With the new PCI PTS v5.0 release, approved POS devices vendors are aware that Side Channel Analysis (SCA) is one of the focuses. It is expected that PCI PTS laboratories will perform systematic side channel testing on the secure chip as a strong requirement.
Facing a weakness against SCA can be hard to fix. And secure chips do not always provide the full security level, even with a dedicated crypto engine. This may deserve additional protections at the software layer. At eshard, we have developed a dedicated expertise and bench in cryptography side-channel, with a strong practical background in payment acceptance device.
At eshard, we can help you:
- investigate your code or solution (by testing or code review) and identify the potential flaws,
- rework your code to meet the corresponding security requirement,
- run the appropriate tests to validate,
- provide a technical support during the PCI PTS accreditation for the cryptography aspects,
and if needed, bring you the crypto software pieces you miss.
As we are independent form laboratories, we share our expertise with your team so you mitigate your risk during the PCI PTS certification process, from a SCA point of view. Or we support you if a security issue in Side Channel appeared during your certification process.
Use our contact form or email us at firstname.lastname@example.org if you need assistance.