Security consulting and expertise for mobile equipment
Why choose FIME?
FIME is able to help you with improving the security of your mobile equipment, including your mobile application, Host Card Emulation (HCE) application, and Trusted Execution Environment. FIME can also help you with preparing for security testing and evaluation against AFSCM, Common Criteria, GlobalPlatform, payment scheme or bespoke security requirements.
Service description
FIME works in partnership with its clients to address product security requirements from initial set-up and throughout development and integration. Our offer includes:
-
Risk analysis - applying a vulnerability analysis methodology to search for applicable threats and assess corresponding risks using probability of occurrence or feasibility and impact assessment.
-
Security requirements writing - identifying the applicable security requirements to be met in order to mitigate the identified risks.
-
Product design review - searching for vulnerabilities at an early stage of development in the product paper design/specifications through analysis by a security expert.
-
Source code review - searching for vulnerabilities in the source code at the end of the development using tools and security expertise – also includes validation of cryptographic mechanisms.
-
Vulnerability analysis - includes product design review and source code review to identify any exploitable vulnerability in the product/system and prepare, if needed, a penetration testing plan.
-
Security evaluation and penetration testing - performing the corresponding security evaluation and penetration testing on the product.