Domus ITSL - Common Criteria, FIPS 140-2, INTERAC. IT Security Evaluations

 

Evaluation of Common Criteria, FIPS 140, INTERAC (SPED), PCI, security and cryptographic products

 
   
 

 

 

As an independent accredited security laboratory, DOMUS ITSL is ideally positioned to provide testing and certification of financial products with embedded security features.

INTERAC ® Direct Payment Terminals

Secure Pin Entry Device (SPED) testing under the INTERAC® technical specification

In addition to Common Criteria and FIPS 140 evaluations, DOMUS ITSL performs third party conformance and compliance testing in accordance with various government and commercial standards; such as independent functional and logical testing of Secure Pin Entry Devices (SPEDs) and independent validations of Secure Pin Entry Devices (SPEDs) in accordance with the INTERAC® direct payment (IDP) technical specification.

In Canada, the Interac® Association is the organization responsible for the development of a national network of two shared electronic financial services: Shared Cash Dispensing (SCD) at Automated Banking Machines and INTERAC® Direct Payment (IDP), Canada's national debit service.


Direct Payment Terminal Validation

With the growing requirement for security risk management, security assurance and certification, vendors and users of security products are contracting independent laboratories to test those products. As an independent accredited security laboratory, DOMUS ITSL is ideally positioned to provide such services to financial institutions, manufacturers and resellers that both use and supply products with embedded security features (i.e. functionality supporting confidentiality, integrity, availability or authentication). DOMUS ITSL SPED testing services include the security compliance testing of Point of Sale (POS) and Automatic Banking Machines (ABM) units against physical and/or logical security requirements specified in:

INTERAC® Direct Payment (IDP) Secure PIN Entry Device (SPED) Requirements Standard, Version 2.0, December 2007

The SPED validation process begins with DOMUS ITSL supplying the client with a list of the Manufacturers Deliverables, which they are required to provide. Once the documents and equipment have been received, DOMUS ITSL performs tests against the security requirement categories of tamper protection and detection, key management, PIN protection, software loading protection and durability. These tests include an extensive review of physical design, product documentation and source code.
The detailed Certification Test Procedures and Report includes:
Evaluation Summary;
Compliance Testing Summary; and
Detailed Test findings for each security requirement category with Test Results and Status.

For more information visit:

The Interac Association Web site
Canadian Code of Practice for Consumer Debit Card Services
 

For more information on DOMUS ITSL INTERAC® Direct Payment Terminal Certification services please contact us via email (or via phone at 613-726-5097)

 

 

 

 

Contact Us           Site Map           Privacy Policy

Last Updated: April 20 2007
Copyright© 2001-2005 DOMUS ITSL & NUVO Network Management Inc. All Rights Reserved, ® Trade-mark of Interac Inc. Used under license.