Skip to content

EMVCo – discovered, explained

EMVCo

Tested security in electronic payment transactions

Components used in electronic payment transactions must fulfil the EMVCo security standards and those of the German banking industry. TÜVIT's IT security laboratory has been evaluating chips, applications, chip cards or smart cards and the associated operating systems for the banking sector for over twenty years and prepares security reports.

What is EMVCo?

Interoperability and acceptance of secure payment processes

The primary goal of EMVCo, an organisation of the six members American Express, Discover, JCB, MasterCard, UnionPay and Visa, is to ensure the interoperability and acceptance of secure, chip card-based electronic payment systems and to ensure compliance with EMV specifications.

The German Banking Industry Association represents the interests of the five leading banking industry associations in Germany. It defines the security standards that must be met for the authorisation of debit or credit cards, electronic cash and point of sale terminals and the associated network infrastructure.

Accredited security assessor

TÜVIT is accredited as a security assessor by EMVCo, its members and the German Banking Industry. Our IT security experts test the security of the underlying hardware, the platform (hardware including operating system) and the entire application for use in electronic payment transactions. The scope of testing includes products for payment via contact, contactless or mobile channels (e.g. NFC). The aim is to confirm fulfilment of the requirements of the national and international banking industry through tests with a final expert opinion. Our evaluation services are primarily aimed at manufacturers and developers of components (hardware and software products) in electronic payment transactions and their operators.

Our services at a glance

  • Security evaluations of chips, platforms (hardware incl. operating system), payment applications on smart cards
  • Security evaluations of mobile-based payment applications (incl. white-box cryptography)
  • Checking conformity with the relevant security guidelines of the payment industry (EMVCo, American Express, Discover, MasterCard, Visa, German Banking Industry)
  • Analysing the source code and penetration tests
  • On-site audit of development and production sites
  • Preparation of a security report

We will support you – no matter what

Get started at last!

We advise you


TÜV NORD IT Secure Communication I Berlin
Goal achieved?

We check it


TÜV Information Technology I Essen

Your benefits at a glance

Product or type approvals

You can use the safety certificates to apply for product or type approvals from the German Banking Industry or EMVCo or its members.

Optimum protection

Your critical assets are optimally protected: We use the strongest attack methods currently available on the market.

Expertise

Ideally positioned for you: Our IT security experts have excellent expertise. TÜVIT has all the necessary accreditations

Experience & expertise

You can rely on a partner who has been successfully realising such projects for over twenty years.