For more than 30 years, Payzone has dedicated itself to helping business of all sizes across Ireland to take card payments. Payzone specializes in providing payment solutions that make payment easier for both businesses and consumers.

SERVICES PROVIDED:  
PCI DSS Penetration Testing
  • INDUSTRY

    Payment Services Provider

  • CHALLENGE challenge

    To provide multi-year consultancy, assessment, and Report on Compliance for Payzone’s client processing application and payment application for public services against PCI DSS v3.2. To provide continual security consultancy to Payzone to ensure that the client can meet any future security compliance requirements.

  • SOLUTION solution

    Provision of a Qualified Security Assessor to provide expert security consultancy and a Report on Compliance against PCI DSS v3.2. Also, to provide Payzone with a gap analysis against PCI DSS v4.0 so Payzone can plan any remediation activities needed to meet the demands of the data security standard.

THE CUSTOMER

Payzone has over 30 years’ experience in providing payment solutions to businesses. Over 8,000 organizations use Payzone for their card payments, and they process over 125 million transactions each year.

Payzone is dedicated to maintaining the safety and security of its payment processing activities and payment application. Payzone is required to ensure that all processing activities are following the payment card industry data security standard v3.2.

Payzone ensures that security by design is integrated in all stages of its payment application development and operation. This includes ensuring that the application considers any upcoming changes in the compliance and regulation landscape, and the organization is adequately prepared to make security remediations needed.

“Payzone is pleased to have renewed its multi-year engagement with Advantio to provide PCI DSS consultancy and compliance reporting. Payzone has been delighted to work with Advantio’s expert QSA’s to ensure the ongoing compliance and security of our payment application and processing activities.”

– Nigel Bell
CFO

ADVANTIO’S SOLUTION

Since 2015 Advantio has provided multi-year PCI DSS QSA consultancy to Payzone to provide the organization with its annual Report on Compliance as required by the Payment Card Industry Security Standards Council. Advantio has worked with Payzone to provide the organization with a (RoC) and the mandated Attestation of Compliance (AoC) along with the necessary QSA consultancy and penetration testing technical support.

Working with Payzone’s compliance team, Advantio has performed reviews of the organization against the required standard, suggesting mitigation and remediations where necessary. Advantio and Payzone have established a successful working relationship, Advantio’s QSA has worked with Payzone’s IT team who quickly and efficiently implemented adequate security controls.

Throughout this multi-year engagement, Advantio provides continual QSA support, Payzone takes security very seriously, and the two organizations have worked in tandem to ensure that all remediation projects are on track. Advantio’s QSA engages with the Payzone compliance team mid-year to review the continual improvement plan and provides guidance on any issues which may have arisen.

As a payment application provider, Payzone is always striving to ensure that they are ahead of any new compliance requirements. Advantio assists Payzone through providing information on any updates to the PCI DSS standard, and where required, information on its implementation.

Advantio has also provided Payzone with a PCI DSS gap analysis of its environment against the PCI DSS v4.0. The gap analysis is equipped with a detailed report that allows Payzone to identify any new PCI DSS requirements and to understand where any additional security measures may be needed. The gap analysis report provides detailed clarification and recommendations required to implement the new requirements.

Advantio’s dedicated penetration testing team has also provided PCI compliance testing on the Payzone payment processing environment. A penetration testing report is provided to the client containing a list of any mitigations needed and penetration testers are also on hand to offer any technical support needed.

Solution icon

THE BENEFITS

Over Advantio’s multi-year engagement with Payzone, we are proud to state that Payzone had submitted a successful Report on Compliance annually to the PCI SSC. PCI DSS compliance ensures that the organization is adhering to the best practice security standard, allowing the organization to continue to provide payment processing and application services safely and securely to its clients.

Advantio’s QSAs have established close working practices with Payzone’s internal teams, providing a detailed and in-depth understanding of the client’s environment and needs. A multi-year engagement allows a QSA to understand the customer’s environment in depth and any additional or future business requirements they may have and advise them accordingly.

For Payzone, a multi-year engagement brings the benefits of working with a trusted advisor who can provide support throughout the yearly compliance cycle. Advantio’s dedicated customer-focused approach ensures that all projects are delivered on time and on budget.

Benefits icon

expert

BOOK AN EXPERT

Tell us more about you and one of our experts will call you back