Consulting and Advisory

Security Testing

Making a product compliant to PCI DSS

Overview

Our client is one of Asia's leading low-cost airlines. The company has been named as the world's best low-cost carrier in international travel and airline awards.

Services

Consulting services in the following areas:

  • PCI DSS data security standard

Challenge

Our client was starting a new mobile payment system for managing pre-paid plastic cards tied to their main brand. Their system had a lot of integrations with third-party payment systems and banks. In order to ensure users that the system was safe, security certification was required.

Solution

Our security consultant worked closely with the development team to investigate system architecture and check for compliance with PCI data security standard. Once penetration testing and security assessment revealed issues, they were documented. Then our security consultant worked with the development teams towards eliminating issues.

Results

In 8 weeks Lohika’s security consultant:

  • Investigated product architecture
  • Determined a list of PCI DSS requirements according to product architecture
  • Created a list of issues which should be fixed to make the product compliant to PCI DSS
  • Guided development team through the process of fixing issues, including changes to product design
  • Enumarated fixed requirements and requirements left to be covered

As a result, the client had a clear roadmap towards PCI DSS certification.

Talk To Us

Let’s talk about how Lohika can help you scale your engineering organization.