Security Consulting

CAST

Presentation
Our Offer
Supporting Tools
References
Download

About CAST

All MasterCard-branded cards must have a CAST certificate (Compliance Assessment & Security Testing).

Trusted Labs: the CAST Expert

Trusted Labs has been performing CAST evaluations since 2001 - and actually helped MasterCard define the procedures and tools to be used in the evaluations.

Our Offers

Trusted Labs offers 2 services to help you obtain your CAST certificate.

1) We make sure your evaluation runs as smoothly as possible, by helping you:

understand state-of-the-art security requirements and CAST requirements;

understand the security mechanisms referred to in the CAST security guidelines;

analyze the security level of your smart card, before the actual CAST evaluation.

2) We perform the CAST evaluation which will get you the official certificate from MasterCard.

Presentation
Our Offer
Supporting Tools
References
Download

Comprehensive analysis

The standard in the industry is simple source code analysis. We go further, and analyze security on 3 levels:

1. We diagnose your specifications and design;

2. We review your source code;

3. We test your product on emulators, using:

robustness tests

ill-formed applications - a leading expertise in Trusted Labs.

This optimizes coverage, ensuring an exhaustive identification of vulnerabilities.

Unique Methodology for Multi-Application Cards

Trusted Labs is also an expert in multi-application cards - and has developed a methodology to assess all the security issues specific to these.

We check that:

the platform guarantees that a sensitive application can use the platform’s services safely;

all other applications on the card have no security impact on the sensitive application.

Presentation
Our Offer
Supporting Tools
References
Download

Our TL SAT tool for fast and reliable Java Card™ application analysis;

The Test Manager of our TL CAT test execution environment - for exhaustive automated testing;

Robustness test suites for banking applications;

Robustness test suites for Java Card™ platform;

Suite of malicious applets for Java Card™ platform.

Presentation
Our Offer
Supporting Tools
References
Download

We have:

Evaluated the security of multi-application smart cards;

Evaluated the security of a mobile payment solution (NFC phone with EMV payment application);

Defined implementation guides and security policy (multi-application environment, mobile payment, mobile phone, and smart card applications);

Set up the MasterCard CAST certification scheme.

We respect our clients’ confidentiality and do not divulge their names.

Presentation
Our Offer
Supporting Tools
References
Download

Evaluation Laboratory flyer

Download

TL CAT Testing Tool flyer

Download

Evaluation Laboratory flyer

Download

TL CAT Testing Tool flyer

Download

Services & Tools

Security Consulting

State of the art
Risk Analysis
PCI PED
Mobile Services Security
FIPS
Common Criteria
CAST

Security & Compliance Evaluation
Tools
On-line catalog