Approval Services accepts all chip card form factors for testing such as ID1 Cards, Mini Cards, Fobs, and Stickers, as well as wearables and IoT products with a static contactless chip. The scope of testing includes (where applicable) the following:
To reduce the duplication of testing for vendors, Visa’s approval process utilizes several testing and certification programs offered by EMVCo and GlobalPlatform.
The applicability and scope of functional and security testing is dependent of the configuration of product being submitted and the circumstance of the submission, i.e. whether it is a new product, or a derivative of, or a change to, an existing product. Appendix B of the Chip Card Testing and Approval Requirements document provides information about the scope of testing for different types of submissions.
If the product successfully passes all required testing and requirements, Visa issues a Letter of Approval. The approval recognition applies internationally unless specified in the letter. Approval Letters are not transferable from one product to another, or from one vendor to another.
The issuance of an Approval Letter by Approval Services does not provide an allowance of the card construction per ISO 7810 & 7811-6, or review against the Visa Product Brand Standards, as required by Global Design & Innovation (Brand). Information regarding this separate and required qualification process can be obtained by contacting [email protected].
The Chip Card Testing and Approval Requirements document explains the chip card testing process in detail.
Approval Services accepts all chip card form factors for testing such as ID1 Cards, Mini Cards, Fobs, and Stickers, as well as wearables and IoT products with a static contactless chip. The scope of testing includes (where applicable) the following:
To reduce the duplication of testing for vendors, Visa’s approval process utilizes several testing and certification programs offered by EMVCo and GlobalPlatform.
The applicability and scope of functional and security testing is dependent of the configuration of product being submitted and the circumstance of the submission, i.e. whether it is a new product, or a derivative of, or a change to, an existing product. Appendix B of the Chip Card Testing and Approval Requirements document provides information about the scope of testing for different types of submissions.
If the product successfully passes all required testing and requirements, Visa issues a Letter of Approval. The approval recognition applies internationally unless specified in the letter. Approval Letters are not transferable from one product to another, or from one vendor to another.
The issuance of an Approval Letter by Approval Services does not provide an allowance of the card construction per ISO 7810 & 7811-6, or review against the Visa Product Brand Standards, as required by Global Design & Innovation (Brand). Information regarding this separate and required qualification process can be obtained by contacting [email protected].
The Chip Card Testing and Approval Requirements document explains the chip card testing process in detail.
To reduce duplicate testing for vendors, Visa’s approval process utilizes testing and certification programs offered by EMVCo. The scope of testing includes (where applicable) the following:
The applicability and scope of functional testing is dependent of the configuration of product being submitted and the circumstance of the submission, i.e. whether it is a new product, or a derivative of, or a change to, an existing product. Appendix B of the Chip Card Acceptance Device Testing and Approval Requirements document provides information about the scope of testing for different types of submissions.
If the product successfully passes all required testing and requirements, Visa issues a Letter of Approval. The approval recognition applies internationally unless specified in the letter. Approval Letters are not transferable from one product to another, or from one vendor to another.
Information about certifying mPOS devices can be found on the Visa Ready Program website.
Visa Global L3 Testing is a mandatory phase of terminal testing. It helps to ensure that chip terminals that have been configured for deployment by acquirers are correctly integrated into the Visa payment acceptance environment and do not unduly contribute to interoperability problems. For details on Level 3 testing, please refer to the Visa Global Level 3 Testing – Guidelines and FAQ which can be found in the library.
To reduce duplicate testing for vendors, Visa’s approval process utilizes testing and certification programs offered by EMVCo. The scope of testing includes (where applicable) the following:
The applicability and scope of functional testing is dependent of the configuration of product being submitted and the circumstance of the submission, i.e. whether it is a new product, or a derivative of, or a change to, an existing product. Appendix B of the Chip Card Acceptance Device Testing and Approval Requirements document provides information about the scope of testing for different types of submissions.
If the product successfully passes all required testing and requirements, Visa issues a Letter of Approval. The approval recognition applies internationally unless specified in the letter. Approval Letters are not transferable from one product to another, or from one vendor to another.
Information about certifying mPOS devices can be found on the Visa Ready Program website.
Visa Global L3 Testing is a mandatory phase of terminal testing. It helps to ensure that chip terminals that have been configured for deployment by acquirers are correctly integrated into the Visa payment acceptance environment and do not unduly contribute to interoperability problems. For details on Level 3 testing, please refer to the Visa Global Level 3 Testing – Guidelines and FAQ which can be found on Visa Technology Partner website.
Approval Services oversees testing of mobile proximity payment products that will be used to conduct Visa “payWave” payment transactions to ensure that they comply with Visa, GlobalPlatform and EMVCo specifications and requirements.
Visa accepts the following types of products for testing:
Depending on the configuration of the product the testing process may involve:
See the Mobile Product Testing and Approval Requirements in the library for information.
Approval Services oversees testing of mobile proximity payment products that will be used to conduct Visa “payWave” payment transactions to ensure that they comply with Visa, GlobalPlatform and EMVCo specifications and requirements.
Visa accepts the following types of products for testing:
Depending on the configuration of the product the testing process may involve:
See the Mobile Product Testing and Approval Requirements in the library for information.
