skip to Main Content

Case Study

PayByPhone Achieves Security & PCI-DSS Compliance Within AWS

 

 

Customer Overview

PayByPhone is one of the fastest-growing mobile payment companies in the world, processing more than 135 million transactions totaling more than $550 million USD in payments annually. Through the company‘s mobile web, smartphone, and smartwatch applications, PayByPhone, owned by Volkswagen Financial Services AG, helps millions of consumers easily and securely pay for parking without the hassles of waiting in line, having to carry change, or risking costly fines.

Summary

  • Industry: Mobile Payments

Challenges:

  • Cloud Migration, Multi-Account Security, PCI-DSS Compliance

Solution:

  • Continuous Discovery
    Enables identification of cloud endpoints in order to better define segmentation.
  • Identity-Based Workload Segmentation
    The primary requirement for Andrew and Kevin was to address PCI DSS and the need to segment cardholder from non-cardholder data. 
  • FQDN Filtering With Forward Proxy
    FQDN Filtering enables PayByPhone to block malicious or unauthorized activity from touching their cardholder environment. By implementing a whitelist approach, PayByPhone can lock their environment down to restrict connections to just what’s allowed.
  • Intrusion Detection With SIEM Connector
    By deploying Valtix Gateways, the PaybyPhone team is able to send a feed of network security activity through Valtix to a centralized security datastore for monitoring, alerting, analysis, and investigation.
  • Zero Management for Patching of Firewalls
    One of the most exciting benefits of the Valtix solution, the PayByPhone team sees huge potential in terms of eliminating the need to maintain cloud firewalls. This will enable the team to stay focused on more important items and to continually respond to new business requirements and security threats versus just maintaining the security infrastructure. 
  • Security Automation with Terraform-based Infrastructure as Code (IaC)
    With Valtix, PayByPhone has fully automated cloud security through deployment, maintenance, and policy management, orchestrated using Terraform.

Outcomes:

  • Continuous Discovery, Intrusion Detection, Identity-Based Segmentation, Zero Management of Firewalls, Security Automation with Infrastructure as Code (IaC)

Read the Customer Spotlight

Download Now

Back To Top