Recently Konvergence achieved an important goal with ISO/IEC 27001:2013 certification.
This international standard gives guidelines for the creation of an Information Security Management System (ISMS).
The aim is to implement and organize information security policies by defining a system for the management, monitoring, control of business processes to ensure high levels of confidentiality, integrity and accessibility of information. The field of application is in the core business of Konvergence: design and development of software and related IT services in the retail sector.
Achieving certification has become a strategic goal for Konvergence to increase the protection and security of managed information and improve corporate governance.
The certification process, which started in 2019, has involved several professionals with multidisciplinary skills, proactively collaborated in the implementation of the ISMS. The process approach adopted has enabled Konvergence's ISMS to be established, implemented, monitored, reviewed, managed and improved.
Bureau Veritas, an independent certification organization, has sent auditors to our headquarters to verify the compliance of the procedures implemented.
Thanks to this certification, Konvergence has developed a conscious focus on information security risks, allowing a clear assignment of responsibilities for information security.
Konvergence thus continues to consolidate one of its most important assets: security, a decisive advantage for retail operators who entrust their systems to a technology provider.
Guerino di Giacomo, Head of Development and Projects at Konvergence says: "Undertaking the ISO 27001 certification process has brought several advantages at an organizational level: it has consolidated the global management of risks related to information and systems security, allowed a clear definition and implementation of suitable objectives for security interventions, allowing the constant monitoring of risk areas. In addition, the adoption of best practices delineated by the certification confirms Konvergence's commitment to fulfill its obligations to all stakeholders that daily enter into contracts with our company in order to ensure the necessary levels of security to protect systems, assets and data".
Konvergence will maintain its commitment to the future by continuously improving processes and practices to protect and manage data.Read more...
Electronic payment transaction security is at the forefront of our development goals. If the speed, flexibility and scalability of our payment platform are relevant features, security is the fundamental principle with which we constantly relate.
KPay has completed the PA-DSS 3.2 certification process this year.
What does this mean in terms of security?
PA stands for Payment Application and DSS Data Security Standard: having this type of certification means having demonstrated that the Payment Application complies with the international standards defined as requirements by the payment security institutions, in this specific case the PCI Standard Security Council.
The PA-DSS 3.2 certification covers various aspects, from software development methodology, to management and distribution of new software versions and updates, to timely verification of the technical safety requirements of the application.
Using a PA-DSS 3.2 validated application is a major facilitator for the operator's PCI-DSS certification, who will not have to repeat the checks on the payment application.
As regards functionality, the validation activity covered the Payment Gateway and on the processors involved in the transactions.
Specifically, the verifications carried out have shown that the KPay solution:
- Has been provided with all documentation and resources necessary to reach an accurate assessment of the PA-DSS compliance status.
- Does not retain track data (magnetic-stripe or equivalent data on the chip), CID, CAV2, CVC2, CVV2 data or PIN data as result of the transaction authorization on any files or functionalities of the application.
- End-users of the Payment Application receive a validated copy of the PA-DSS Implementation Guide.
- It complies and will continue to comply with the Vulnerability Handling Procedures document set forth in the Vendor Release Agreement dated 4 October 2019.
The certification process of a company like ours, which in this case is identified as a Payment Application Vendor, is followed and validated by a third party company, a Payment Application Quality Security Assessor, which is responsible for verifying the veracity of the declarations through a detailed investigation and a series of tests.
Our Payment Application Qualified Security Assessor is Advantio, a company specialized in consulting, training and testing on cyber-security systems with offices throughout Europe.
“Advantio announces with satisfaction the successful and timely completion of the validation of the KPay payment application according to the PA-DSS 3.2 standard. In addition, Advantio completed PA-DSS and PCI DSS training for Konvergence, that has demonstrated a continuous learning culture.
Advantio is proud that Konvergence has chosen our organization as a Trusted Security Partner.”
To get a concrete idea of the solidity of the Kpay platform, in the last year more than 5 billion euros have been managed for electronic payments (credit and debit cards), more than one billion for Food Stamps (paper and electronic) and almost 7 millions Multiservice operations.
With the renewal of this certification, we formalize our commitment to the development and evolution of the KPay platform, which guarantees retailers secure transactions at all stages of the payment management, authorization and traceability.
By maintaining a solid level of security at the basis of payment management, we are more confident in implementing new ways of using digital payment services, that are becoming ubiquitous and integrated with the new contact channels.
Mobile payment, digital wallet and dematerialized services are the new development frontiers that we make available to our customers, without neglecting a solid security base.
Toshiba Commerce is a global leader in the retail technologies market and has created a partnership program where companies with diversified capabilities can be in contact, discuss and cooperate with the aim of more widely satisfy retailer's needs.
This partnership program is called Together Commerce Alliance and makes community between Toshiba, associated ISV (Independent Software Vendors) and associated IHV (Independent Hardware Vendors). The program Together Commerce Alliance includes a set of business and marketing activities, training, products and solutions certifications all focused on the retail market. The organization provides growing and awards with a range of scalable levels based on the company's performance.
Konvergence became Toshiba Commerce Alliance few years ago and recently has reached first the Gold Partner level and then the Solution Partner level as an ISV.
Are the software solutions that have been selected by TGCS as cutting edges and innovatives and they are giong to be part of the proposal recommended for the entire Together Commerce Alliance even oveseas.
The core solutions that TGCS is promoting are strenghts for retailers with customer engagement and loyalty strategies:
- The Enriched Shopping, includes Digital Signage, Mobile andOmnichannel.
- The Actionable Insights, for data-driven marketing data-driven enabled by loyalty and promotions systems for a much more personalized customer experience.
- The Frictionless Checkout, for payment process optimization, fast and smart checkout.
This year we have chosen to celebrate Christmas with a special gift in favor of the Médecins Sans Frontières/Doctors Without Borders projects.
Our best wishes will be transformed into treatments, assistance and vaccinations for the forgotten populations.
A small gesture that will give a concrete help to the operators of Médecins Sans Frontières/Doctors Without Borders that every day, 365 days a year, provides assistance to populations in distress, to victims of natural or man-made disasters and to victims of armed conflict.
Merry Christmas by Konvergence!Read more...
We will be there and we will participate in the Talk Show "Technological Convergence, AV, IoT and Smart Data in people's everyday life experience", sharing our point of view together with other industry experts.
It will be a moment of aggregation and comparison to which we invite everyone to participate.
“LUMI expresses the supply chain of the system integration market. Represents the ecosystem that sees human at the center, from the closed space in which he works and lives (SMART BUILDING), to the built space, in which the person moves and interacts with the community (SMART CITY), up to the built landscape, where the individual becomes collective (SMART LAND). "
Retail is an integral part of this ecosystem and must be able to take advantage from the technological opportunities offering to its customers services and digital content in omnichannel mode.
The digital signage in the store is a valuable point of contact to give concrete meaning to the expectations that the customer has created online. It is necessary to reflect on how to best integrate digital content in the store based on business objectives and to make the shopping experience engaging and memorable.
You can find additional info and the free registration form HERE Read more...