Applying Common Criteria to a cloud type payment service
|
|
- Dinah Oliver
- 8 years ago
- Views:
Transcription
1 1 Applying Common Criteria to a cloud type payment service Kenji Yamaya ECSEC Laboratory Inc.
2 2 Evaluation of a cloud system Tablet internet cloud Newly developed terminal products Mobile POS Smart Phone POS TOE server TOE configuration defined in Security Target A cloud system we evaluated varies dynamically by terminals connected with. The configurable TOE is one reason to the difficulty in evaluating the cloud system.
3 3 Contents Thincacloud and its evaluation Idea for whole cloud evaluation Evaluation of terminals Evaluation of a server Evaluation of a whole cloud system Remaining issue Conclusion
4 4 Contents Thincacloud and its evaluation Idea of whole cloud evaluation Evaluation of terminals Evaluation of a server Evaluation of a whole system Remaining issue Conclusion
5 5 What is Thincacloud Thincacloud is a cloud system based on NFC solution. It is currently available and providing e- commerce payment service in Japan. No evaluation regarding whole cloud system evaluation including many kinds of terminals, so far.
6 6 What is Thincacloud Real payment Virtual payment By TV By Smart Phones In offices By Tablets
7 7 Thincacloud architecture IC Cards Certified Contactless Smart Card Terminals POS Server Thincacloud server program and HSM Secure Channel Secure transaction: Confidentiality and Integrity Certified Built-in IC chip Tablet Smart Phone TOE Authentication: card - terminal - server
8 8 Merit of Thincacloud architecture Main security functionality is the secure session. The developer forces the secure session on the just High-EAL IC and the server. Terminals only support the secure session. The developer decides that TOE in terminals is a program, and configurable parts (OS and hardware) are IT environments. Therefore, assurance will be continued regardless of terminals until the program is updated.
9 9 Evaluated Thincacloud TOE internet cloud TOE and HSM This TOE we have already evaluated is a small program in terminals and a program, and a HSM in a server. Merit : Assurance will be continued regardless of terminals until the program is updated.
10 10 How about a whole system? Tablet internet cloud SSL Mobile POS Smart Phone POS Security of Whole system? TOE server E-commerce sites Is my tablet secure to use Thincacloud payment? some users may think. Is my POS terminal secure? some shop owners may think. Is Thincacloud server secure? e-commerce site owners may think.
11 11 Contents Thincacloud and its evaluation Idea for whole cloud evaluation Evaluation of terminals Evaluation of a server Evaluation of a whole system Remaining issue Conclusion
12 12 Evaluation of terminals How does the stakeholders obtain security assurance of the entire terminal, instead of a program? Is the Point of interaction protection profile (POI-PP) available for evaluation of the entire terminal?
13 13 What is POI-PP POI-PP is a protection profile for the payment terminals, Version 2.0 certified by ANSSI on The target products are payment terminals with the smart card based transaction capability. POI-OPTION configuration: TOE provides protection for smart card based transaction, payment transaction data management and external communication facilities.
14 14 POI-OPTION configuration Application Application Application Application Application Acquirer System Communication Services POI Application Logic (PAL) Security Services Application Separation Terminal Management VPN Network IC Card R/W CHV Device PIN Mag-Stripe R/W TOE of POI-OPTION
15 15 NFC configuration Application Application Application Application Application Acquirer System Communication Services VPN Network POI Application Logic (PAL) Security Services Application Separation Terminal Management IC Card R/W TOE on NFC system CHV Device TOE of POI-OPTION Mag-Stripe R/W TOE on NFC system is similar to one of POI-OPTION, which indicates that POI-PP could be applied to cloud system based on NFC.
16 16 TSF structures POI-OPTION NFC terminal Middle TSF PED control PED Middle TSF PIN Entry PIN Encrypted Key PIN Entry Function Middle TSF Terminal Management and Payment transaction POI Management Payment transaction Middle TSF TSF based on NFC could be covered with POI-OPTION without PIN entry.
