• Company
  • About Us
  • Board of Directors
  • Management Team
  • Technical Advisory Board
  • Industry Standards
  • Investors
  • Jobs
• Solutions
  • Banking
  • Cloud
  • Government
  • Mobile
  • Technology
• Products
  • Authentication & Signing
    • Authenticator
    • Mobile AuthApp
    • Signer
    • Token Manager
  • EMV
    • CardInk
    • EMV CA
  • Key Management
    • Key Management System
    • HSM Portal
  • PKI & ID
    • Certification Authority
    • ID Issuer
    • High Speed Inspection
    • CVCA & DVCA
    • OCSP Responder
    • PrimeInk Toolkits
    • Time Stamping Authority
• News & Events
  • News
  • Events
  • Blog
• Partners
  • Partner Programme
  • Technology Partners
  • Solution Partners
  • Strategic Partners
• Services
  • Consulting
  • Solution Design
  • Integration
  • Installation & Training
  • Support
  • HSM Programming
• Security Lab
  • Key Generation - p an odd prime
  • Key Generation - characteristic 2
  • Miller-Rabin Primality Test
  • Technical Dictionary
• Customers
  • Customers
  • References
  • Case Studies
• Contact
  • Contact Us
  • Cryptomathic Offices

Follow @CRYPTOMAThIC

Industry Standards

Cryptomathic is a member of and/or conforms to the following standards:

EMV Co

EMVCo manages, maintains and enhances the EMV Integrated Circuit Card Specifications for chip-based payment cards and acceptance devices, including point of sale (POS) terminals and ATMs. EMVCo also establishes and administers testing and approval processes to evaluate compliance with the EMV Specifications. EMVCo is currently owned by American Express, JCB, MasterCard and Visa.

A primary goal of EMVCo and the EMV Specifications is to help facilitate global interoperability and compatibility of chip-based payment cards and acceptance devices. This objective extends to new types of payment devices as well, including contactless payment and mobile payment.

www.emvco.com

GlobalPlatform

GlobalPlatform is an independent, not-for-profit organisation driven by over 50 cross-industry member organisations. GlobalPlatform is the leading, international association, focused on establishing and maintaining interoperable specifications for single and multi-application smart cards, acceptance devices and systems infrastructure that deliver benefits to issuers, service providers and technology suppliers.

www.globalplatform.org

Microsoft Partner Network

The Microsoft Partner Network is designed to equip organizations that deliver products and services based on the Microsoft platform with the training, resources and support they need to provide their customers a superior experience and outcomes.  The Microsoft Gold Competency signifies to the market that a company has demonstrated the highest level of skill and achievement within a given technology specialism. Each competency has a unique set of requirements and benefits, formulated to accurately represent the specific skills and services that partners bring to the industry.

To earn a Microsoft Gold Competency, organizations must complete a rigorous set of tests to prove their level of technology expertise. Cryptomathic has achieved a Gold Independent Software Vendor (ISV) / Software Competency in the Microsoft Partner Network, demonstrating its ability to meet Microsoft customers' evolving needs in today's dynamic business environment.

https://partner.microsoft.com/

MULTOS Consortium

The MULTOS Consortium is a group of international blue chip organisations, whose objective is to promote MULTOS as the smart card industry standard cross all market sectors.  The diversity of the consortium membership reflects the interests of companies in many sectors, including telecommunications, e-commerce, travel, entertainment, retail, media and government/public sectors.  It is the consortium members, as a group, who are also responsible for the ongoing maintenance and development of the MULTOS specification.

www.multos.com

NIST

NIST (The National Institute of Standards and Technology) is a non-regulatory federal agency within the U.S. Department of Commerce which is heavily involved in standardisation of cryptographic solutions. NIST's mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life.

The NIST Federal Information Processing Standard - FIPS - is one of many NIST initiatives relevant to secure solutions. For the use of HSMs (Hardware Security Modules) FIPS 140 has prevailed as the predominant standard for security evaluation. Cryptomathic uses HSMs which are accredited the FIPS 140-2 Level 3 or 4, as these HSMs comply with many major industry standards, e.g. as set out by card payments schemes, e.g. Visa as well as governments and military.

http://www.itl.nist.gov/fipspubs/

OATH

OATH is an industry-wide collaboration to develop an open reference architecture by leveraging existing open standards for the universal adoption of strong authentication.

OATH is comprised of industry leaders working with other standards groups toward the propagation of ubiquitous strong authentication, enabling eBusiness and giving customers the confidence to conduct secure commerce and communication online. An OATH ecosystem consists of devices, chip sets, platforms, applications, integrators, and customers, all working together in a strongly authenticated, highly secure environment.

www.openauthentication.org

OASIS

OASIS (Organization for the Advancement of Structured Information Standards) is a not-for-profit consortium that drives the development, convergence and adoption of open standards for the global information society.

OASIS promotes industry consensus and produces worldwide standards for security, Cloud computing, SOA, Web services, the Smart Grid, electronic publishing, emergency management, and other areas. OASIS open standards offer the potential to lower cost, stimulate innovation, grow global markets, and protect the right of free choice of technology.

http://www.oasis-open.org

PCI Security Standards Council

The PCI Security Standards Council offers robust and comprehensive standards and supporting materials to enhance payment card data security. These materials include a framework of specifications, tools, measurements and support resources to help organizations ensure the safe handling of cardholder information at every step. The keystone is the PCI Data Security Standard (PCI DSS), which provides an actionable framework for developing a robust payment card data security process -- including prevention, detection and appropriate reaction to security incidents.

http://www.pcisecuritystandards.org/security_standards/index.php

PKCS

PKCS, which is stands for Public Key Cryptography Standard is one of the most important standard frameworks in modern cryptography. Since work on the standard was started in the 1980s there have been many standards published under this framework. The most notable PCKS standard that Cryptomathic works with is PKCS#11 -- used for integration software applications with Hardware Security Modules (HSMs). Cryptomathic products support and adhere to many of the other PKCS standards as well.

http://en.wikipedia.org/wiki/PKCS

Trusted Computing Group

The Trusted Computing Group (TCG) is a not-for-profit organization formed to develop, define, and promote open standards for hardware-enabled trusted computing and security technologies, including hardware building blocks and software interfaces, across multiple platforms, peripherals, and devices. TCG specifications will enable more secure computing environments without compromising functional integrity, privacy, or individual rights. The primary goal is to help users protect their information assets (data, passwords, keys, etc.) from compromise due to external software attack and physical theft.

www.trustedcomputinggroup.org