Terminals

Comprehensive Evaluation

Most terminal evaluations concentrate on the physical aspect: the electronic components.

Trusted Labs goes much further. We see the terminal as a link in a communication chain - and use our expertise in embedded software security to test the interfaces.

Common Criteria Expertise

Trusted Labs helps companies obtain Common Criteria certification.

We expect to become an ITSEF soon (known as "CESTI" in France) - an accredited evaluator for ANSSI, the French Agency for Information Systems Security (formerly known as DCSSI).

We also evaluate for CSPN (Certification de Sécurité de Premier Niveau). These are black box evaluations - they are shorter (20 days) and less expensive than Common Criteria certificates.

Risk Analysis

Trusted Labs performs complete risk analyses. We

• Identify assets and their threats;

• Define your security requirements.

Security Assessment

Trusted Labs assesses both the physical and the software security of:

• terminals and other security devices;

• applications for mobile devices.

• Evaluated the security of a mobile payment solution for MasterCard (NFC phone with EMV payment application).

  Performed security audits of Java and native applications for mobile phones, for SFR.

• Defined security policy and wrote implementation guides for multi-application environments, mobile payment, and mobile phone and smart card applications. Clients include: MasterCard, SFR, and pay TV operators.

• Set up a certification scheme for mobile applications for SFR.

• Evaluated the security of terminal and device (such as PCI PED) architectures.