17 17 Contents Thincacloud and its evaluation Idea for whole cloud evaluation Evaluation of terminals Evaluation of a server Evaluation of a whole system Remaining issue Conclusion
18 18 Evaluation of a server How the stakeholders obtain security assurance of total server instead of component only. E-commerce sites TOE E-money1 Server SSL HSM SSL SSL APL logic Log Secure environment
19 19 Evaluation of a server How the stakeholders obtain security assurance of total server scheme instead of component only. Physical scope of the server-side TOE is total server including databases, HSMs, SSL accelerators, Web servers and so on. Assurance continuity can be applied to the total server scheme, even when components are upgraded.
20 20 Contents Thincacloud and its evaluation Idea for whole cloud evaluation Evaluation of terminals Evaluation of a server Evaluation of a whole system Remaining issue Conclusion
21 21 Evaluation of a whole system internet Tablet New terminal products Mobile POS Smart Phone POS TOE server TOE Fixed configuration defined Security target The client TOE runs well on the newly-developed terminals. Rapid assurance continuity is useful for whole system evaluation.
22 22 Evaluation of a whole system Security target describes the newly-developed terminal as a part of TOE. Evaluation of the newly-developed terminal is required. From whole system point of view, evaluation of terminal means partial evaluation. Then assurance continuity for the TOE is maintained and available for evaluation.
23 23 Contents Thincacloud and its evaluation Idea for whole cloud evaluation Evaluation of terminals Evaluation of server Evaluation of whole system Remaining issue Conclusion
24 24 Remaining issue The e-commerce site is out of the scope of TOE. It is regarded as a user for the TOE. However, the card holder may require it is secure. We need to consider how we assure the e- commerce site is secure enough.
25 25 Contents Thincacloud and its evaluation Idea for whole cloud evaluation Evaluation of terminals Evaluation of a server Evaluation of a whole system Remaining issue Conclusion
26 26 Conclusion Idea of assurance for the whole cloud system including terminals. Terminals: terminals are evaluated and applied for assurance continuity. Developing subset of POI-PP TOE might be applicable. Server: Total server scheme as TOE is suitable for evaluation, NOT component base. Whole system: Rapid assurance continuity could be useful depends on component's life cycle.
27 27 Thank you ECSEC Laboratory Inc. 3-21, Kanda-Nishikicho, Chiyoda-ku Tokyo, Japan TEL: FAX: Evaluation of software / hardware IT Products by ISO/IEC15408 Testing of cryptographic module and algorithm implementation by FIPS and JIS X (ISO/IEC 19790)
Mobile Payments in the Cloud
Mobile Payments in the Cloud Peter Landrock - patents pending Mobile / Digital Cloud Wallets Opportunity & Challenge in the Market EMV / Payments MOBILE CLOUD Immediate Benefits Decrease Fraud Decrease
More informationLecture 26 Enterprise Internet Computing 1. Enterprise computing 2. Enterprise Internet computing 3. Natures of enterprise computing 4.
Lecture 26 Enterprise Internet Computing 1. Enterprise computing 2. Enterprise Internet computing 3. Natures of enterprise computing 4. Platforms High end solutions Microsoft.Net Java technology 1 Enterprise
More informationMobile Wallet Platform. Next generation mobile wallet solution
Mobile Wallet Platform Next generation mobile wallet solution Introduction to mwallet / Mobile Wallet Mobile Wallet Account is just like a Bank Account User s money lies with the Mobile Wallet Operator
More informationMPOS: RISK AND SECURITY
MPOS: RISK AND SECURITY 2 Evolution of Payment Acceptance Consumers want to get the best deal with the minimum pain Sellers want to ensure they never turn down a sale and maximise consumer loyalty 3 Evolution
More informationEntrust Managed Services PKI. Getting an end-user Entrust certificate using Entrust Authority Administration Services. Document issue: 2.
