certification

Riscure got under the skin of our product very quickly and produced an insightful, valuable and professional report. As well as demonstrating forensic skills they understand the different technical and commercial audiences that need to consume these reports and presented their finding appropriately for both audiences. They really understand security and are very easy to deal with.
- Jon Geater, Chief Technology Officer, Trustonic Ltd.
  • Contact us
  • Tim Hartog

  • Director Mobile Payment, Security Lab Services