PCI Compliance

Finix Case Study

How fast-growth payments processing startup, Finix, achieved PCI DSS compliance in just four months.

Screen Shot 2020-09-15 at 5.46.52 PM

“With RSI Security, we feel like a valued client, not just another name in a book of customers. And that means a lot, especially when working with a small, but growing, company like Finix.”

- Gurpal Singh, Head of Compliance at Finix

Screen Shot 2020-09-15 at 5.46.52 PM

“With RSI Security, we feel like a valued client, not just another name in a book of customers. And that means a lot, especially when working with a small, but growing, company like Finix.”

- Gurpal Singh, Head of Compliance at Finix

Screen Shot 2020-09-15 at 5.46.52 PM

“With RSI Security, we feel like a valued client, not just another name in a book of customers. And that means a lot, especially when working with a small, but growing, company like Finix.”

- Gurpal Singh, Head of Compliance at Finix

Challenges

Financial technology (fintech) startup Finix provides white-label payment infrastructure to payment facilitators, ISVs, and marketplaces, and therefore must be in compliance with PCI DSS regulations in order to protect sensitive cardholder data.

As a growing company on-boarding more enterprise-tier clients, Finix needed a partner that would work with their existing Compliance and Security teams to streamline their PCI DSS efforts, as well as fill in any cybersecurity gaps that could be potentially exploited by hackers.

“Before we started working with RSI Security, PCI compliance was a difficult process for us,” recalls Gurpal Singh, Head of Compliance at Finix. “There were a lot of folks involved in our compliance efforts, but not everyone was aware of the depth and complexity of the regulations we were dealing with in terms of PCI DSS.”

testimonial-red

Gather Information

The first steps that RSI Security and Finix took towards ensuring PCI DSS compliance was evidence gathering and documentation. The RSI Security team worked hand-in-hand with Finix’s Compliance team to organize and gather all of the necessary compliance-related documentation in a quick, painless fashion.

“We kicked off in late September, at which point RSI opened up the evidence portal for us to start uploading all of our documents and policy updates,” Singh recalls.

gear-red

Onsite Assessment

“RSI Security then came on-site, and we were able to wrap up the documentation. We were just really happy to see that phase wrapped up so quickly.”

“That’s pretty impressive for a for a PCI audit,” observes Singh. “And we actually would have been done much faster, but wanted to conduct additional quality assurance testing before deploying the new environment to production.”

lock-red

Compliance Assessment

The RSI Security team also conducted a full PCI DSS compliance assessment of Finix’s data, systems, and policies to identify any potential control gaps that needed to be filled in order to assure PCI DSS compliance.

Outcome

Today, Finix can assure all of its clients that its white-label payments infrastructure is 100 percent compliant with PCI DSS v3.2.1. Additionally, the engagement with RSI Security helped Finix strengthen their overall approach to cybersecurity.

“Before engaging with RSI Security, PCI compliance was much more stressful,” Singh says. “And in addition to getting PCI compliant, I definitely think we’ve grown and matured as an organization when it comes to corporate oversight of data security.” And most importantly, RSI Security helped Finix achieve PCI DSS compliance in a rather short amount of time.

finix-payments
Screen Shot 2020-09-15 at 5.50.20 PM

“And what really meant a lot was that other assessors and auditors seemed very transactional in their approach, whereas with RSI Security there was an entire client-facing component that made us feel like a valued, long-term customer.”

- Gurpal Singh, Head of Compliance at Finix

Screen Shot 2020-09-15 at 5.50.20 PM

“And what really meant a lot was that other assessors and auditors seemed very transactional in their approach, whereas with RSI Security there was an entire client-facing component that made us feel like a valued, long-term customer.”

- Gurpal Singh, Head of Compliance at Finix

Screen Shot 2020-09-15 at 5.50.20 PM

“And what really meant a lot was that other assessors and auditors seemed very transactional in their approach, whereas with RSI Security there was an entire client-facing component that made us feel like a valued, long-term customer.”

- Gurpal Singh, Head of Compliance at Finix

OUR LATEST

Case Studies

Finix Case Study

Read More...

WorkWave Case Study

Read More...

Meltmedia Case Study

Read More...

CUSTOMERS

Organizations that trust RSI Security

samsung
verizon
hdvest
cisco-impact
sandag
phoneware
cmx
noble-americas
security-on-demand
jets-pizza
digitalrealty
century-club-sd

Start taking steps now to ensure your PCI DSS Compliance is up-to-date and avoid costly data-breach-related litigation and damage to business reputation.