Entrust Managed Services PKI Getting an end-user Entrust certificate using Entrust Authority Administration Services Document issue: 2.0 Date of issue: June 2009 Revision information Table 1: Revisions
More informationPrivyLink Cryptographic Key Server *
WHITE PAPER PrivyLink Cryptographic Key * Tamper Resistant Protection of Key Information Assets for Preserving and Delivering End-to-End Trust and Values in e-businesses September 2003 E-commerce technology
More informationVICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui
VICTORIA UNIVERSITY OF WELLINGTON Te Whare Wānanga o te Ūpoko o te Ika a Māui School of Engineering and Computer Science Te Kura Mātai Pūkaha, Pūrorohiko PO Box 600 Wellington New Zealand Tel: +64 4 463
More informationm Commerce Working Group
m-powering Development Initiative Advisory Board second meeting Geneva, 23 rd of May 2014 m Commerce Working Group M-Commerce structure 2 Definitions Mobile Device m-commerce MFS m-marketing m-banking
More informationEmbedded Java & Secure Element for high security in IoT systems
Embedded Java & Secure Element for high security in IoT systems JavaOne - September 2014 Anne-Laure SIXOU - ST Thierry BOUSQUET - ST Frédéric VAUTE - Oracle Speakers 2 Anne-Laure SIXOU Smartgrid Product
More informationCertification Report
Certification Report HP Network Automation Ultimate Edition 10.10 Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government
More informationTable of Contents. Introduction. Audience. At Course Completion
Table of Contents Introduction Audience At Course Completion Prerequisites Microsoft Certified Professional Exams Student Materials Course Outline Introduction This three-day instructor-led course provides
More informationCertification Report
Certification Report HP Universal CMDB and Universal Discovery v10.21 Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification Scheme Government
More informationThe EMV Readiness. Collis America. Guy Berg President, Collis America berg@collisamerica.com +1 651 925 5411
The EMV Readiness Collis America Guy Berg President, Collis America berg@collisamerica.com +1 651 925 5411 1 Collis Solutions & Markets Finance Consultancy Card Payments SEPA Financial Risk Mgmt Test Tools
More informationStrong data protection. Strategic business value. www.thales-esecurity.com
Someone is stalking your sensitive data. Coveting your intellectual property. Waiting for the slightest crack in the window of opportunity to hack it, misuse it, and run. How can you best protect and control
More informationUnderstanding the Role of Hardware Data Encryption in EMV and P2PE from the CEO s Perspective
Understanding the Role of Hardware Data Encryption in EMV and P2PE from the CEO s Perspective Futurex. An Innovative Leader in Encryption Solutions. For over 30 years, more than 15,000 customers worldwide
More informationPrivateServer HSM Integration with Microsoft IIS
PrivateServer HSM Integration with Microsoft IIS January 2014 Document Version 1.1 Notice The information provided in this document is the sole property of Algorithmic Research Ltd. No part of this document
More informationSecure your Privacy. www.jrsys.com.tw. jrsys, Inc. All rights reserved.
Secure your Privacy www.jrsys.com.tw CNN 2013/7/16 8:25PM Man Middle In The I got your ID/Password! Mobile Secure Secure sensitive access data Random Login Web Authentication One Secure Time Channel Password
More informationCertification Report
Certification Report EAL 4 Evaluation of SecureDoc Disk Encryption Version 4.3C Issued by: Communications Security Establishment Certification Body Canadian Common Criteria Evaluation and Certification
More informationVisa Inc. PIN Entry Device Requirements
Visa Inc. PIN Entry Device Requirements The following information is applicable for Visa Inc. regions. Visa Inc. regions include Asia-Pacific (AP); Central and Eastern Europe, Middle East and Africa (CEMEA);
More informationHardware Security Modules for Protecting Embedded Systems
Hardware Security Modules for Protecting Embedded Systems Marko Wolf, ESCRYPT GmbH Embedded Security, Munich, Germany André Weimerskirch, ESCRYPT Inc. Embedded Security, Ann Arbor, USA 1 Introduction &
More informationEntrust IdentityGuard Comprehensive
Entrust IdentityGuard Comprehensive Entrust IdentityGuard Comprehensive is a five-day, hands-on overview of Entrust Course participants will gain experience planning, installing and configuring Entrust
More informationCertification Report
Certification Report EAL 4+ Evaluation of BlackBerry Enterprise Server version 5.0.0 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification
More informationAre You Ready For PCI v 3.0. Speaker: Corbin DelCarlo Institution: McGladrey LLP Date: October 6, 2014
