• Significantly reduce the costs, risks and lead times associated with PCI DSS security compliance
  • Leverage market leading eCommerce solutions to improve cash flow, customer service and staff productivity
  • Delivering extremely flexible eCommerce solutions which are Level 1 PCI DSS Compliant
  • Bridging the gap between traditional banking products & unique client requirements to deliver significant benefits to business
  • Streamlining sales and accounts receivables processes
  • Proven technology, enjoyed by many ASX top 50 & Fortune 500 corporations

Solutions

Credit Card Data Discovery

Assisting you to find credit card data before others do



Become PCI compliant with less effort – Find credit card data before others do

Understanding your credit card data landscape is the first step on the PCI DSS journey.Card Recon is a software tool that audits the storage of credit card data within your corporate network. It is a centralised PCI compliant management platform for identifying storage of sensitive payment card data storage across organisations of all sizes. If you are looking to achieve and/or maintain PCI DSS Compliance this tool can reduce the costs, risks, and lead times associated with PCI compliance.


Expedite PCI Data Security Standard (PCIDSS) and Payment Application Data Security Standard (PADSS) assessment’s

Searching for the existence of unencrypted credit card data storage is a difficult task which requires a high level of effort to find all storage instances. Card Recon simplifies the process of finding credit card data stores due to its focus on accuracy, coupled with a user friendly interface.


The Card Recon application is trusted by corporate organizations in over 70 countries.

Card Recon provides efficient discovery of stored credit card data within your workstations and enterprise servers. Businesses of all sizes and their QSAs trust Card Recon as an efficient and reliable source for identification & evidence gathering for credit card storage. Card Recon efficiently scans file systems and outputs PCI status report for PCI DSS reviews and assessment’s.

The credit card storage reports generated by Card Recon are accepted internationally by the payment card industry including Qualified Security Assessors to verify your compliant credit card data storage practices.


Free Trial Licence

For a free Card Recon trial licence, please Contact us or email us at This e-mail address is being protected from spambots. You need JavaScript enabled to view it to receive your Card Recon scanning software.


Enterprise Edition

Card Recon Enterprise Edition is designed to centrally identify systems that store sensitive payment card information in a manner that is not compliant with PCI standards. Card Recon is designed to deliver organisations the benefit of lower compliance costs and reduced auditing and review time whilst further increasing visibility into an organisations PCI Compliance posture. With it's ability to centrally initiate payment card storage audits and generate compliance reports for use in PCI on-site reviews, Card Recon Enterprise Edition is the most accurate solution available for the auditing of stored payment card information.

 

 

Product Highlights

Centrally managed auditing for non-compliant storage

With its ability to centrally initiate payment card storage audits and generate compliance reports for use in PCI on-site reviews, Card Recon Enterprise Edition is the most accurate solution available for auditing of stored payment card information.

Unrivalled payment card detection capabilities

The core of Card Recon consists of an advanced scanning engine that implements intelligent pattern matching algorithms to interpret and verify findings within a wide variety of data types This results in the highest match rate whilst delivering the lowest false positive rate with more than 98% of false positives eliminated on average.

Enterprise platform compatibility

Whilst offering support for all modern versions of Windows and Linux, Card Recon Enterprise Edition includes specialist support for Enterprise platforms including HP-UX (IA64/PA-RISC), Solaris (x86/SPARC) and AIX (pSeries).

Client-Server deployment model with low network impact

Card Recon Enterprise Edition has been specifically designed to include support for remote site deployments that rely on low-bandwidth high latency networks. All scans occur locally on each host with no use of network file systems or sharing required. Card Recon nodes securely communicate with a pre-configured Card Recon Enterprise master using minimal bandwidth.

Highly efficient scanning engine to ensure users remain productive

Card Recon node deployments do not require excessive system resources to conduct a scan. Throughout a scan users can continue to work without experiencing noticeable disruption or delay due to the Card Recon scanning engine efficiently allocating CPU and memory resources.

Lower the cost of maintaining PCI compliance

No longer are IT resources expending time performing manual audits for PCI non-compliant storage on a system by system basis. Card Recon Enterprise Edition provides centralised control to initiate scans for stored payment card data combined with consolidated reporting in a single view. This results in less time required to prepare for or maintain PCI compliance whilst streamlining the PCI onsite review process.

Rapid Deployment

All hosts across an organisation can be enabled for auditing manual installation practices being used. Card Recon Enterprise Edition Nodes support the use of standard remote software deployment techniques

Centralised Control

Once nodes are deployed the Card Recon Control Centre an Administrative user has complete control to initiate scans of individual hosts or on a grouped basis.

Consolidated Reporting

Offers the ability to generate a master compliance report quickly and effectively once all non-compliant findings have been resolved. This enables organisations to report on storage compliance in a simple and consolidated way.

Automated PCI compliance monitoring of all desktop and server storage on a 24/7 basis

All organisations that store, transmit or process payment card data are required to ensure they continually maintain and meet their PCI compliance obligations. To assist organisations achieve this requirement, Card Recon Enterprise Edition provides scheduled scanning capabilities to ensure systems within the organisation are continually monitored for non-compliant card storage.

Host Scheduling

Where individual hosts are suspected of non-compliant card storage, Card Recon Enterprise Edition provides Administrative users the ability to initiate one-off or recurring scans of a single host to ensure ongoing compliance.

Group Scheduling

Offers the ability to initiate scans across groups of hosts both large and small at any time interval.

