Boulogne-Billancourt (France), January 27, 2020

Galitt, a Sopra Steria (Euronext Paris: SOP) company, now has two Qualified Security Assessors (QSA), experts recognized as entitled to conduct PCI DSS audits. This comes as a complement to an already extensive security audit offer, which allows Galitt to perform audits for all aspects of payment systems.

Thanks to its team of experts in payment means and its longstanding experience in cybersecurity, Galitt is able to conduct audits and deliver cybersecurity consulting services covering various types of payment means. This way, Galitt customers, including financial institutions, merchants, data centers, e-commerce players, hospitality industry and others can all benefit from Galitt skills to be audited as part of their certification programs. Players of this ecosystem are able to benefit from the company support in order to obtain and/or maintain their certifications:  Galitt now has two Qualified Security Assessors (QSA), Coralie Chevallier and Jean-Louis Lamacchia. Thus, they are entitled to perform PCI DSS security audits according to PCI Council requirements.  Galitt also proposes PCI CP (Card Production) audits that cover all security aspects of payment card production, including both logical and physical aspects. Coralie Chevallier is certified as a Card Production Security Assessor (CPSA) by PCI. Consequently, she is entitled to complete security audits of card production sites, regardless of the payment scheme.  For the markets covered by the GIE Cartes Bancaires, Galitt proposes to execute the REMPARTS (REnforcement et Maîtrise sur Parc Acceptation – Résilience, Transparence, Sécurité) audits that cover the security of sites managing acceptance systems, or POS terminals.  Galitt is able to complete EMV Modular Label audits that allow POS terminal developers to benefit from the EMVCo optimized process, thus reducing their certification costs and lead times.  Galitt will also propose Swift audits that cover the security of high-value financial transfers. In addition to the audit offer, Galitt consultants bring their support to customers in order to help them not only to set up the most appropriate technologies and processes to obtain a certification but also to be re-certified and maintain their certification status over time. Especially for this purpose, Galitt has developed a series of tools that allow customers to monitor closely their certification-related actions, establish roles and responsibilities, control procedures and documentation. These tools are directly linked with certification requirements and audit methods; thus, they ensure customers are in the best position to obtain and to keep their PCI certifications.

As certified auditors, Galitt experts have established a trusted relationship with the PCI SSC (Security Standards Council) and have submitted their comments to feed into the specification process for version 4 of the PCI DSS standards, scheduled for the end of 2020 at the earliest. Remi Gitzinger, Galitt Executive Director – Payment Consulting, declares: “Thanks to the expertise of our consultants we are recognized by the PCI Council as assessors for several of their programs. Now, we are considering building upon this expertise to provide Europe-based investigators qualifying for PCI Forensic Investigations, to deliver technical investigations to customers who may be victims of security breaches. In this domain, time is of the essence, and our Europe-based investigators will be able to make interventions in a matter of hours after a security breach is identified.”

About Galitt, a Sopra Steria Group company As a leading player on the European payment market, Galitt assists its customers in different business sectors and geographies, from the definition of their strategy to the deployment of their solutions. Galitt consultants deliver research and training services to guide customers in their strategic decisions and help them innovate in a constantly evolving payment market. They assist companies in their projects for the design and deployment of new payment solutions, drawing on their strong expertise of the industry, and provide them with support for compliance and security of their solutions. Galitt provides world-renowned testing software, making it easy for customers to launch new products, and develops and operates dedicated payment solutions, based on the latest generation technologies. Gallit’s wide range of services and solutions positions the company as a preferred partner for all players in the payments industry. More information, please visit our website www.galitt.com Galitt, passion for payments.