Are You Ready For PCI v 3.0 Speaker: Corbin DelCarlo Institution: McGladrey LLP Date: October 6, 2014 Today s Presenter Corbin Del Carlo QSA, PA QSA Director, National Leader PCI Services Practice 847.413.6319
More informationEMV mobile Point of Sale (mpos) Initial Considerations
EMV mobile Point of Sale EMV mobile Point of Sale (mpos) Initial Considerations Version 1.1 June 2014 2014 EMVCo, LLC ( EMVCo ). All rights reserved. Any and all uses of the EMV Specifications ( Materials
More informationTHE APPEAL FOR CONTACTLESS PAYMENT 3 AVAILABLE CONTACTLESS TECHNOLOGIES 3 USING ISO 14443 BASED TECHNOLOGY FOR PAYMENT 4
CONTACTLESS THE APPEAL FOR CONTACTLESS 3 AVAILABLE CONTACTLESS TECHNOLOGIES 3 USING ISO 14443 BASED TECHNOLOGY FOR 4 DESIGNING AN EMV LIKE CONTACTLESS SYSTEM 5 INGENICO, LEADER IN CONTACTLESS TECHNOLOGY
More informationCertification Report
Certification Report EAL 4+ Evaluation of Entrust Authority Security Manager and Security Manager Administration v8.1 SP1 Issued by: Communications Security Establishment Canada Certification Body Canadian
More informationAlliance Key Manager Cloud HSM Frequently Asked Questions
Key Management Alliance Key Manager Cloud HSM Frequently Asked Questions FAQ INDEX This document contains a collection of the answers to the most common questions people ask about Alliance Key Manager
More informationAadhaar. Security Policy & Framework for UIDAI Authentication. Version 1.0. Unique Identification Authority of India (UIDAI)
Aadhaar Security Policy & Framework for UIDAI Authentication Version 1.0 Unique Identification Authority of India (UIDAI) Table of Contents ACRONYMS AND TERMS... 3 1. INTRODUCTION... 4 2. SECURITY CONSIDERATION...
More informationChapter 1: Introduction
Chapter 1 Introduction 1 Chapter 1: Introduction 1.1 Inspiration Cloud Computing Inspired by the cloud computing characteristics like pay per use, rapid elasticity, scalable, on demand self service, secure
More informationSSL ACCELERATION DEPLOYMENT STRATEGIES FOR ENTERPRISE SECURITY
SSL ACCELERATION DEPLOYMENT STRATEGIES FOR ENTERPRISE SECURITY Introduction OPTIMIZING SSL DEPLOYMENT On-demand business breaks down the traditional network perimeter, creating interconnected systems between
More informationCoSign by ARX for PIV Cards
The Digital Signature Company CoSign by ARX for PIV Cards Seamless and affordable digital signature processes across FIPS 201-compliant systems Introduction to Personal Identity Verification (PIV) In response
More informationPSN compliant remote access Whitepaper
PSN compliant remote access Whitepaper March 2015 www.celestix.com/directaccess DirectAccess and IPsec connectivity in the public sector Mobile working in the public sector is nothing new but in recent
More informationImplementation Guide
Implementation Guide PayLINK Implementation Guide Version 2.1.252 Released September 17, 2013 Copyright 2011-2013, BridgePay Network Solutions, Inc. All rights reserved. The information contained herein
More informationIntel Enhanced Data Security Assessment Form
Intel Enhanced Data Security Assessment Form Supplier Name: Address: Respondent Name & Role: Signature of responsible party: Role: By placing my name in the box above I am acknowledging that I am authorized
More informationCertification Report
Certification Report McAfee Network Security Platform v7.1 (M-series sensors) Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification
More informationCertification Report
Certification Report EAL 4+ Evaluation of ncipher nshield Family of Hardware Security Modules Firmware Version 2.33.60 Issued by: Communications Security Establishment Canada Certification Body Canadian
More informationSecure Mobile POS System
A point of sale application for secure financial transitions in a mobile business enviroment KAZI MASUM SADIQUE KTH Information and Communication Technology Master of Science Thesis Stockholm, Sweden 2013
More informationHow To Evaluate Watchguard And Fireware V11.5.1
Certification Report EAL 4+ Evaluation of WatchGuard and Fireware XTM Operating System v11.5.1 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation
More informationCertification Report
Certification Report EAL 4+ Evaluation of Netezza Performance Server v4.6.5 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and Certification
More informationCertification Report
Certification Report EAL 2 Evaluation of with Gateway and Key Management v2.9 running on Fedora Core 6 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria
More informationMobility, Security and Trusted Identities: It s Right In The Palm of Your Hands. Ian Wills Country Manager, Entrust Datacard
Mobility, Security and Trusted Identities: It s Right In The Palm of Your Hands Ian Wills Country Manager, Entrust Datacard WHO IS ENTRUST DATACARD? 2 Entrust DataCard Datacard Corporation. Corporation.
