After introducing its comprehensive PCI Compliance as a Service platform, ControlCase is now authorized as a Qualified Security Assessor (QSA) for the newest PCI Point-to-Point Encryption (P2PE) standards. These newest standards ensure card holder data is encrypted at the very first POS, be it a traditional retail terminal or a mobile payment application. The use of P2PE solutions may actually simplify a merchant’s annual PCI DSS compliance requirements.
ControlCase IT Governance, Risk and Compliance (GRC) software, Compliance as a Service (CAAS) and Certifications, has formed an independent and standalone division to perform ISO 27001 certifications. ControlCase was recently awarded the ISO accreditation from the Dutch Accreditation Council, http://www.rva.nl, (RvA). With this accreditation, ControlCase can now offer clients with a compelling and more cost effective offering that combines expertise in PCI Data Security Standard (PCI DSS) compliance and ISO 27001 certification. The independent team of experts in the newly formed ISO division can now offer services for Training, Initial Assessments, Certification Audits and Surveillance Audits for Certifications as per ISO 27001.
The latest PCI DSS 2.0 standard, based on extensive inputs from the PCI Security Standard Council’s global stakeholders, is designed to provide greater clarity and flexibility to facilitate improved understanding of the requirements and eased implementation for merchants. InterGlobe Technologies (IGT), the leading provider of integrated IT- BPO solutions to the travel and hospitality industry, has announced its successful PCI DSS 2.0 certification as perhaps the first Travel BPO organization by leading PCI DSS QSAC, ControlCase. The company has effectively met the newest version of the Payment Card Industry Data Security Standard (PCI DSS) compliance requirements.
ControlCase IT Governance, Risk and Compliance (GRC) software solutions and managed compliance services announced Rapid Investments niche payment solutions implemented its PCI Compliance service; a suite of software tools that enable organizations to attain compliance with the Payment Card Industry Data Security Standard. Rapid chose ControlCase because it offered an industry leading automation service that would ensure that the business remained continually compliant. Rapid recognized that it needed a managed solution that could intelligently control threats and streamline its business processes, not only saving time but enabling key staff to be allocated to other parts of the business.
Rapid Investments niche payment solutions has implemented the ControlCase fully managed PCI Compliance service. Rapid chose ControlCase because it offered an industry leading automation service that would ensure that the business remained continually compliant. Rapid recognized that it needed a managed solution that could intelligently control threats and streamline its business processes, not only saving time but enabling key staff to be allocated to other parts of the business. The entire implementation was completed within a month. This provides reduced costs; reduced time for compliance; and reduces the need for employing staff to manage various aspects of compliance and security.
Burgan Bank has completed PCI DSS compliance, having received PCI DSS version 2.0 certification from the global PCI Security Standards Council. This affirms Burgan Bank’s adherence to international security standards which aim at protecting banking cards’ information while recognizing data security methods that the bank applies to protect and safeguard customer information as well as preventing credit card fraud. Burgan Bank’s PCI Data Security Standard compliance was audited by ControlCase, a specialized auditor that is approved by the PCI Standards council.
ControlCase software solutions and managed compliance services launched its free downloadable data discovery tool, allowing organizations to identify and securely remove unprotected cardholder data that may be stored on their systems. ControlCase Data Discovery (CDD) has been developed to meet risk and compliance requirements as outlined in version 2.0 of the PCI DSS; the latest update to the standard reinforces the need for businesses to have a methodology in place for finding and securing unprotected cardholder data. With the Enterprise version, all of the scanning is done from one place, so there is no need to duplicate the process for each individual PC or laptop.
ControlCase launched its “Data Discovery” program directed at hotels to search for cardholder data in violation of PCI DSS requirements. Hotels can now download and license the ControlCase Data Discovery Scanner to scan for unencrypted PAN and other restricted authentication information (Track Data, CVV, CV2, etc) to eliminate the risk of data loss and exposure and PCI DSS non-compliance, for which ControlCase will refund the full licensing fee in the event that unencrypted PAN or other restricted data is not detected within the organizations’ environments. ControlCase integrates card data discovery within its PCI DSS certification methodology to reduce the risk of a data breaches and non-compliance with PCI DSS.
ControlCase announced that TechProcess Solutions has achieved PCI-DSS Certification for its “BillJunction Payments” online payments business. TechProcess Solutions Limited (TPSL) is one of Indiaâs leading providers of business solutions, with expertise in the areas of Payments, Back Office Management & Technology. TPSL has experienced a 25% growth over the past year in average transaction volumes for its online payment business and is currently integrated with over 500 of Indiaâs major web merchants & 24 leading banks to effect payments through credit / debit / cash cards & net-banking. US-based ControlCase is a global provider of Governance, Risk and Compliance (GRC) software, professional services, managed compliance and security services and IT GRC Software as a Service (SaaS) solutions. It is also a Qualified Security Assessor (QSA) as certified by PCI Security Standards Council and an Approved Scanning Vendor (ASV).
