CIO

Global Coverage through a Single Gateway

The uComm Global Virtual Hub is a rapid integration platform that brings together our global, currency agnostic, military-grade PCI 2.0-compliant transaction processing gateway with world-class web and social media analytics. Added layers of security include ID verification, IP verification, and device location verification. The vHub does not retain financial or consumer data as all data passing through the vHub is tokenized – thus minimizing the opportunity for data breaches and enabling complex algorithms and business rules to be applied without need to built and maintain a separate database. Our team of transaction and security experts will work hand-in-hand with your organization to optimize/reduce your transactional costs, minimize your risk/exposure and maximize your data security throughout the ecosystem.

An overview of the uComm Security infrastructure and description of our FBI tools is located on the uComm Security page.

Gateway Security Measures

To maintain the integrity of the system, a wide range of security measures have been implemented, including:

  • Secure Socket Layer (SSL)
  • Hardware firewall
  • Web Application Firewall (WAF)
  • Intrusion Detection System
  • Business layer encryption
  • Database layer encryption
  • Two-factor authentication
  • Distinct development, test, and deployment personnel
  • Advanced log file management and review
  • DMZ and unique subnet
  • 24×7 human and machine monitoring

Routine monitoring generates reports that are used to track issues and attempted intrusions, such as web worms, SQL injections, illegal byte code characters, HTTP signature violations, extremely long HTTP requests, and cross-site scripting – as well as thousands of other unique/custom network violations. In addition, penetration tests and regularly scheduled scans are performed to check for application vulnerability.

Gateway Performance

uComm Transaction Gateway & Management is fine-tuned on an ongoing basis to deliver industry-leading uptimes and transaction speeds. The technology is built on private cloud architecture that is scalable. The high-availability system features:

  • MID load balancing
  • Multi-threaded business and data layers
  • Web Application Firewall (WAF) caching of non-secure data

Website Security

In addition to internal security measures, uComm Transaction Gateway & Management also integrates advanced website security measures, including:

  • Visitor identification – identifies bad actors and profiles and classifies them according to their threat potential
  • Request inspection – uses behavioral analysis and other WAF technologies to detect malicious requests
  • Crowd sourcing – leverages collaborative data across the entire landscape to identify threats and take immediate protective action
  • Application awareness – profiles specific applications and applies appropriate security rules as preventive actions

Recommended Reading

CIO Review – Combating Technology Fraud with Analytics (Focus on Banking)
http://www.cioreview.com/opinion/Combating-Technology-Fraud-with-Analytics-nid-10.html

CIO leadership in post-transaction relationships: IT’s role in customer engagement
http://www.pwc.com/us/en/technology-forecast/2013/issue1/features/cios-post-transaction-relationships.jhtml