Our experience includes over 30-years developing American National Standards and ISO standards; current and past working group chairs with the Accredited Standards Committee (ASC) X9 for the Financial Services Industry, former liaison and US expert to ISO Technical Committee 68 Financial Services; and editor for numerous X9 standards.

Services

What we do

	Compliance and Assessments An assessment of an organization's compliance with a recognized set of regulatory or industry criteria. Compliance services often include the submittal of an independent report to a governing body.
	Evaluation and Readiness Check An evaluation of an organization's product or processes with a recognized set of regulation or industry criteria.
	Consulting While information assurance is paramount, our consulting services also include assistance with cryptography or compliance. Two of our consulting specialties are assessments and evaluations. CAS clients include financial services organizations, entertainment industries, government agencies, and high technology companies.
	Cryptography and Research Cryptography techniques ranging from simple encryption for data in motion or data at rest; to an intricate Public Key Infrastructure (PKI) implementation for authentication and access controls.
	Investigative Services Our company's investigation services allow flexibility in giving our customers the option of further exploring identified vulnerabilities.
	Education and Training Our certified professionals and qualified instructors have years of experience with creating training materials and company specific computer security policies and procedures.

Our Services

PCI Auditing and Evaluations

The PCI Security Standards Council (SSC) was founded by the credit card brands American Express, Discover Financial Services, JCB, MasterCard Worldwide, and Visa International in 2006 to maintain and evolve the PCI Data Security Standard (DSS). The council is composed of over 400 additional participating organizations and is responsible for several certification programs including the Qualified Security Assessor (QSA). QSA perform annual assessments of merchants who must comply with the PCI DSS according to each brand's compliance program.

TG-3 and Key Management

The Accredited Standards Committee (ASC) X9 Technical Guideline #3 (TG-3) Retail Financial Services Compliance Guideline for Online PIN Security and Key Management was adopted by the Electronic Funds Transfer (EFT) networks Pulse™, STAR™ and NYCE™ since 1994 to protect the security of:

Personal Identification Numbers (PIN);
PIN Encryption Keys (KPE); and
Key Encryption Keys (KKE).

Red Flag Compliance

Sections 315 and 114(B) of the Fair and Accurate Credit Transactions (FACTA) of 2003 specifies that any organization, including non-lenders (e.g., brokers and auto dealers), which use consumer credit data is required to comply with Red Flag regulations by Nov. 1, 2008

Investigative Services

Our company's investigation services allow flexibility in giving our customers the option of further exploring identified vulnerabilities. Working in concert with the fraud / loss prevention teams of our customers, we can determine whether those vulnerabilities have been exploited to cause loss or damage, can strengthen prevention methods to minimize vulnerabilities, and can pursue those persons who may have caused loss to the company

PCI Auditing and Evaluations
TG-3 and Key Management
Red Flag Compliance
Investigative Services