Evolving Secure Software Lifecycle and Becoming a pioneer in achieving PCI Secure SLC standard

Verifone MVD is a pioneer for Latin America in achieving compliance accreditation for the PCI Secure SLC Standard, which is part of the new PCI Software Security Framework (PCI SSF).

Foregenix assisted Verifone in implementing the security controls within their software lifecycle process. Now, we proudly share the achievement of being the first Secure SLC-Qualified Software Vendor in the region.

Interested in validating your Software Lifecycle?

Results:

First Validated PCI Secure SLC in LATAM

1

Months of preparation for validation

3

More than 10.4B of transactions annually

10.4

CLIENT

Verifone logo

Verifone 

INDUSTRY

Payment Services

LOCATION

Montevideo, Uruguay

SERVICES PROVIDED BY FORGENIX

PCI  SSF Software Security Framework

Secure Software Lifecycle - PCI Secure SLC

PCI DSS

 

SHARE THIS STORY

About Verifone

Verifone is an organization that securely develops payment services and software within a payment ecosystem that mainly includes devices (POS), payment gateways, e-commerce solutions, acquiring, and issuing.

Discover Verifone Solutions

The challenge

Qualifying compliance to a security standard such as the PCI Secure SLC is a challenge that requires a shift in mindset and execution approaches. It is necessary to redirect the strategy to focus on structuring the security controls within the software lifecycle. This implies reconsidering existing processes from the perspective of software security governance and security assurance.

Under this new approach, we have identified the need to redesign our ticket creation system by segmenting requirements into specific boards. This allows us to have an instant overview of priorities in our secure software lifecycle.

Our clients demand compliance accreditations as part of their requirements in Requests for Quote (RFQ). Being qualified is crucial when choosing us.

CHECK THE LIST OF PCI SECURE SLC QUALIFIED SOFTWARE VENDORS

The solution

Foregenix has been our trusted companion when it comes to PCI discussions, from previous certifications like PCI PA-DSS in its various versions to the latest PCI Software Security Framework. They have always been by our side to accelerate adoption and compliance.

Throughout the journey, we have received the appropriate level of support in terms of understanding the Program Guide and the necessary forms to validate our compliance. Having an advanced knowledge of the standards is crucial to meet the requirements, and in this regard, our Foregenix consultant has provided us with support, assisting us in interpreting the guidelines for proper implementation.

We understand that the PCI Secure SLC standard incorporates the best practices from previous standards and significantly simplifies the process through 10 control objectives. We are gratified by the results we have accomplished.

Request Foregenix support

“Rethinking existing processes is always beneficial in seeking improvements within the process itself, potentially eliminating inefficiencies and introducing elements that contribute to the secure software lifecycle."

Pablo Fraga

Software Development Manager

Verifone MVD