Home: IT Security Services > Application Payment Security and PCI Compliance Services
Application Payment Security and PCI Compliance Services
Credit card data typically enters a merchant’s environment through some form of payment application. Unauthorized parties seeking access to card data often target payment applications because of the lack of proper security controls, improper configuration or insecure implementation securely. Point-of-Sale (POS) systems and other payment applications contribute to the majority of cardholder data compromises investigated by Secure128. Payment applications that retain full track data present significant risks to cardholders, merchants and ultimately to the payment application developers themselves.
Complete Validation Services
Secure128’s Payment Application Validation services ensure that the payment applications you develop meet or exceed the requirements of the PCI Compliance.
Our services for payment applications include the following:
- Discovery sessions with application developers, application support staff and product managers
- PCI Compliance Assessment and Review of custom built applications
- PCI DSS Scanning
- Documentation review and analysis
- Functional and security testing of the application
- Technical and forensic review of application components, payment transaction logs and cardholder data storage to ensure prohibited data (e.g., full track and card security codes) is not stored
- Follow-up communications with the PCI SSC
- Remediation recommendations and application re-validation
- Application penetration testing
- Minor and major release follow-up reviews and attestation filing with the PCI SSC
Please contact us to learn more about our services