The TEE approval process allows someone to obtain a security evaluation certificate for a Trusted Execution Environment (TEE) solution that is involved in TEE-based mobile payments.Search approved TEE solutions (SECNs)
Prior to being allowed to submit a TEE solution for security certification, the following steps must be fulfilled:
Q: I am performing a security evaluation of one or several SBMP components within several certification schemes (e.g. EMVCo, GlobalPlatform TEE, Common Criteria, other proprietary certification process). How can I leverage the work done for other schemes for an EMVCo SBMP Security Evaluation, and will EMVCo accept other certificates?
A: EMVCo does not accept non-EMVCo certificates by themselves, but supports reuse of evaluation evidence providing it meets its own requirements: • The evidence must be derived from an EMVCo recognized Laboratory, • Full detail of the reused evidence is available to the Laboratory conducting the evaluation for EMVCo (if a different Laboratory is used) and is provided to EMVCo for review, • The Laboratory must assess and confirm the reused evidence is complete, valid and fulfils the EMVCo requirements. This avoids duplication of evaluation work, saves cost and evaluation time.
Q: I have developed a new product that is similar to an existing product that was approved under another certification scheme. Can I re-use the evaluation evidence?
A: The EMVCo recognised Laboratory will consider existing evaluation evidence within a delta evaluation if it is relevant.
Q: I have developed a new product that is similar to an existing EMVCo approved product. Can I re-use the evaluation evidence?
A: The EMVCo recognised Laboratory will consider existing evaluation evidence within a delta evaluation if it is relevant.View all related FAQs (PDF)