Expert Payments Security and Encryption Consulting

Information Security Consulting

Our consulting services focus on secrecy, integrity, availability and confidentiality of Personal Information (PI) and sensitive credit and debit data. We work with Merchants, large and small financial institutions, Key Loading Facilities (KIFs), POS/ATM vendors, Processors and Acquirers.

The SME behind GEM SECURITY SOLUTIONS, Donna Gem, who is an authority in the Payment Industry for the remediation of informational risk. She is an experienced auditor who has 27 years expertise in PCI regulations and payment brands.

Expertise

  • PCI PIN Pre-Assessments and Remediation.
  • Gap analysis and guidance on issues and improvements.
  • KIF Secure Key Injection Room Setup.
  • General enterprise policies and procedures.
  • Physical Security controls.
  • Implementation of Cryptographic Algorithms including 3Des, AES and Public key Infrastructure (PKI).
  • Digital Certificate Authority operations.
  • Key Management & PIN Security Policies and Procedures.
  • Payment Card Industry (PCI) Updates and Mandates.
  • Equipment Inventory Accountability and Procedures.
  • Encryption Key Distribution and Exchange Procedures.
  • Key Management Program Implementation.
  • Security Training for Staff.
  • Compliant Hardware Vendor Solutions.
 

 

Experience

  • Over 27 years of PCI PIN & DSS experience with:
    • Processors.
    • Acquirers.
    • Financial Institutions.
    • KIFs/ESOs.
    • Cryptographic Hardware Vendors.
    • Large Merchant Retailers.
  • CISM (Certified Information Security Manager).
  • CTGA (Certified TR-39 (Formerly TG-3)) Auditor.
  • ETA Risk Committee.
  • ETA Payment Facilitators Committee.
  • 15 years as a committee member of ASC X9-F6.
    • Assisted in developing and maintaining standards used in retail financial services to support authentication of payment card users, X9.24, X9.8, X9.49, X9.57, TR-31 and the TR-39 Audit Guideline.

Payments Subject Matter Expert

GEM SECURITY SOLUTIONS is your answer to ensuring you can meet all the PCI PIN requirements and card issuer mandates.

Virtual and Onsite Training

We offer both onsite and virtual training Key Custodians, and any other Key Management team members. We will train your personnel on security procedures, secure room requirements, and other relevant matters that pertains to PCI PIN 3.0 Requirement 25-1.4, 28-1.

PCI PIN Pre-assessment

Be proactive to determine compliancy prior to investing time and money in a PCI PIN assessment by a QSA

Remediation

Prior to, or after you have had a PCI PIN audit your management does not have to deal with the findings of PCI Assessments alone. We will utilize our experience to evaluate the issues and craft appropriate solutions to resolve any exceptions.

Documentation

We write customized User Manuals to document the entire Key Management lifecycle based on all the requirements in PCI PIN 3.0.

Key Management

We will work with you to ensure that your organization complies with PCI PIN encryption requirements for key generation, storage, distribution, replacement, and rotation. We provide you with guidance to document and implement key management processes and procedures that align with the PCI PIN compliance requirements. In addition we will also give you guidance to the best hardware vendor solutions in the industry to help you create strong cryptographic keys.

How Can We Help?

By ensuring your business is/becomes PCI compliant, we will not only help protect invaluable assets but also provide the integrity your business requires.

Our Mission

To give reliable guidance, advice and council to businesses in the payments industry to enable them to become PCI compliant.

Our Vision

To improve the security of consumer payments by providing independent and objective services that assist in the identification, evaluation, and mitigation of the potential risk of card holder information.

Core Values

  • Integrity: We exhibit fairness, honesty, and ethical behavior in our services.
  • Objectivity: We perform duties in an unbiased manner, i.e., based on an informed analysis of the issues and a clear understanding of the business operations.
  • Quality: We provide accurate reports and timely, feasible, and relevant recommendations.

Look for us at upcoming Industry Conferences:

Wnet Tampa Bay Chapter Meeting – June 20, 2019

 

Atlanta, GA. – March 25-27, 2019

Florida West Coast Chapter, Tampa, FL – March 7, 2019

Decades of Experience

  • Over 27 years PCI PIN & DSS experience with:
  • Processors
  • Acquirers
  • Financial Institutions
  • KIFs
  • Merchants

What Client Say

  • Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.

    Jeniffer Gordon
    Graphic Designer
  • Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur.

    John Smith
    Maketer
0%
Satisfaction
0%
Anually Growth
0+
Employees
0
Happy Customers