More informationWhite Paper How Noah Mobile uses Microsoft Azure Core Services
NoahMobile Documentation White Paper How Noah Mobile uses Microsoft Azure Core Services The Noah Mobile Cloud service is built for the Microsoft Azure platform. The solutions that are part of the Noah
More informationIntroduction to Cyber Security / Information Security
Introduction to Cyber Security / Information Security Syllabus for Introduction to Cyber Security / Information Security program * for students of University of Pune is given below. The program will be
More informationStore Logistics and Payment with Near Field Communication
with www.stolpan.com Store Logistics and Payment with Near Field Communication Hagenberg, Hagenberg, March March 20. 2007 20. 2007. Dr. László Kutor, Dr. BMF László Kutor, BMF 19/1 StoLPaN Project Summary
More informationPayment Card Industry (PCI) PIN Security. Requirements and Testing Procedures. Version 2.0. December 2014
Payment Card Industry (PCI) PIN Security Requirements and Version 2.0 December 2014 Document Changes Date Version Description October 2011 1.0 Initial release of PCI December 2014 2.0 Initial release of
More informationThales e-security Key Isolation for Enterprises and Managed Service Providers
Thales e-security Key Isolation for Enterprises and Managed Service Providers Technical White Paper May 2015 Contents 1. Introduction 1. Introduction... 2 2. Business Models.... 3 3. Security World...
More informationCards and e-commerce payments in Macedonia. Ohrid June 2012
Cards and e-commerce payments in Macedonia Ohrid June 212 Payment cards in Macedonia All 16 banks work with payment cards, from which15are members of international card schemes (Visa/MasterCard/American
More informationBuilding Trust in a Digital World. Brian Phelps, BSc CISSP Director of Advanced Solutions Group EMEA Thales UK, Ltd.
Building Trust in a Digital World Brian Phelps, BSc CISSP Director of Advanced Solutions Group EMEA Thales UK, Ltd. 2 Global incidents Equivalent of 117,339 incoming attacks per day, everyday Total number
More informationCertification Report
Certification Report EAL 2+ Evaluation of McAfee Email and Web Security Appliance Version 5.5 Patch 2 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria
More informationCitrix MetaFrame XP Security Standards and Deployment Scenarios
Citrix MetaFrame XP Security Standards and Deployment Scenarios Including Common Criteria Information MetaFrame XP Server for Windows with Feature Release 3 Citrix Systems, Inc. Information in this document
More informationAndroid pay. Frequently asked questions
Android pay Frequently asked questions June 2015 Android Pay - FAQs In May 2015, Android Pay was announced by Google. Android Pay is Google s payments solution that allows consumers to do in-store and
More informationWhite Paper Solutions For Hospitality
White Paper Solutions For Hospitality Foreword Addressing the complexity of a hospitality ecosystem as varied as the front desk to the parking garage, to the restaurant, the website, and the call center,
More informationElectronic Signature: Conform to the CC Anytime, Anywhere, with any Device September 20, 2012
Electronic Signature: Conform to the CC Anytime, Anywhere, with any Device September 20, 2012 DICTAO 152, avenue Malakoff 75116 PARIS, France Tel. : +33 (0)1 73 00 26 10 Internet : www.dictao.com Agenda
More informationThe Internet Corporation for Assigned Names and Numbers (ICANN)
The Internet Corporation for Assigned Names and Numbers (ICANN) Root Zone Key Signing Key System SysTrust Report based on the Trust Services Principles of Availability, Security and Processing Integrity
More informationEfficient Key Management for Oracle Database 11g Release 2 Using Hardware Security Modules
