• Specifications
• |
• Approvals & Certification
• |
• Best Practices
• |
• Interoperability Advisories
• |
• EMVCo Associates
• |
• FAQ

The EMVCo Security Evaluation Process is intended to provide EMVCo Members' Issuers with valuable and practical information relating to the general security performance characteristics and the suitability of use for smart card related products and IC chip-based tokens. The EMVCo Security Evaluation Process is designed to ensure a robust security foundation for these products at the product family and component level. The EMVCo Security Evaluation Process is an evolving process in relation to New Attack Techniques and Technology. EMVCo therefore reserve the right to perform New/Random Security Testing throughout the Lifetime of the card which may impact Certification. The full terms and conditions upon which EMVCo Compliance Certificates are issued by EMVCo are contained in the EMVCo Security Evaluation Process Document and the EMVCo Security Evaluation Certification Contract.

The approval for an IC product applies as of the date of the certificate, but the product will generally be placed on the EMVCo Approved Products list for three years. Unless the certificate is previously withdrawn or the product is superseded by newer products from a product provider, products with an EMVCo Compliance Certificate will be removed from the EMVCo Approved Products list after three years. ICs seeking renewal must comply with current security guidelines. For IC approval renewal, contact the EMVCo Security Evaluation Secretariat.

Note: An ICCN number followed by an asterisk (*) indicates that a product has successfully undergone maintenance evaluation work. Each asterisk indicates that the product has been granted up to one (1) year extension to the EMVCo Approval life cycle (and remains subject to annual security review).