Transaction Security Evaluation Services

Overview

Transaction security regulators require a high level of confidence in the security examination and testing of a product. At UL, we assess the security of our customers' payment transaction products and services by determining that they conform to the latest security industry best practices.

We also offer encryption key management and cryptography consulting services as well as compliance evaluation, consultancy and training in the PCI Data Security Standard (PCI DSS), PCI PIN Security and PCI Payment Application Data Security Standard (PA DSS).

Definition

UL tests transaction payment products for conformance to requirements, including EMVCo and GlobalPlatform for payment cards and mobile handsets. We offer PCI PTS tests for payment terminals and PCI DSS for payment systems. We also conduct code security analysis and penetration testing for mobile secure elements such as SD cards, Common Criteria specification verification and NIST FIPS compliance tests.

Benefits

Our transaction security experts advise customers on the latest security threats and industry requirements. Our team includes experts in all areas of security such as cryptography, JavaCard, GlobalPlatform, software, microelectronics, radio frequency and laser. Our experts actively contribute to security working groups such as JHAS, JTEMS and ISCI-WG1, enabling our team to advise customers on emerging threats and the latest security requirements.

Companies can leverage UL’s deep understanding of payment industry regulations in order to efficiently move a product through the approval process. UL’s security services are endorsed by recognized regulators and certification bodies, such as EMVCo, PCI and the leading payment card providers including American Express, Discover Financial Services, JCB International, MasterCard, Visa and UK CESG.


DELIVERABLES


For more information on UL's transaction security evaluation, please call us at +44.125.631.2000.


PRODUCTS THIS SERVICE APPLIES TO

Payment cards, payment terminals, mobile secure elements, mobile handsets

APPLICABLE STANDARDS

Mandates from payment schemes including American Express, MasterCard, JCB, Discover, Visa, Diners Club and Interac Mandates from payment schemes including American Express, MasterCard, JCB, Discover, Visa, Diners Club and Interac
EMVCo Integrated Circuit Card Specifications
FIPS 140-2 Federal Information Processing Standard
PCI standards Payment Card Industry
Common Criteria (CESG)

RELATED INDUSTRIES AND SOLUTIONS


RELATED SERVICES