Click here to close now.

SYS-CON MEDIA Authors: AppDynamics Blog, Harry Trott, Liz McMillan, Carmen Gonzalez, Blue Box Blog

News Feed Item

403 Labs Assesses First U.S.-Based P2PE Solution Accepted by the PCI SSC

PayConex(TM) P2PE Encryption Solution to Help Protect Credit Card Data, Reduce Malicious Hacking

NAPERVILLE, IL--(Marketwired - March 19, 2014) -  With guidance from 403 Labs, the security and compliance division of Sikich LLP, the first U.S.-based point-to-point encryption (P2PE) solution, PayConex P2PE, has been introduced by the firm's client, Bluefin Payment Systems.

A P2PE solution encrypts credit card data from the point it is swiped into a system until the point it reaches the solution provider. Because of the level of security a P2PE solution provides, standards are rigorous and have been difficult to meet. Bluefin's solution, which was assessed by 403 Labs, was recently accepted by the standards body for the payment card industry (PCI), the PCI Security Standards Council (PCI SSC).

"Bluefin recognized that its partners and merchants were interested in enhancing security while reducing compliance scope," said D.J. Vogel, Partner, Security and Compliance Practice Leader at Sikich. "Their hard work and initiative paid off, allowing them to be the first-to-market solution in North America."

The Nilson Report stated that global credit, debit and prepaid card fraud resulted in losses of $11.27 billion in 2012, an increase of more than 14 percent over the prior year. Therefore, solutions like Bluefin's PayConex P2PE will become more critical, particularly for retailers. According to an official statement by Bluefin, PayConex P2PE will reduce the potential for malicious hacking and fraud, as well as reduce the PCI Data Security Standard (PCI DSS) compliance burden for merchants.

403 Labs worked closely with Bluefin's team to provide consultation and guidance for building the solution infrastructure and operations necessary to complete the rigorous assessment process. The assessment conducted by 403 Labs involved in-depth testing and a thorough review of Bluefin's hardware, software and encryption methods, as well as numerous associated practices and policies.

"Becoming the first North American PCI-validated solution P2PE was new ground for all of us," said Ruston Miles, Chief of Product Innovation, Bluefin Payment Systems. "Without the guidance of 403 Labs on interpreting these standards, and its commitment to powering through the mountains of materials associated with the testing, achieving this goal would have been exponentially more difficult."

In early 2014, Sikich significantly grew its information security practice after its merger with 403 Labs. Visit the Sikich website for more information about the information security services the firm offers.

About Sikich
Sikich LLP, a leading accounting, advisory, investment banking, technology and managed services firm, has more than 600 employees throughout the country. Founded in 1982, Sikich now ranks as one of the country's Top 35 Certified Public Accounting firms and is among the top 1% of all enterprise resource planning solution partners in the world. From corporations and non-profits to state and local governments, Sikich clients can use a broad spectrum of services and products that help them reach long-term, strategic goals.

403 Labs, the security and compliance division of Sikich, is a full-service information security and compliance consulting practice specializing in performing compliance audits, computer security assessments, penetration tests and computer forensic investigations. 403 Labs is an Approved Scanning Vendor (ASV), a Qualified Security Assessor (QSA), a Payment Application Qualified Security Assessor (PA-QSA), a QSA and PA-QSA for Point-to-Point Encryption (QSA (P2PE) and PA-QSA (P2PE) and a PCI Forensic Investigator (PFI) certified to perform the requirements of the Payment Card Industry Data Security Standard (PCI DSS) and the Payment Application Data Security Standard (PA-DSS).

Visit www.sikich.com to discover how you can elevate performance in your organization.

Securities are offered through Sikich Corporate Finance LLC, a registered broker dealer with the Securities Exchange Commission and a member of FINRA/SIPC.