ControlCase announced that India-based TechProcess Solutions has achieved PCI-DSS Certification for its “BillJunction Payments” online payments business. TechProcess Solutions Limited (TPSL) is one of Indiaâs business solutions provider with a concentration in Payments, Back Office Management & Technology. TPSL has experienced a 25% growth over the past year in average transaction volumes for its online payment business and is currently integrated with over 500 of Indiaâs major web merchants & 24 leading banks to effect payments through credit / debit / cash cards & net-banking. US-based ControlCase is a global provider of Governance, Risk and Compliance (GRC) software, professional services, managed compliance and security services and IT GRC Software as a Service (SaaS) solutions. It is also a Qualified Security Assessor (QSA) as certified by PCI Security Standards Council and an Approved Scanning Vendor (ASV).
ControlCase announced Ganart Technologies has achieved the PCI-DSS Certification for its Ganart Transaction Engine (Patent Pending) and supporting processing services and environment. We manufacture, implement, host and operate highly advanced, compliant, secure, proprietary solutions, powered by the Ganart Transaction Engine (patent pending) that support high volume information and financial transactions. Ganartâs me6464 was initially designed around supporting underserved banking customers by providing a wide variety of value exchange services, such as money transfer and bill pay, within an existing financial network. The Ganart solution has evolved to support the entire financial services pyramid, particularly un-banked and under-banked consumers. The ability to support transaction processing from the Cloud gives Ganart customers consistency, scalability and security for their financial services from end to end.
Providing expertise on the use of PIV-I cards with physical access control systems (PACS) beyond the federal government to state and local governments and the private sector will be a top priority for the coming year, the Smart Card Alliance Physical Access Council said, announcing its new officers and steering committee. The Council also announced a workshop on PIV-I credentials at the 9th Annual Smart Cards in Government: Identity, Security & Healthcare Conference in November in Washington DC.
“Non-federal government and commercial organizations are now looking at how to leverage the smart card-enabled federal government FIPS 201 Personal Identity Verification (PIV) credential standard to implement trusted, interoperable identification credentials. As a result, we’re making education on PIV interoperable credentials a focus, helping organizations understand how they can be used with existing or new PACS systems,” said Physical Access Council Chair Lars Suneborn, Hirsch Electronics. “Our first step to this end is the PIV-I workshop next month, and an accompanying white paper coming out soon.”
The workshop, “PIV-I Credentialing Workshop: Strategies for the Implementation of PIV-I Secure Identity Credentials” will be held on Tuesday, November 16th from 8:30 a.m. to 5:00 p.m. and includes lunch. This full-day, interactive Smart Card Alliance educational workshop will explain the requirements of PIV interoperable identity credentials and examine real life business applications and usage models for implementing trusted identity credentials that comply with the technology, credential issuance policy, and security infrastructure for secure access applications.
“The Physical Access Council has become the go-to resource for guidance on challenging access control issues,” said Randy Vanderhoof, executive director of the Smart Card Alliance. “The Council also provides direct input to government organizations on how new technologies and policies impact current and next generation physical access control systems.”
Physical Access Council white papers published this year, “FICAM in Brief: A Smart Card Alliance Summary of the Federal Identity, Credential, and Access Management (FICAM) Roadmap and Implementation Guidance” and “Authentication Mechanisms for Physical Access Control Systems” are available on the Smart Card Alliance Web site.
The Physical Access Council elected new officers and steering committee representatives in October. The Council is made up of more than 140 individuals from over 55 organizations spanning government agencies, smart card and software manufacturers, reader manufacturers, physical access control system manufacturers, systems integrators and biometrics solutions providers. New officers are:
Chair: Lars Suneborn, Hirsch Electronics
Vice Chair: David Nichols, HID Global
Secretary: Salvatore D’Agostino, IDmachines
The newly elected 2010/2012 Steering Committee is:
Salvatore D’Agostino, IDmachines
Tony Ferguson, Bioscrypt / L-1 Enterprise Access Division
Bob Gilson, Defense Manpower Data Center (DMDC)
Walter Hamilton, Identification Technology Partners
Kevin Kozlowski, XTec, Inc.
Lolie Kull, HP
Bob Merkert, SCM Microsystems
David Nichols, HID Global
Steve Rogers, Intellisoft, Inc.
Adam Shane, AMAG Technology
Mike Sulak, Department of State
Lars Suneborn, Hirsch Electronics
With more than 800 registrants and 50 exhibitors and sponsors expected, The 9th Annual Smart Cards in Government: Identity, Security & Healthcare Conference is the largest annual event for the government identity and security sector. This year’s conference will be held November 16th through the 19th at the Walter E. Washington Convention Center in Washington, DC. Details on the agenda, pricing, sponsors and exhibitors, and registration can be found on the Smart Card Alliance Web site.
About the Smart Card Alliance Physical Access Council
The Smart Card Alliance Physical Access Council is focused on accelerating the widespread acceptance, usage, and application of smart card technology for physical access control. The group brings together, in an open forum, leading users and technologists from both the public and private sectors and works on activities that are important to the physical access industry and that will help speed smart card adoption in this important market.
About the Smart Card Alliance
The Smart Card Alliance is a not-for-profit, multi-industry association working to stimulate the understanding, adoption, use and widespread application of smart card technology.
Through specific projects such as education programs, market research, advocacy, industry relations and open forums, the Alliance keeps its members connected to industry leaders and innovative thought. The Alliance is the single industry voice for smart cards, leading industry discussion on the impact and value of smart cards in the U.S. and Latin America. For more information please visit http://www.smartcardalliance.org.