The CB approval policy
Four types of players are involved in the process of CB approval:
- Manufacturers, who submit their products for CB approval and whose products must comply with the functional and security specifications of CB. Prior to this, these manufacturers must be referenced with CB;
CB and non-CB Certification Organisations
CB certification organisations (for example PayCert), which deliver certificates of compliance if the products comply with CB specifications. Prior to this, these certification organisations must be approved by CB.
Non-CB certification organisations (for example EMVCo), which deliver certificates in accordance with CB requirements.
CB laboratories, which perform tests requested by CB to confirm that the products meet CB specifications; the laboratories (for example Elitt) are first approved by the CB certification organisations and referenced with CB.
- The CB Certification Centre, which defines the CB approval policy, authorises the CB Certification Organisations, references CB laboratories and manages the process of the CB approval of manufacturer’s products.
You will find the description of CB acceptance approval scheme in the attached document:
Besides, find the list of accredited companies "QSA" to realize audits PCI-DSS and at present referenced CB: list companies "QSA"