Industry partner of choice for mobile security certification and training
Are you developing and aiming to certify a mobile payment solution?
The content of this training is a distilled version of the lessons learned by our security evaluation team throughout the 50+ mobile payment security evaluation projects we executed in the last 3 years. For your convenience the training content is offered on-line.
The course includes lessons and quizzes on requirements, the evaluation process itself, HCE architecture, attack models and attacks versus countermeasures, common pitfalls and mitigation strategies.
Riscure is the number 1 laboratory for Mobile Payment Security Evaluations, accredited by VISA, MasterCard, American Express, Discover and others. As of today, Riscure has successfully completed more than 50+ security evaluation projects related to HCE and TEE based payment solutions and certification, making us not only the most experienced and efficient laboratory but also the number one choice to guarantee a smooth and successful certification process.
Our proven track record includes security evaluations on Mobile Wallets, HCE Software Development Kits (SDK), and Secure Element (SE) and Trusted Execution Environment (TEE) based payment solutions.
Training audience and objectives
This training program is aimed at the following audience:
• Project managers at organization developing and deploying mobile wallets (e.g. issuing banks, mobile
network operators and solution providers)
• Product owners of mobile wallet solutions
• Software developers involved in the design and development of mobile wallet solutions
• Security teams (e.g. solution architects, security officers, security experts, etc)
• Security evaluators, internal security testing teams
During the course, you will gain the understanding of:
• The security certification process and relevant actors
• The relevant security requirements for the mobile wallet solution
• The way the mobile wallet solution will be evaluated, which attacks are considered and how you can
defend against such attacks
• The common pitfall and lessons learned in mobile wallet security
After a thorough introduction to the fundamentals of mobile payment, which includes the description of the architecture for the HCE applications, we discuss how to prepare for the certification projects. Here we go into the details of on how to prepare the documentation, what are the pre-requisites, the timelines and project planning. Next, we focus on the scheme requirements for the evaluation with references to the security mechanisms and finally we discuss the most common vulnerabilities of HCE solutions today.
2. Architecture for HCE: applications in mobile payment
3. Security certification preparation
4. Security requirements of the payment schemes
5. Attacker model and security mindset
6. Lessons learned and common pitfalls
7. Security mechanisms and mitigation strategies: how to incorporate the knowledge of the attacker into
8. Attacks vs countermeasures: common attacks and countermeasures against such attacks
Each section of the training, contains a video with the explanations, you have access to the slides and other materials used in the section and a small quiz to consolidate the information presented in each section.
You selected to get the course HCE Security Certification... (HCEONLINE). Please Login or Signup to get it.