Transact, the leader in innovative payment solutions for a connected campus, today announced the successful completion of its annual SOC 2 Type 2 examination, PCI DSS assessment, and penetration tests.
Transact, the leader in innovative payment solutions for a connected campus, today announced the successful completion of its annual SOC 2 Type 2 examination, PCI DSS assessment, and penetration tests.
Read More: GlobalFintechSeries Interview with Robert Visentini, Chief Product Officer at Profectus Group
As a best practice, Transact regularly tests the effectiveness of the various security measures through a combination of automated scanning systems and penetration tests. Transact has a longstanding reputation for strict adherence with relevant regulations.
Transact’s SOC 2 Type 2 examination covered Transact’s cloud-hosted products’ related to the AICPA Trust Services Criteria for Security, Confidentiality and Availability; providing assurance that controls were designed and placed into operation over a period of time. The PCI DSS assessment covered the company’s procedures for managing payment card information for its Payments and TS SaaS products. Lastly, penetration testing evaluated the performance of the company’s cybersecurity controls for those same products in a real-world scenario.
“These achievements reflect Transact’s commitment to data security, while giving them a competitive edge in their industry,” said Danielle Kucera, Co-Founder and Quality Director, 360 Advanced, Inc., the third-party auditor. “Our integrated engagement not only allows Transact’s clients insight as to how Transact safeguards customer data, but also provides critical feedback regarding the operational effectiveness of controls.”
Read More: AXONI Raises $31 Million From Deutsche Bank, Intel Capital, UBS and Existing Investors
“It is a point of pride that our technologies are compliant with all relevant regulations and that we go above and beyond industry requirements for data security,” said Brian Austin, Chief Technology Officer, Transact. “Our compliance and information security efforts include regular daily, weekly and annual testing to identify and address weaknesses and validate corrections.”
“We highly value the feedback we get from our auditors at 360 Advanced,” continued Austin. “Their strong technology backgrounds and focus on service providers help us raise the bar for our data security, privacy, and accessibility practices.”
In addition, the company recently received its annual Attestation of Compliance (AoC) for the Payment Card Industry Data Security Standard (PCI DSS). The AoC, which was also completed by third-party assessor 360 Advanced, documented that Transact has upheld security best practices to protect cardholder data. The company has maintained full compliance with the PCI program since its creation in 2006.
Transact is also certified as a Level 1 Service Provider under both VISA Cardholder Information Security Program (CISP) and MasterCard Site Data Protection (SDP).
Further, Transact successfully completed its Nacha ACH Rules Compliance Audit that confirmed compliance with NACHA rules for safeguarding customers’ sensitive financial and non-financial data and ensuring ACH transactions are handled smoothly and securely.
Read More: Exploring the Rise of Fintech in Australia