Efficient Key Management for Oracle Database 11g Release 2 Using Hardware Security Modules WHITE PAPER Thales e-security www.thalesesec.com/oracle TABLE OF CONTENT Introduction...3 Oracle Database 11g
More informationENCRYPTION KEY MANAGEMENT SIMPLIFIED A BEGINNER S GUIDE TO ENCRYPTION KEY MANAGEMENT
ENCRYPTION KEY MANAGEMENT SIMPLIFIED A BEGINNER S GUIDE TO ENCRYPTION KEY MANAGEMENT IS THIS ebook RIGHT FOR ME? Not sure if this is the right ebook for you? Check the following qualifications to make
More informationSmart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi
Smart Card- An Alternative to Password Authentication By Ahmad Ismadi Yazid B. Sukaimi Purpose This paper is intended to describe the benefits of smart card implementation and it combination with Public
More informationTax Control and Security of M-Commerce in 3G Environments. ZheJiang WanLi University pantiejunmail@126.com
Tax Control and Security of M-Commerce in 3G Environments PAN Tie-Jun, ZHENG Lei-na, BAI Lingbing ZheJiang WanLi University pantiejunmail@126.com Abstract This paper seeks to integrate different impressive
More informationWE MAKE SECURITY WORK
WE MAKE SECURITY WORK Identity Management in action isecure Product family Introduction Infrasec Sweden AB was founded in 2002. Since our start, we have focused on in-house developed security products
More informationMeet The Family. Payment Security Standards
Meet The Family Payment Security Standards Meet The Family Payment Security Standards Payment Processing Electronic payments are increasingly becoming part of our everyday lives. For most people, it can
More informationRSA Digital Certificate Solution
RSA Digital Certificate Solution Create and strengthen layered security Trust is a vital component of modern computing, whether it is between users, devices or applications in today s organizations, strong
More informationFIME SECURITY OFFER. PCI PTS POI security evaluation process
FIME SECURITY OFFER PCI PTS POI security evaluation process ABOUT FIME Your partner in your project Global reach Unique portfolio tailored to your needs Independent third party 350 people over 1,000 customers
More informationSAFE SYSTEM: SECURE APPLICATIONS FOR FINANCIAL ENVIRONMENTS USING MOBILE PHONES
SAFE SYSTEM: SECURE APPLICATIONS FOR FINANCIAL ENVIRONMENTS USING MOBILE PHONES Sead Muftic 1, Feng Zhang 1 1Department of Computer and System Sciences, Royal Institute of Technology, Stockholm, Sweden
More informationStronger(Security(and( Mobile'Payments'! Dramatically*Faster!and$ Cheaper'to'Implement"
!!!! Stronger(Security(and( Mobile'Payments'! Dramatically*Faster!and$ Cheaper'to'Implement" Here$is$a$simple,$cost$effective$way$to$achieve$transaction$security$for$ mobile$payments$that$allows$easy$and$secure$provisioning$of$cards.$
More informationPayment Card Industry (PCI) Point-to-Point Encryption
Payment Card Industry (PCI) Point-to-Point Encryption Solution Requirements and : Encryption, Decryption, and Key Management within Secure Cryptographic Devices (Hardware/Hardware) Version 1.1.1 July 2013
More informationmpos Secure Mobile Card Acceptance
www.thales-esecurity.com Thales e-security mpos Secure Mobile Card Acceptance More cards, more volume, less cash White Paper November 2013 mpos: Secure Mobile Card Acceptance Contents Scope and Target
More informationMobile Payment Ecosystem ITI
Mobile Payment Ecosystem ITI Mar 2014 By: Mostafa Elnahhas Chief Architect & Senior Manager Fawry Agenda Mobile Payment Opportunities Mobile Payment Ecosystem Supporting Infrastructure Worldwide Mobile
More informationCertification Report
Certification Report EAL 3+ Evaluation of Extreme Networks ExtremeXOS Network Operating System v12.3.6.2 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria
