Gresham Strengthens Cyber-Security Posture with PCI DSS 3.2 Accreditation

Gresham Strengthens Cyber-Security Posture with PCI DSS 3.2 Accreditation
20.06.2019 10:02 am

Gresham Strengthens Cyber-Security Posture with PCI DSS 3.2 Accreditation

Data
Gresham, the leading provider of real-time financial transaction control and enterprise data integrity solutions, announces that its Clareti Platform and associated software development processes have passed the world’s highest safety standards for handling cardholder data. 
 
The Attestation of Compliance to PCI DSS 3.2 is essential for the firm’s retail banking clients aiming to protect their customers’ data from malicious cyber and other attacks.
 
The certification comes as Gresham further enhances its cutting-edge security processes and commitment to world leading data integrity and enables customers to have complete confidence that their data will be completely secure within the Clareti Platform. 
 
The certification is designed to protect cardholder data from theft and applies to all entities that store, process or transmit cardholder data. It comes with strict requirements for developers and manufacturers of applications that deal with this data. Updates to the PCI DSS 3.2 include additional requirements around the use of multi-factor authentication and migration deadlines for removal of Secure Sockets Layer (SSL) /early Transport Layer Security (TLS). 
 
For certification, Gresham demonstrated it employs the required 300+ data protection processes and standards, as well as appropriate quarterly vulnerability assessments and scans. With Gresham’s adaptive and flexible methodology being continuously applied in highly sensitive financial environments, being held to the world’s highest security standards is a necessary mark of commitment to data integrity, a core focus for the firm. 
 
Commenting on the accreditation, Neil Vernon, Chief Technology Officer at Gresham said, 
 
“We recognise card data as being different from other data and apply specific encryption and masking algorithms to ensure confidentiality. From time to time, data integrity issues between the merchant and acquirer may lead to a legitimate and valid need for someone involved in the investigation of an issue to see the entire card data. However, we enforce several measures to protect data integrity including: providing a precise and clear audit of when this happens; time-limiting access to single cards; and securing the audit in at least two separate, persistent stores to eliminate the risk of tampering. We are pleased our processes are being recognised for the PCI DSS certification.”
 
Aligning any application to these high standards requires specialist knowledge and Gresham provides training and documentation to all of its clients, most of whom need the highest level of application security. Gresham has been PCI DSS certified since June 2016 and continues to update its certification as the standard evolves to address developments in how payment data can be exploited to the detriment of individuals and organisations. 

 

Related News

High-speed, high-volume data transfer facilitated by 5G will enhance industrial operations in connected factories

Frost & Sullivan’s recent analysis, Role of 5G Communication Revolutionising Industrial Internet of Things, finds that the... Read more »

Forecast by Robocash Group: 5G will boost financial inclusion in emerging markets in Asia

Driving improvements in the digital space, 5G has accelerated financial inclusion in emerging markets in Asia. Analysts of the financial holding ... Read more »

Xignite sees record demand for financial data during pandemic

Xignite, Inc., a provider of market data distribution and management solutions for financial services and technology... Read more »

D-ID Secures Over $13.5 Million to Protect Against Mass Surveillance

The software platform that removes key biometric data from photos and videos continues to protect industries and individuals

Read more »

LzLabs and T-Systems Team Up to Drive Mainframe Transformation

LzLabs today announced an Agreement with T-Systems, one of the world-leading cross-manufacturer digital service providers,... Read more »

SunTec Group collaborates with AWS to offer cloud-native applications that help clients improve customer experience and drive revenue growth

SunTec, a leading provider of revenue and billing management solutions,... Read more »

Magazine
ALL
Free Newsletter Sign-up
+44 (0) 208 819 32 53 +44 (0) 173 261 71 47
Download Our Mobile App
Financial It Youtube channel