Point of Interaction "POI-OPTION"

POI / Hardware Boxes with Security Boxes

Certification Body

Agence Nationale de la Sécurité des Systèmes d'Information (ANSSI)

Sponsor

Agence Nationale de la Sécurité des Systèmes d'Information (ANSSI)

Point of Contact

certification.anssi@ssi.gouv.fr

Certification ID

ANSSI-CC-PP-2010/10

PP Version

Version 2.0

CC Version

3.1 Revision 3

CC Conformance Claim

CC part 2 extended
CC part 3 conformant
EAL POI (PED-OPTION)
Conformance claims to this protection profile requires strict conformance

Certification status

Certified 6 January 2011

Language

English

Summary

The “Common Approval Scheme” (CAS) group is intended to harmonize security requirements for European payment systems within the scope of the “Single European Payment Area” (SEPA). For this purpose it has issued a Protection Profile for payment terminals (PP POI). This PP has then been maintained by a subgroup of the “Joint Interpretation Library” (JIL) called “Joint Terminal Evaluation Methodology Subgroup” (JTEMS).

Eventually, the POI Protection Profile comes in three configurations, each one describing a different TOE that corresponds to a particular security need identified by the CAS group:

  • POI-PED-ONLY
  • POI-COMPREHENSIVE
  • POI-OPTION

The products in the scope of this Protection Profile are payment terminals with Integrated Circuit (IC) Card based online and offline transaction capabilities. Products range from simple PED with PIN keypad, display and IC and Magnetic Stripe Card Readers to complete terminals (POI) that manage transaction data and provide external communications capabilities. Other functionalities than payment, which might be processed by the same device, e.g. fleet card processing, are out of scope of this PP.

POI-OPTION configuration: This TOE provides protection for IC based transactions, payment transaction data management and external communication facilities. The only difference to the POI-COMPREHENSIVE configuration is the absence of support for the protection of offline plaintext PIN and for the Magnetic Stripe Reader. The POI-OPTION configuration is a subset of the POI-COMPREHENSIVE configuration. Therefore it is not compliant with the POI-COMPREHENSIVE configuration. The aim of this configuration is the support of the business needs of payment schemes, which are migrating to a chip only environment and are using encrypted PIN only. Note that as a consequence, POI-OPTION configuration is not relying on the robustness of the IC Card Reader. This configuration is seen as a major step towards a future POI-CHIP-ONLY configuration. All requirements defined by Common Appoval Scheme do apply to POI-OPTION configuration. This configuration is intended to lead to a common security certific ation of payment schemes being in this migration phase.

Relation to other PPs

-