Automated generation of reports

Upon completion of a scan, reports can be automatically generated and stored for later review by internal staff responsible for compliance of systems. Additionally these reports may be supplied to PCI QSA's for validation of compliance as part of an onsite review, thereby reducing the costs associated with ongoing PCI DSS compliance.


Features and Benefits

Faster verification of PCI compliance across all card data storage locations within your organisation

Card Recon Enterprise Edition provides a centralised approach to identify and report on any instances of PCI non-compliant storage. This enables an organisation to maintain continuous visibility of storage compliance across any system that form part of PCI compliance scope. The Card Recon Enterprise Console enables administrators to initiate host scans to identify instances of Card Holder Data storage using different views including:

Master View

Displays a master level summary of all compliant and non-compliant hosts across an organisation

Node View

Provides a detailed view of an individual host to identify specific areas of non-compliance and remediate as appropriate

Prevent non-compliant storage practices from reoccurring

Whilst policies and procedures exist to help prevent non-compliant storage from occurring, users continue to represent a dynamic and unpredictable threat to an organisations ongoing PCI  compliance. Card Recon Enterprise Edition mitigates this risk through the ability to highlight any breaches of policies enforcing safe handling and storage of sensitive customer payment data in a centralised manner.

Real-time view of compliance

When using the recurring schedule features of Card Recon Enterprise Edition, organisations are provided with an up-to-date view of their compliance posture in relation to storage of sensitive payment card information.

Full audit history of past scans available

Further support for organisations complying with PCI DSS, Card Recon Enterprise Edition maintains a history of audits performed for all systems. These reports can be used as evidence to confirm regular audits are taking place within an organisation. This feature can also reduce the efforts required of a PCI QSA to verify compliant storage practices are being maintained.

 

Card Recon

Card Recon is an advanced PCI compliance software tool used to perform cardholder data discovery on desktops and servers.

Card Recon will accurately scan a file system to identify non-compliant storage of payment card numbers issued by major
card schemes including American Express, Diners Club, Discover, JCB, MasterCard and Visa. When a scan is complete Card
Recon provides a simple and easy to read report in a variety of common formats for compliance record keeping or evidence
during a PCI onsite review.

With active deployments in over 44 countries, Card Recon is an industry leading solution that is recognized by PCI Qualified
Security Assessors (QSAs) as a reliable and effective way to establish assurance of compliant cardholder data (CHD) storage
practices.


Product Highlights

Unrivalled payment card detection capabilities

Card Recon implements intelligent pattern matching algorithms to interpret and verify findings within a wide variety of data
types to achieve the highest data match rate available whilst eliminating more than 99% of false positives.

Simple and easy to use

Card Recon does not require any configuration or setup prior to standard use. Simply run Card Recon on any system for fast
and accurate results.

Detailed reporting facilities

Card Recon offers compliance reporting to enables organizations an ability to retain evidence of compliant storage practices.
Reporting formats include PDF, XML, CSV and Text.

Exclusively designed for PCI Compliance

Card Recon was developed in co-operation with PCI Qualified Security Assessors (QSAs) globally to ensure Card Recon
provides the required levels of accuracy for merchants and service providers when complying with PCI security standards
including PCI DSS and PCI PA-DSS.


Features and Benefits

Saves time and money

The use of simple pattern matching scripts and manual system reviews to verify storage of Card Holder Data is a time
consuming and costly process that offers low accuracy and little accountability. Card Recon streamlines the process of
identifying stored Card Holder Data by enabling a user to quickly and easily initiate a system scan at the click of a button.

Card Recon can be run by users of any level and requires little or no configuration in order to conduct a scan. This offers the
ability for organizations to empower non-IT staff to perform scans of desktops or departmental service in order to verify card
storage practices.

Card Recon saves it's customers time and money for a number of reasons including:

  • Quick and easy – Card Recon performs all the hard work at a click of a button. Simply run Card Recon on the target system and click Start. There is no installation required.
  • No tuning or configuration – Card Recon is purpose designed to find payment card data therefore removing the need to undergo an extensive tuning or configuration process
  • Production System Safe - Given most systems that form part of PCI compliance scope are production in nature, Card Recon was designed to be highly efficient in it's allocation and usage of resources thereby making it safe for deployment within production environments.
  • Facilitate PCI QSA on-site reviews faster – Card Recon compliance reports can be used to show evidence to QSA's of compliant storage practices therefore reduce the need for further manual review of in-scope systems.
  • Spend less time analysing results – Card Recon users benefit from clear easy to read results both on-screen and within compliance reports. The interface design is both intuitive yet simple allowing any findings to be reviewed and resolved.


Card Recon has been designed to provide superior levels of accuracy when scanning for Card Holder Data (CHD).
Organizations and their PCI QSAs trust Card Recon to produce reliable results for many reasons including:

  • All files are searched with high accuracy – Card Recon employs deep inspection scanning techniques when searching for Card Holder Data across all accessible files on a target system. This achieves unrivalled levels of accuracy with industry leading false positive elimination.
  • Identifies stored cards across many formats – Card Recon has been developed to natively read and interpret an extensive list of document and file formats thus greatly enhancing the quality of results identified.
  • Identifies stored cards within emails - Transmission and storage of cards via email software is a common occurrence within organizations Card Recon can identify payment card numbers within many popular email clients including Outlook, Thunderbird, Eudora and more.
  • Clear and Concise audit report – Card Recon generates a detailed report on findings which can be used for in-house and external PCI reviews. Reports contain a full breakdown of results and can be exported in multiple file formats.


Contact us or email us at  This e-mail address is being protected from spambots. You need JavaScript enabled to view it for further information.