The payment card industry needs to comply with a wide range of security standards, regulations and requirements. We are approved by the Payment Card Industry (PCI) Security Standards Council (SSC) to perform evaluations for:
- PIN Transaction Security (PTS)
- Software-based Payment on COTS (SPoC)
- Contactless Payments on COTS (CPoC) Mobile Payments on Commercial-off-the-Shelf devices (MPoC)
- Software Development Kits (SDKs)
PCI MPoC
PCI MPoC is set to become the benchmark for certification of software point of sale (SoftPOS) solutions. MPoC does not require any specialized hardware (like a card reader) and allows acceptance of payments on any mobile commercial-off-the-shelf device. As a result, MPoC shifts the focus from hardware device security to mobile application security.
PCI PTS
As the market leader in PCI PTS approvals, we have completed more than 500 PCI-PTS security evaluations that converted into new product approvals. PIN Transaction Security (PTS) devices enable merchants to perform secure EMV-based payment transactions, offering the highest level of protection against unauthorized data compromise. The most recent version of the PCI PTS Point of Interaction (POI) standard is 6.x and was released in January 2023.
PCI SPoC
PCI SPoC enables merchants to accept true EMV-based transactions, both contact and contactless, with the option of PIN entry on COTS devices such as smartphones and tablets. We evaluate all components of the solution, including back-office operational controls and processes to maintain the security of deployed implementations.
PCI CPoC
The PCI CPoC standard provides security and test requirements for payment solutions that enable EMV-based contactless payment acceptance on merchant mobile devices (such as smartphones and tablets) using near-field communication (NFC)
PCI 3DS SDKs
3DS SDKs are embedded into a merchant's mobile applications to facilitate cardholder authentication. 3D Secure (3DS) prevents fraud in credit and debit card transactions that take place online. We can provide demo applications with the SDK for both Android and iOS. Both will communicate with a test server and show how it fits into a mobile application project.
Why choose PCI security evaluation services from SGS?
With a proven track record in software-based security evaluations, we help you with mPOS, Host Card Emulation (HCE) and Trusted Execution Environment (TEE) solutions. We offer comprehensive evaluation related services, supporting developers during all phases of solution development and related certification.
Why SGS?
We are the world’s leading provider of testing, inspection and certification services to the cybersecurity industry, providing CC evaluations to NSCIB requirements. We are recognized as the global benchmark for quality and integrity. Accredited by Common Criteria (CC), EMVCo, SESIP, PSA Certified, MasterCard, PCI, Visa, American Express, and numerous national schemes, we boast the highest number of CC accreditations globally. As the largest security evaluation laboratory with more than 10 locations across the globe, we execute over 700 projects annually for hundreds of clients worldwide.
To discuss your PCI security evaluation requirements, contact us today.