More informatione-authentication guidelines for esign- Online Electronic Signature Service
e-authentication guidelines for esign- Online Electronic Signature Service Version 1.0 June 2015 Controller of Certifying Authorities Department of Electronics and Information Technology Ministry of Communications
More informationEncryption Key Management for Microsoft SQL Server 2008/2014
White Paper 0x8c1a3291 0x56de5791 0x450a0ad2 axd8c447ae 8820572 0x5f8a153d 0x19df c2fe97 0xd61b5228 0xf32 4856 0x3fe63453 0xa3bdff82 0x30e571cf 0x36e0045b 0xad22db6a 0x100daa87 0x48df 0x5ef8189b 0x255ba12
More informationCertification Report
Certification Report EAL 4 Evaluation of Desktop: Enterprise Whole Disk Encryption Only Edition, Version 9.10.0 Issued by: Communications Security Establishment Certification Body Canadian Common Criteria
More informationPayment Transactions Security & Enforcement
Payment Transactions Security & Enforcement A REPORT FROM NEWNET COMMUNICATION TECHNOLOGIES, LLC Copyright NewNet Communication Technologies, LLC. 700 East Butterfield Road, Suite 350, Lombard, IL 60148
More informationEFT solution NOMAD. NOMAD (BankservAfrica) INFORMATION
NOMAD EFT solution NOMAD (BankservAfrica) INFORMATION Nomad is an electronic payment system for credit cards, smart cards, debit cards and private label cards - enabling a merchant s point of sale (POS)
More informationC033 Certification Report
C033 Certification Report Mobile Billing System File name: Version: v1a Date of document: 15 June 2011 Document classification: For general inquiry about us or our services, please email: mycc@cybersecurity.my
More informationTroux Hosting Options
Troux Hosting Options Introducing Troux Hosting Options Benefits of a Hosted Troux Environment...3 Convenience...3 Time-to-Value...3 Reduced Cost of Ownership...3 Scalability and Flexibility...3 Security...4
More informationCertification Report
Certification Report EAL 2+ Evaluation of Symantec Endpoint Protection Version 12.1.2 Issued by: Communications Security Establishment Canada Certification Body Canadian Common Criteria Evaluation and
More informationWhat is a Smart Card?
An Introduction to Smart Cards and RFIDs Prof. Keith E. Mayes Keith.Mayes@rhul.ac.uk Director of the ISG - Smart Card Centre www.scc.rhul.ac.uk Learning Objectives (MSc MSc) Identify the various types
More informationCloud POS Banking. Value Services
Cloud POS Banking Value Services ElectronicPayment System What is Cloud POS Banking?? It is a product developed by Custos Mobile and supported by Informática El Corte Inglés Informática El Corte Inglés
More informationINFORMATION TECHNOLOGY SECURITY: PORTFOLIO OVERVIEW
Summary Purpose Business Value Product Type Technical function/certifications Product Family Name 1 General purpose Hardware Security Modules (HSMs) To securely protect cryptographic keys wherever they
More informationPCI DSS FAQ. The twelve requirements of the PCI DSS are defined as follows:
What is PCI DSS? PCI DSS is an acronym for Payment Card Industry Data Security Standards. PCI DSS is a global initiative intent on securing credit and banking transactions by merchants & service providers
More informationMIGRATION TO SECURE PAYMENT
MIGRATION TO SECURE PAYMENT Welcome PPC Card Systems B.V Reasons for migration Prevent fraudulous payments Upgrade of the payment system Better up-time of terminals Introduction of value added features
More informationEPASSPORT WITH BASIC ACCESS CONTROL AND ACTIVE AUTHENTICATION
COMMON CRITERIA PROTECTION PROFILE EPASSPORT WITH BASIC ACCESS CONTROL AND ACTIVE AUTHENTICATION Draft Version 1.0 TURKISH STANDARDS INSTITUTION TABLE OF CONTENTS Common Criteria Protection Profile...
