Cryptography Research Announces T-Systems as Accredited Evaluation Lab for DPA Testing Program for Smart Cards

T-Systems Contact:

Media Relations
Tel.: +49 6966 531126

SAN FRANCISCO, USA October 13, 2009 Cryptography Research, Inc. (CRI), a worldwide leader in security systems, today announced the accreditation of T-Systems as an independent testing lab to conduct evaluations for the DPA Countermeasure Validation Program. The program, designed to help chip purchasers and smart card customers identify devices with effective security, involves rigorous independent testing of products to evaluate their resistance to Differential Power Analysis (DPA) attacks.

"We are very pleased to be working with leading security experts, such as CRI, in the important field of smart card protection," said Robert Hammelrath, head of security analysis & testing at T-Systems. "We look forward to assisting our customers to meet their product evaluation needs."

Established in 1987, the T-Systems security analysis laboratory in Bonn, Germany, is a foremost test facility for secure systems and products. It operates under the test scheme of Common Criteria, ITSEC and most security test procedures of the financial world for payment cards and payment terminals. These are for example EMVCo and PCI (Payment Card Industry) Security Standards, major credit card company`s consortia, and the German ZKA, a central loan committee.

T-Systems joins Brightsight BV in the Netherlands as the first two security evaluation facilities to be accredited by CRI to conduct testing under its DPA Countermeasure Validation Program. Through this program, licensed users of CRI's DPA countermeasure technology have the right to display the DPA Lock certification mark in connection with products that qualify under the tests conducted by accredited labs. Products displaying the DPA Lock give customers assurance that the chip or card is both licensed and contains tested countermeasures.

"CRI is delighted to confirm T-Systems as an accredited laboratory under the DPA Countermeasure Validation Program," said Ken Warren, smart card business manager, CRI. "T-Systems is recognized worldwide for its skill and expertise in the field of security testing and evaluation."

Smart cards and other cryptographic devices can be vulnerable to DPA attacks, which can reveal secret keys. Effective countermeasures are required to prevent payment cards, ID cards and other devices from fraud and abuse. The DPA Countermeasure Validation Program includes a suite of tests specifically designed to analyze the effectiveness of a device's DPA countermeasures. CRI plans to approve only a select number of the world`s most capable testing labs to participate.