Compliance Services
Security Services
Cryptography Services
|
COMPLIANCE
Compliance can be an ever-changing and evolving set of circumstances fraught with statutory, regulatory and contractual obligations. Organizations are challenged daily with satisfying business objectives and at the same time conforming to often subjective and sometimes ambiguous requirements. Further, the security landscape changes frequently as ever-increasing threats to data makes understanding the risks and vulnerabilities of your systems more complex and yet more critical than ever.
GEOBRIDGE offers a wide range of compliance services to our clients:
PCI
TG-3
Red Flag
AML
PCI
GEOBRIDGE is a Qualified Security Assessor certified by the PCI Security Standards Council. The PCI Security Standards Council (SSC) was founded by American Express, Discover Financial Services, JCB International, MasterCard
Worldwide and Visa Inc., to enhance payment account data security and to promote consistent data security measures across the globe.
The PCI Data Security Standard (DSS) establishes requirements for network architecture and security, security management policies and
procedures, software design and other areas critical to ensuring the protection of account data. Since its inception, the PCI SSC has
published additional security standards that our team understands and supports.
GEOBRIDGE has an extensive background in payment security and has provided both technology solutions and consulting services in this
area to Fortune 500 organizations and leading financial institutions. Leveraging this experience, GEOBRIDGE is well suited to provide
a wide variety of service options pertaining to PCI compliance:
- Assessments
- Pre-assessments
- Remediation services
- Educational services, including introductions to PCI, staff awareness training and tailored compliance training programs.
- Customized PCI compliance consulting services, including customized best-practices guides tailored to the requirements of individual organizations.
Contact Us for more information about GEOBRIDGE PCI Compliance Services.
Back to top
Download our PCI Compliance Brochure
... 
[PDF-456KB]
TG-3
The Electronic Funds Transfer (EFT) networks (including PULSE, STAR and NYCE) mandate TG 3 compliance for all PIN-based credit card, debit
card, and other financial transactions.
TG-3 assessments are based on the Guideline for Financial Services TG-3-2006 Retail Financial Services Compliance Guideline for Online PIN
Security and Key Management. The TG-3 Guideline contains compliance control objectives derived from the following American National
Standards and contains additional industry best practices for key management methods and techniques.
X9.8-2003, Banking - Personal Identification Number Management and Security - Part 1: PIN Protection Principles and
Techniques for Online Pin Verification in ATM & POS Systems
X9.24-2004, Retail Financial Services Symmetric Key Management
- Part 1: Using Symmetric Techniques
- Part 2: Using Asymmetric Techniques for the Distribution of Symmetric Keys
GEOBRIDGE team members have played key roles in the definition of relevant ANSI X9 and ISO standards, including serving as chairs for
the X9A10 and X9F4 working groups. With decades of combined experience in the hands-on development of these standards, GEOBRIDGE is
uniquely positioned to provide TG-3 related services, including:
- Assessments
- Pre-assessments
- Remediation services
- Educational services, including introductions to TG-3, staff awareness training and tailored compliance training programs.
- Customized TG-3 compliance consulting services, including customized best-practices guides tailored to the requirements of individual organizations.
Contact Us for more information about GEOBRIDGE TG-3 Compliance Services.
Back to top
Download our TG-3 Compliance Brochure
...
[PDF-563KB]
RED FLAG
Section 315 and Section 114(B) of the Fair and Accurate Credit Transactions Act of 2003 (FACTA) specifies that any organization,
including non lenders (e.g., brokers and auto dealers), which uses consumer credit data is required to comply with Red Flag regulations
by Nov. 1, 2008. To satisfy Red Flag requirements programs must demonstrate (i) reasonable policies and procedures for detecting,
preventing and mitigating identity theft; (ii) the ability to identify relevant patterns of activity considered red flags, including
address discrepancies; and (iii) periodic updates to reflect changes in risks from identity theft.
GEOBRIDGE offers a wide variety of assessment and consulting services around Red Flag compliance, including:
- Assessments
- Pre-assessments
- Remediation services
- Educational services, including introductions to Red Flag, staff awareness training and tailored compliance training programs.
- Customized Red Flag compliance consulting services, including customized best-practices guides tailored to the requirements of individual organizations.
Contact Us for more information about GEOBRIDGE Red Flag Compliance Services.
Back to top
AML
Compliance with the Bank Secrecy Act and 31 CFR 103 (as well as other Anti-Money Laundering (AML) laws included in the US PATRIOT Act,
et al.) require financial institutions to educate their employees, to understand their customers and their customers’ businesses, and
to have systems and procedures in place to distinguish routine transactions from ones that rise to the level of suspicious activity.
GEOBRIDGE offers a wide variety of assessment and consulting services around AML compliance, including:
- Assessments
- Pre-assessments
- Remediation services
- Educational services, including introductions to AML, staff awareness training and tailored compliance training programs.
- Customized AML compliance consulting services, including customized best-practices guides tailored to the requirements of individual organizations.
Contact Us for more information about GEOBRIDGE AML Compliance Services.
Back to top
|