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
With major technology companies and startups seriously embracing IoT strategies, now is the perfect time to attend @ThingsExpo in Silicon Valley. Learn what is going on, contribute to the discussions, and ensure that your enterprise is as "IoT-Ready" as it can be! Internet of @ThingsExpo, taking place Nov 3-5, 2015, at the Santa Clara Convention Center in Santa Clara, CA, is co-located with 17th Cloud Expo and will feature technical sessions from a rock star conference faculty and the leading in...
A new definition of Big Data & the practical applications of the defined components & associated technical architecture models This presentation introduces a new definition of Big Data, along with the practical applications of the defined components and associated technical architecture models. In his session at Big Data Expo, Tony Shan will start with looking into the concept of Big Data and tracing back the first definition by Doug Laney, and then he will dive deep into the description of 3V...
There is no doubt that Big Data is here and getting bigger every day. Building a Big Data infrastructure today is no easy task. There are an enormous number of choices for database engines and technologies. To make things even more challenging, requirements are getting more sophisticated, and the standard paradigm of supporting historical analytics queries is often just one facet of what is needed. As Big Data growth continues, organizations are demanding real-time access to data, allowing immed...
Containers and microservices have become topics of intense interest throughout the cloud developer and enterprise IT communities. Accordingly, attendees at the upcoming 16th Cloud Expo at the Javits Center in New York June 9-11 will find fresh new content in a new track called PaaS | Containers & Microservices Containers are not being considered for the first time by the cloud community, but a current era of re-consideration has pushed them to the top of the cloud agenda. With the launch ...
The world's leading Cloud event, Cloud Expo has launched Microservices Journal on the SYS-CON.com portal, featuring over 19,000 original articles, news stories, features, and blog entries. DevOps Journal is focused on this critical enterprise IT topic in the world of cloud computing. Microservices Journal offers top articles, news stories, and blog posts from the world's well-known experts and guarantees better exposure for its authors than any other publication. Follow new article posts on T...
Enterprise IoT is an exciting and chaotic space with a lot of potential to transform how the enterprise resources are managed. In his session at @ThingsExpo, Hari Srinivasan, Sr Product Manager at Cisco, will describe the challenges in enabling mass adoption of IoT, and share perspectives and insights on architectures/standards/protocols that are necessary to build a healthy ecosystem and lay the foundation to for a wide variety of exciting IoT use cases in the years to come.
SYS-CON Events announced today that Secure Infrastructure & Services will exhibit at SYS-CON's 16th International Cloud Expo®, which will take place on June 9-11, 2015, at the Javits Center in New York City, NY, and the 17th International Cloud Expo®, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. Secure Infrastructure & Services (SIAS) is a managed services provider of cloud computing solutions for the IBM Power Systems market. The company...
So I guess we’ve officially entered a new era of lean and mean. I say this with the announcement of Ubuntu Snappy Core, “designed for lightweight cloud container hosts running Docker and for smart devices,” according to Canonical. “Snappy Ubuntu Core is the smallest Ubuntu available, designed for security and efficiency in devices or on the cloud.” This first version of Snappy Ubuntu Core features secure app containment and Docker 1.6 (1.5 in main release), is available on public clouds, ...
WebRTC defines no default signaling protocol, causing fragmentation between WebRTC silos. SIP and XMPP provide possibilities, but come with considerable complexity and are not designed for use in a web environment. In his session at @ThingsExpo, Matthew Hodgson, technical co-founder of the Matrix.org, discussed how Matrix is a new non-profit Open Source Project that defines both a new HTTP-based standard for VoIP & IM signaling and provides reference implementations.
The security devil is always in the details of the attack: the ones you've endured, the ones you prepare yourself to fend off, and the ones that, you fear, will catch you completely unaware and defenseless. The Internet of Things (IoT) is nothing if not an endless proliferation of details. It's the vision of a world in which continuous Internet connectivity and addressability is embedded into a growing range of human artifacts, into the natural world, and even into our smartphones, appliances, a...
There are 182 billion emails sent every day, generating a lot of data about how recipients and ISPs respond. Many marketers take a more-is-better approach to stats, preferring to have the ability to slice and dice their email lists based numerous arbitrary stats. However, fundamentally what really matters is whether or not sending an email to a particular recipient will generate value. Data Scientists can design high-level insights such as engagement prediction models and content clusters that a...
It's time to put the "Thing" back in IoT. Whether it’s drones, robots, self-driving cars, ... There are multiple incredible examples of the power of IoT nowadays that are shadowed by announcements of yet another twist on statistics, databases, .... Sorry, I meant, Big Data(TM), tiered storage(TM), complex systems(TM), smart nations(TM), .... In his session at WebRTC Summit, Dr Alex Gouaillard, CTO and Co-Founder of Temasys, will discuss the concrete, cool, examples of IoT already happening tod...
SYS-CON Events announced today the IoT Bootcamp – Jumpstart Your IoT Strategy, being held June 9–10, 2015, in conjunction with 16th Cloud Expo and Internet of @ThingsExpo at the Javits Center in New York City. This is your chance to jumpstart your IoT strategy. Combined with real-world scenarios and use cases, the IoT Bootcamp is not just based on presentations but includes hands-on demos and walkthroughs. We will introduce you to a variety of Do-It-Yourself IoT platforms including Arduino, Ras...
The Internet of Things is not new. Historically, smart businesses have used its basic concept of leveraging data to drive better decision making and have capitalized on those insights to realize additional revenue opportunities. So, what has changed to make the Internet of Things one of the hottest topics in tech? In his session at @ThingsExpo, Chris Gray, Director, Embedded and Internet of Things, discussed the underlying factors that are driving the economics of intelligent systems. Discover ...
Scott Jenson leads a project called The Physical Web within the Chrome team at Google. Project members are working to take the scalability and openness of the web and use it to talk to the exponentially exploding range of smart devices. Nearly every company today working on the IoT comes up with the same basic solution: use my server and you'll be fine. But if we really believe there will be trillions of these devices, that just can't scale. We need a system that is open a scalable and by using ...