The process for wearables and IoT products is owned and managed by the Visa Ready Program rather than Approval Services. Please contact the Visa Ready Program at [email protected] for information about their process.
The term internet of things (IoT) encompasses a large number of connected devices, including wearables (such as a watch or wrist band) and personal accessories (such as a key chain or coffee cup). These devices can be used as contactless payment solutions associated with a Visa card account.
Approval Services supports Visa Ready by managing parts of their testing process.
Defined as a product containing an embedded chip or removable chip with proximity payment antenna, able to perform a contactless Visa transaction. It is not a standard card form factor and cannot be provisioned or updated post issuance.
Refer to Requirements and Program Guide for Static Contactless Chip Form Factor for more information.
Information about the scope of Approval Services’ testing for this type of product can be found in the Card Testing and Approval Requirements.
Defined as a product with Embedded Secure Element (eSE) or Cloud-based Payment (solution, including an NFC controller and proximity payment antenna able to perform a contactless Visa transaction. Personalization will be done through a companion device (e.g. mobile phone) which securely pairs itself with the product.
Information about the scope of Approval Services’ testing for this type of product can be found in the Mobile Product Testing and Approval Requirements.
The process for wearables and IoT products is owned and managed by the Visa Ready Program rather than Approval Services. Please contact the Visa Ready Program at [email protected] for information about their process.
The term internet of things (IoT) encompasses a large number of connected devices, including wearables (such as a watch or wrist band) and personal accessories (such as a key chain or coffee cup). These devices can be used as contactless payment solutions associated with a Visa card account.
Approval Services supports Visa Ready by managing parts of their testing process.
Defined as a product containing an embedded chip or removable chip with proximity payment antenna, able to perform a contactless Visa transaction. It is not a standard card form factor and cannot be provisioned or updated post issuance.
Refer to Requirements and Program Guide for Static Contactless Chip Form Factor for more information.
Information about the scope of Approval Services’ testing for this type of product can be found in the Card Testing and Approval Requirements.
Defined as a product with Embedded Secure Element (eSE) or Cloud-based Payment (solution, including an NFC controller and proximity payment antenna able to perform a contactless Visa transaction. Personalization will be done through a companion device (e.g. mobile phone) which securely pairs itself with the product.
Information about the scope of Approval Services’ testing for this type of product can be found in the Mobile Product Testing and Approval Requirements.
Security testing focuses on aspects of the product implementation that may have a security impact. Security testing goes beyond the functional testing to see if the product is vulnerable to known attacks, whether or not these are explicitly cited in any specification.
All Visa chip-based payment products are required to go through security testing.
Mandatory for all chip products.
Visa leverages the EMVCo IC security evaluation process to evaluate the security of the chip hardware. EMVCo’s process considers the security of chip products and aims to provide a high level of assurance that the chip is designed to resist known attack methods. EMVCo issues an IC certificate with an IC Certificate Number (ICCN) when a chip has successfully completed the evaluation process. For detailed information on the EMVCo ‘IC’ security evaluation process, please see EMV Security Guidelines – EMVCo Security Evaluation Process on EMVCo.
Mandatory for secure elements, optional for chip cards.
Visa leverages the EMVCo Platform security evaluation process to evaluate the security of the platform for cards and secure elements. EMVCo’s process considers the security of chip products and aims to provide a high level of assurance that the platform is designed to resist known attack methods. EMVCo issues a Platform Certificate with a Platform Certificate Number (PCN) when a product has successfully completed the evaluation process. For detailed information on the EMVCo security evaluation process, please see EMV Security Guidelines – EMVCo Security Evaluation Process on EMVCo.
Visa Chip Security Program—Security Testing Process for Chip Cards provides detailed information about the security evaluation program.
Security testing focuses on aspects of the product implementation that may have a security impact. Security testing goes beyond the functional testing to see if the product is vulnerable to known attacks, whether or not these are explicitly cited in any specification.
All Visa chip-based payment products are required to go through security testing.
Mandatory for all chip products.
Visa leverages the EMVCo IC security evaluation process to evaluate the security of the chip hardware. EMVCo’s process considers the security of chip products and aims to provide a high level of assurance that the chip is designed to resist known attack methods. EMVCo issues an IC certificate with an IC Certificate Number (ICCN) when a chip has successfully completed the evaluation process. For detailed information on the EMVCo ‘IC’ security evaluation process, please see EMV Security Guidelines – EMVCo Security Evaluation Process on EMVCo.
Mandatory for secure elements, optional for chip cards.
Visa leverages the EMVCo Platform security evaluation process to evaluate the security of the platform for cards and secure elements. EMVCo’s process considers the security of chip products and aims to provide a high level of assurance that the platform is designed to resist known attack methods. EMVCo issues a Platform Certificate with a Platform Certificate Number (PCN) when a product has successfully completed the evaluation process. For detailed information on the EMVCo security evaluation process, please see EMV Security Guidelines – EMVCo Security Evaluation Process on EMVCo.
Visa Chip Security Program—Security Testing Process for Chip Cards provides detailed information about the security evaluation program.