Welcome!

News Feed Item

403 Labs Assesses First U.S.-Based P2PE Solution Accepted by the PCI SSC

PayConex(TM) P2PE Encryption Solution to Help Protect Credit Card Data, Reduce Malicious Hacking

NAPERVILLE, IL--(Marketwired - March 19, 2014) -  With guidance from 403 Labs, the security and compliance division of Sikich LLP, the first U.S.-based point-to-point encryption (P2PE) solution, PayConex P2PE, has been introduced by the firm's client, Bluefin Payment Systems.

A P2PE solution encrypts credit card data from the point it is swiped into a system until the point it reaches the solution provider. Because of the level of security a P2PE solution provides, standards are rigorous and have been difficult to meet. Bluefin's solution, which was assessed by 403 Labs, was recently accepted by the standards body for the payment card industry (PCI), the PCI Security Standards Council (PCI SSC).

"Bluefin recognized that its partners and merchants were interested in enhancing security while reducing compliance scope," said D.J. Vogel, Partner, Security and Compliance Practice Leader at Sikich. "Their hard work and initiative paid off, allowing them to be the first-to-market solution in North America."

The Nilson Report stated that global credit, debit and prepaid card fraud resulted in losses of $11.27 billion in 2012, an increase of more than 14 percent over the prior year. Therefore, solutions like Bluefin's PayConex P2PE will become more critical, particularly for retailers. According to an official statement by Bluefin, PayConex P2PE will reduce the potential for malicious hacking and fraud, as well as reduce the PCI Data Security Standard (PCI DSS) compliance burden for merchants.

403 Labs worked closely with Bluefin's team to provide consultation and guidance for building the solution infrastructure and operations necessary to complete the rigorous assessment process. The assessment conducted by 403 Labs involved in-depth testing and a thorough review of Bluefin's hardware, software and encryption methods, as well as numerous associated practices and policies.

"Becoming the first North American PCI-validated solution P2PE was new ground for all of us," said Ruston Miles, Chief of Product Innovation, Bluefin Payment Systems. "Without the guidance of 403 Labs on interpreting these standards, and its commitment to powering through the mountains of materials associated with the testing, achieving this goal would have been exponentially more difficult."

In early 2014, Sikich significantly grew its information security practice after its merger with 403 Labs. Visit the Sikich website for more information about the information security services the firm offers.

About Sikich
Sikich LLP, a leading accounting, advisory, investment banking, technology and managed services firm, has more than 600 employees throughout the country. Founded in 1982, Sikich now ranks as one of the country's Top 35 Certified Public Accounting firms and is among the top 1% of all enterprise resource planning solution partners in the world. From corporations and non-profits to state and local governments, Sikich clients can use a broad spectrum of services and products that help them reach long-term, strategic goals.

403 Labs, the security and compliance division of Sikich, is a full-service information security and compliance consulting practice specializing in performing compliance audits, computer security assessments, penetration tests and computer forensic investigations. 403 Labs is an Approved Scanning Vendor (ASV), a Qualified Security Assessor (QSA), a Payment Application Qualified Security Assessor (PA-QSA), a QSA and PA-QSA for Point-to-Point Encryption (QSA (P2PE) and PA-QSA (P2PE) and a PCI Forensic Investigator (PFI) certified to perform the requirements of the Payment Card Industry Data Security Standard (PCI DSS) and the Payment Application Data Security Standard (PA-DSS).

Visit www.sikich.com to discover how you can elevate performance in your organization.

Securities are offered through Sikich Corporate Finance LLC, a registered broker dealer with the Securities Exchange Commission and a member of FINRA/SIPC.

Contact information
Rebecca Miller
Internal Marketing
630.566.8482
[email protected]