More informationbi on Solution white paper
bi on Solution white paper Billon Solution Overview Despite concerted efforts for years, cash has not yet been eliminated. Mostly because not everyone has a bank account and debit card - an estimated 2.5
More informationThe Virtual Digital Forensics Lab: Expanding Law Enforcement Capabilities
Briefing Paper The Virtual Digital Forensics Lab: Expanding Law Enforcement Capabilities Sean A. Ensz University of Oklahoma 200 Felgar Street, Norman, Oklahoma 73019 405.325.3954 Office 405.325.1633 Fax
More informationKey & Data Storage on Mobile Devices
Key & Data Storage on Mobile Devices Advanced Computer Networks 2015/2016 Johannes Feichtner johannes.feichtner@iaik.tugraz.at Outline Why is this topic so delicate? Keys & Key Management High-Level Cryptography
More informationAlliance Key Manager Solution Brief
Alliance Key Manager Solution Brief KEY MANAGEMENT Enterprise Encryption Key Management On the road to protecting sensitive data assets, data encryption remains one of the most difficult goals. A major
More informationAPPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST
APPENDIX G ASP/SaaS SECURITY ASSESSMENT CHECKLIST Application Name: Vendor Name: Briefly describe the purpose of the application. Include an overview of the application architecture, and identify the data
More informationOFFICIAL SECURITY CHARACTERISTIC MOBILE DEVICE MANAGEMENT
SECURITY CHARACTERISTIC MOBILE DEVICE MANAGEMENT Version 1.3 Crown Copyright 2015 All Rights Reserved 49358431 Page 1 of 12 About this document This document describes the features, testing and deployment
More informationCommon Criteria Security Target
Common Criteria Security Target for Citrix XenDesktop 5.6 Platinum edition Version 1-1 16 November 2012 2012 Citrix Systems, Inc. All rights reserved Summary of Amendments Version Date Notes 1-1 16 November
More informationData Protection and Mobile Payments. Jose Diaz - Business Development & Technical Alliances Ted Heiman Key Account Manager Thales e-security
Data Protection and Mobile Payments Jose Diaz - Business Development & Technical Alliances Ted Heiman Key Account Manager Thales e-security 2 Today s reality It s a data-centric world. And the data is
More informationJoint Interpretation Library
for smart cards and similar devices Document purpose: provide requirements to developers and guidance to evaluators to fulfill the Security Architecture requirements of CC V3 ADV_ARC family. Version 2.0
More informationEMV-TT. Now available on Android. White Paper by
EMV-TT A virtualised payment system with the following benefits: MNO and TSM independence Full EMV terminal and backend compliance Scheme agnostic (MasterCard and VISA supported) Supports transactions
More informationIntegration Guide. CyberArk Microsoft Windows
Integration Guide CyberArk Microsoft Windows Integration Guide: CyberArk Imprint copyright 2014 Utimaco IS GmbH Germanusstrasse 4 D-52080 Aachen Germany phone +49 (0)241 / 1696-200 fax +49 (0)241 / 1696-199
More informationOverview of Luna High Availability and Load Balancing
SafeNet HSM TECHNICAL NOTE Overview of Luna High Availability and Load Balancing Contents Introduction... 2 Overview... 2 High Availability... 3 Load Balancing... 4 Failover... 5 Recovery... 5 Standby
More informationInnovation in payments an overview
Innovation in payments an overview Surveying the Scene In developed countries, payments networks are mostly fit for purpose. However, concerns are emerging of persistently high costs and chip and security
More informationAdvanced Authentication
White Paper Advanced Authentication Introduction In this paper: Introduction 1 User Authentication 2 Device Authentication 3 Message Authentication 4 Advanced Authentication 5 Advanced Authentication is
More informationAn Open Source eid Simulator Open Identity Summit 9th -11th September 2013
An Open Source eid Simulator Open Identity Summit 9th -11th September 2013 BSI Tobias Senger HJP Consulting Holger Funke Agenda Requirements of BSI Current state Simulator Virtual Smart Card Reader Community
More informationSecure SSL, Fast SSL
Citrix NetScaler and Thales nshield work together to protect encryption keys and accelerate SSL traffic With growing use of cloud-based, virtual, and multi-tenant services, customers want to utilize virtual
More informationEESTEL. Association of European Experts in E-Transactions Systems. Apple iphone 6, Apple Pay, What else? EESTEL White Paper.
EESTEL White Paper October 29, 2014 Apple iphone 6, Apple Pay, What else? On 2014, September 9 th, Apple has launched three major products: iphone 6, Apple Watch and Apple Pay. On October 17 th, Apple
More information