Specifications include, but are not limited to: Provide a recommendation for a technology development approach to ensure that open payments will meet a QSA approval when UTA develops that solution for its internal fare system.
Recommend an encryption / tokenization scheme to be implemented on the reader (POI) that will meet or exceed the current PCI 3.2.1, the proposed PCI DSS 4.0 draft standard and the appropriate EMV L2 and/or L3 standard.
Outline and recommend what hardware technological needs to be included in the purchase of the new readers to accomplish QSA sign for PCI / EMV certification.
Outline the benefits and risks of pursuing a P2PE scheme for our readers when using open payments.
Outline and recommend an approach to deal with the required key management for those POI devices used in the fare system.