IS Laboratory
Security Evaluations,
Penetration Testing and Advisory Services
for Mobile and IoT Solutions
Founded and Managed by Engineers
Who we are
Located in the South of France in Aubagne, IS Laboratory is a security evaluation laboratory that proposes a range of services to enhance security of mobile solutions and harden protection of sensitive data processed by mobile applications.
Founded in 2024 by three engineers with significant experience in software development and security evaluations, IS Laboratory aims to provide state of the art security evaluation and advisory services.
IS Laboratory is accredited by major payment schemes – EMVCo, Visa, Mastercard – to perform security evaluations of mobile payment solutions.
News & Announcements
- EMVCo Full Recognition
After the successful execution of a pilot security evaluation and EMVCo Board Approval, IS Laboratory is now fully recognized by EMVCo as a Software-Based Mobile… Read more: EMVCo Full Recognition - IS Laboratory Expands Services to IoT Security Audits to Support CRA and RED Directive Compliance in France
IS Laboratory, a cybersecurity firm with deep expertise in sensitive domains such as the payment industry, announces the expansion of its services to include IoT… Read more: IS Laboratory Expands Services to IoT Security Audits to Support CRA and RED Directive Compliance in France
Payment Industry Security Services
PCI MPoC Services
We offer consulting services, including workshops, gap analysis, and recommendations on architecture and security to help you achieve and maintain PCI MPoC compliance.
EMVCo SBMP (Software-Based Mobile Payment) Services
As a laboratory accredited by EMVCo, we perform EMVCo SBMP security evaluations, including code and documentation review, vulnerability analysis and penetration testing to ensure compliance of the solution with EMVCo standards.
In addition, we offer separate services such as workshops on mobile security and security evaluation requirements and gap analysis to help you to prepare for a formal security evaluation.
IOT Services
Security Services for RED and CRA
We ensure your IoT products meet EU security requirements. IS Laboratory provides evaluations, advisory, risk assessments, and training to support compliance with the Radio Equipment Directive (RED – EN 18031, 3.3d/e/f) and the Cyber Resilience Act (CRA).
Other security services
Mobile Security Evaluation Services
Beyond the payment sector, we also propose security evaluations of any mobile solution that handles sensitive data, based on the OWASP MASVS/MASTG specifications.
We provide comprehensive analyses and recommendations to enhance the security of your applications.