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
Sometimes I write a blog just to formulate and organize a point of view, and I think it’s time that I pull together the bounty of excellent information about Machine Learning. This is a topic with which business leaders must become comfortable, especially tomorrow’s business leaders (tip for my next semester University of San Francisco business students!). Machine learning is a key capability that will help organizations drive optimization and monetization opportunities, and there have been some...
"Storpool does only block-level storage so we do one thing extremely well. The growth in data is what drives the move to software-defined technologies in general and software-defined storage," explained Boyan Ivanov, CEO and co-founder at StorPool, in this SYS-CON.tv interview at 16th Cloud Expo, held June 9-11, 2015, at the Javits Center in New York City.
A strange thing is happening along the way to the Internet of Things, namely far too many devices to work with and manage. It has become clear that we'll need much higher efficiency user experiences that can allow us to more easily and scalably work with the thousands of devices that will soon be in each of our lives. Enter the conversational interface revolution, combining bots we can literally talk with, gesture to, and even direct with our thoughts, with embedded artificial intelligence, whic...
The question before companies today is not whether to become intelligent, it’s a question of how and how fast. The key is to adopt and deploy an intelligent application strategy while simultaneously preparing to scale that intelligence. In her session at 21st Cloud Expo, Sangeeta Chakraborty, Chief Customer Officer at Ayasdi, provided a tactical framework to become a truly intelligent enterprise, including how to identify the right applications for AI, how to build a Center of Excellence to oper...
While some developers care passionately about how data centers and clouds are architected, for most, it is only the end result that matters. To the majority of companies, technology exists to solve a business problem, and only delivers value when it is solving that problem. 2017 brings the mainstream adoption of containers for production workloads. In his session at 21st Cloud Expo, Ben McCormack, VP of Operations at Evernote, discussed how data centers of the future will be managed, how the p...
ChatOps is an emerging topic that has led to the wide availability of integrations between group chat and various other tools/platforms. Currently, HipChat is an extremely powerful collaboration platform due to the various ChatOps integrations that are available. However, DevOps automation can involve orchestration and complex workflows. In his session at @DevOpsSummit at 20th Cloud Expo, Himanshu Chhetri, CTO at Addteq, will cover practical examples and use cases such as self-provisioning infra...
As DevOps methodologies expand their reach across the enterprise, organizations face the daunting challenge of adapting related cloud strategies to ensure optimal alignment, from managing complexity to ensuring proper governance. How can culture, automation, legacy apps and even budget be reexamined to enable this ongoing shift within the modern software factory? In her Day 2 Keynote at @DevOpsSummit at 21st Cloud Expo, Aruna Ravichandran, VP, DevOps Solutions Marketing, CA Technologies, was jo...
As Marc Andreessen says software is eating the world. Everything is rapidly moving toward being software-defined – from our phones and cars through our washing machines to the datacenter. However, there are larger challenges when implementing software defined on a larger scale - when building software defined infrastructure. In his session at 16th Cloud Expo, Boyan Ivanov, CEO of StorPool, provided some practical insights on what, how and why when implementing "software-defined" in the datacent...
Blockchain. A day doesn’t seem to go by without seeing articles and discussions about the technology. According to PwC executive Seamus Cushley, approximately $1.4B has been invested in blockchain just last year. In Gartner’s recent hype cycle for emerging technologies, blockchain is approaching the peak. It is considered by Gartner as one of the ‘Key platform-enabling technologies to track.’ While there is a lot of ‘hype vs reality’ discussions going on, there is no arguing that blockchain is b...
Blockchain is a shared, secure record of exchange that establishes trust, accountability and transparency across business networks. Supported by the Linux Foundation's open source, open-standards based Hyperledger Project, Blockchain has the potential to improve regulatory compliance, reduce cost as well as advance trade. Are you curious about how Blockchain is built for business? In her session at 21st Cloud Expo, René Bostic, Technical VP of the IBM Cloud Unit in North America, discussed the b...
You know you need the cloud, but you’re hesitant to simply dump everything at Amazon since you know that not all workloads are suitable for cloud. You know that you want the kind of ease of use and scalability that you get with public cloud, but your applications are architected in a way that makes the public cloud a non-starter. You’re looking at private cloud solutions based on hyperconverged infrastructure, but you’re concerned with the limits inherent in those technologies.
Is advanced scheduling in Kubernetes achievable?Yes, however, how do you properly accommodate every real-life scenario that a Kubernetes user might encounter? How do you leverage advanced scheduling techniques to shape and describe each scenario in easy-to-use rules and configurations? In his session at @DevOpsSummit at 21st Cloud Expo, Oleg Chunikhin, CTO at Kublr, answered these questions and demonstrated techniques for implementing advanced scheduling. For example, using spot instances and co...
The cloud era has reached the stage where it is no longer a question of whether a company should migrate, but when. Enterprises have embraced the outsourcing of where their various applications are stored and who manages them, saving significant investment along the way. Plus, the cloud has become a defining competitive edge. Companies that fail to successfully adapt risk failure. The media, of course, continues to extol the virtues of the cloud, including how easy it is to get there. Migrating...
The use of containers by developers -- and now increasingly IT operators -- has grown from infatuation to deep and abiding love. But as with any long-term affair, the honeymoon soon leads to needing to live well together ... and maybe even getting some relationship help along the way. And so it goes with container orchestration and automation solutions, which are rapidly emerging as the means to maintain the bliss between rapid container adoption and broad container use among multiple cloud host...
Imagine if you will, a retail floor so densely packed with sensors that they can pick up the movements of insects scurrying across a store aisle. Or a component of a piece of factory equipment so well-instrumented that its digital twin provides resolution down to the micrometer.