Consulting services in the following areas:
- PCI DSS data security standard
Security Testing
Making a product compliant to PCI DSS
Overview
Our client is one of Asia's leading low-cost airlines. The company has been named as the world's best low-cost carrier in international travel and airline awards.
Services
Challenge
Our client was starting a new mobile payment system for managing pre-paid plastic cards tied to their main brand. Their system had a lot of integrations with third-party payment systems and banks. In order to ensure users that the system was safe, security certification was required.
Solution
Our security consultant worked closely with the development team to investigate system architecture and check for compliance with PCI data security standard. Once penetration testing and security assessment revealed issues, they were documented. Then our security consultant worked with the development teams towards eliminating issues.
Results
In 8 weeks Lohika’s security consultant:
- Investigated product architecture
- Determined a list of PCI DSS requirements according to product architecture
- Created a list of issues which should be fixed to make the product compliant to PCI DSS
- Guided development team through the process of fixing issues, including changes to product design
- Enumarated fixed requirements and requirements left to be covered
As a result, the client had a clear roadmap towards PCI DSS certification.
