Brightsight completed a pilot evaluation for European Payment Terminal Approval

published on December 9, 2014

Brightsight is proud to announce that it successfully completed the OSeC/JTEMS Common Criteria pilot with a certificate from the Dutch Common Criteria Scheme. This pilot is one of four pilots that are exercised under the new payment terminal certification scheme for European banks. The pilot is setup by a combination of European Common Criteria Schemes and Approval Bodies of European Banks.

In the pilot Brightsight evaluated the VeriFone Mx915 & Mx925 payment terminal. This terminal has a Linux-based OS and supports NFC/Contactless. The security requirements of this evaluation are defined in the Point of Interaction (POI) Protection Profile, developed by Joint Interpretation Library Terminal Evaluation Subgroup (JTEMS). The Protection Profile includes the Payment Card Industry PIN Entry Device security requirements and the European banks Common Approval Scheme (CAS) security requirements.

Please contact info@brightsight.com for more information (considering the number of accronyms and organisations involved we can imagine you may have questions).

Another outcome of this pilot is that the Dutch Common Criteria Scheme is qualified for “HW Devices with Security Boxes” for EAL1 to EAL7 within the SOGIS agreement. This means that the results of Brightsight’s Common Criteria evaluations are accepted by all European countries that participate in the SOGIS.

The POI Protection Profile is required for the UK market and accepted by other European Banking Approval Bodies. As the Protection Profile is based on PCI PIN Transaction Security (PTS) Devices requirements, Brightsight can combine evaluations leading to multiple approvals.

News

Brightsight Barcelona officially approved to perform EMVCo security evaluations

published on 2017.10.11

News

Neural Networks used in security evaluations – Newsletter September 2017

published on 2017.09.05

News

“Are you who you say you are?” – Newsletter August 2017

published on 2017.08.03

News

Change in management of Brightsight

published on 2017.07.31

News