Chip Security TestingΒ 
New advanced analytical tools, increased customization options, and improved integration capabilities.
ALL-IN-ONE PLATFORM

  • esDynamic

    Manage your attack workflows in a powerful and collaborative platform.

  • Expertise Modules

    Executable catalog of attacks and techniques.

  • Infrastructure

    Integrate your lab equipment and remotely manage your bench.

  • Lab equipments

    Upgrade your lab with the latest hardware technologies.

PHYSICAL ATTACKS

  • Side Channel Attacks

    Evaluate cryptography algorithms from data acquitition to result visualisation.

  • Fault Injection Attacks

    Laser, Electromagnetic or Glitch to exploit a physical disruption.

  • Security Failure Analysis

    Explore photoemission and thermal laser stimulation techniques.

EXPERTISE SERVICES

  • Evaluation Lab

    Our team is ready to provide expert analysis of your hardware.

  • Starter Kits

    Build know-how via built-in use cases developed on modern chips.

  • Cybersecurity Training

    Grow expertise with hands-on training modules guided by a coach.

Binary Security AnalysisΒ 
Get started with π—²π˜€π—₯π—²π˜ƒπ—²π—Ώπ˜€π—²: the collaborative platform for advanced software binary analyses.
ALL-IN-ONE PLATFORM

  • esReverse

    Static, dynamic and stress testing in a powerful and collaborative platform.

  • Extension: Intel x86, x64

    Dynamic analyses for x86/x64 binaries with dedicated emulation frameworks.

  • Extension: ARM 32, 64

    Dynamic analyses for ARM binaries with dedicated emulation frameworks.

DIFFERENT USAGES

  • Penetration Testing

    Identify and exploit system vulnerabilities in a single platform.

  • Vulnerability Research

    Uncover and address security gaps faster and more efficiently.

  • Malevolent Code Analysis

    Effectively detect and neutralise harmful software.

  • Digital Forensics

    Collaboratively analyse data to ensure thorough investigation.

EXPERTISE SERVICES

  • Software Assessment

    Our team is ready to provide expert analysis of your binary code.

  • Cybersecurity training

    Grow expertise with hands-on training modules guided by a coach.

ResourcesΒ 
Empowering teams with π—Έπ—»π—Όπ˜„-π—΅π—Όπ˜„ to build a more secure world through cybersecurity. Join our mission.
INDUSTRIES

  • Semiconductor

  • Security Labs

  • Governmental agencies

  • Academics

ABOUT US

  • Why eShard?

  • Our team

  • Careers

FOLLOW US

  • Linkedin

  • Twitter

  • Youtube

  • Gitlab

  • Github

Blog
Contact us
Back to all articles
Mobile App & Software

PCI MPoC: The New Standard for Mobile Payments

4 min read
Edit by Thilo Pannen β€’ Jun 2, 2023
Share

The PCI Security Standards Council (PCI SSC) has recently unveiled an innovative mobile payment security standard, known as Mobile Payments on COTS (Commercial-Off-The-Shelf) devices (PCI MPoC), designed to support the evolution of mobile payment acceptance solutions.

PCI MPoC builds upon the PCI Software-based PIN Entry on COTS (SPoC) and PCI Contactless Payments on COTS (CPoC) standards, each coming with a limitation.

What sets PCI MPoC apart is its ability to support both PIN entry and contactless card processing on a mobile COTS device (phone or tablet), transforming it into a contactless payment acceptance point-of-sale (POS) device. Notably, while a PCI MPoC solution may utilize hardware security components integrated in the device (e.g. Secure Elements (SE) or Trusted Execution Environments (TEE)), it can also be realized purely in software.

Β 

The Demand for Mobile App and Backend Security

As contactless payments have gained popularity, particularly in the wake of the pandemic, developing secure PCI MPoC solutions becomes crucial. Developing a solution on a COTS device requires a deep understanding of state-of-the-art mobile app and backend security. Protecting the contactless payments demands rigorous measures to ensure data integrity, confidentiality, and resilience against evolving threats.

At eShard, we are specialized in mobile app security and have a proven track record in mobile payment security standards. Leveraging our knowledge and experiences, we offer comprehensive security services tailored specifically for PCI MPoC solution providers and SDK or app developers.

From the initial stages of your project to the security approval application at a PCI MPoC lab, our team of experts provides unwavering support. We assist with any security-related queries, ensuring a smooth journey and helping you meet all the necessary requirements.

Β 

Prepare for the Future in 4 steps

Sans-titre---1.gif

Set the scene with MPoC Workshop

With the introduction of this new standard, vendors naturally have a multitude of questions regarding its content and implications. At the Foundation Workshop, we equip you with essential insights and guidance on the PCI MPoC program. Our expert team introduces you to the program's key aspects, including stakeholders, roles and responsibilities, high-level security requirements, dos and don'ts, pitfalls to avoid, and its relationship with other vital PCI standards like PCI DSS, PCI SSF, PCI PTS, and PCI PIN.

Β 

Offensive and Defensive Mobile App Security Training

Empower your developers with our specialized training modules focused on offensive and defensive mobile app security. In the Offensive Training Modules, developers learn to think and attack like real-world adversaries, developing effective defensive measures. The Defensive Training Module highlights typical weaknesses of mobile applications and imparts the knowledge needed to implement resilient code. Our training combines theory and hands-on practical exercises, providing developers with the skills necessary to protect mobile apps from evolving threats.

Β 

Technical Security Pre-Assessment

Prepare yourself for a smooth security evaluation process at the PCI MPoC lab with our Technical Security Pre-Assessment module. Our experts will review your security design, source code, or binary release candidate to ensure compliance with PCI MPoC security requirements. By identifying any potential vulnerabilities or gaps early on, we help you save time and avoid unnecessary iterations during the lab testing phase.

Β 

Consultancy and Expertise Services

Throughout your PCI MPoC project, our consultancy and expertise services are at your disposal. We offer comprehensive support as your trusted security expert, answering your questions, providing guidance, training, and coaching until you achieve the final approval at the PCI MPoC lab. Our team will address not only security-related concerns but also any non-security queries that arise during the project, ensuring a seamless and efficient experience.

Β 

The future of mobile payments is here, and we are excited to be at the forefront of this transformative journey. With our comprehensive PCI MPoC security services, we aim to empower businesses, solution providers, and developers to build robust and secure mobile payment acceptance solutions. Let us be your trusted partner in safeguarding the future of mobile payments.

Contact us today to unlock the full potential of PCI MPoC security.

Share

Categories

All articles
(99)
Case Studies
(2)
Chip Security
(29)
Corporate News
(11)
Expert Review
(3)
Mobile App & Software
(27)
Vulnerability Research
(35)

you might also be interested in

Vulnerability Research
Corporate News

Introducing esReverse 2024.01 β€” for Binary Security Analysis

4 min read
Edit by Hugues Thiebeauld β€’ Mar 13, 2024
CopyRights eShard 2024.
All rights reserved
Privacy policy | Legal Notice