Dec. 31, 2012
ControlCase, provider of compliance, information security and risk management solutions, has certified restaurant food ordering and payment application Snapfinger Inc. for Level 1 Payment Card Industry Data Security Standard (PCI DSS) certification.
ControlCase, a provider of compliance, information security and risk management solutions, has certified Snapfinger Inc., the nation's largest and most comprehensive restaurant food ordering and payment application, for Level 1 Payment Card Industry Data Security Standard (PCI DSS) certification for the sixth year in a row. This comes after continuous monitoring and maintenance of the compliance of the company's secure payment application, process and procedures, according to a company press release.
PCI DSS is a series of security requirements that any company that stores, processes or transmits credit card data must follow, in order to protect this sensitive data and prevent the risk of fraud. Snapfinger was the first restaurant food ordering application to achieve PCI DSS compliance back in 2006, according to Snapfinger CEO Jim Garrett. The company has continued to maintain Level 1 compliance by having an on-site inspection every year.
"Because Snapfinger is the only mobile ordering application that is fully integrated into the restaurant's point of sale (POS) system, PCI compliance is imperative and allows us to provide a secure platform for our restaurant partners," Garrett said.
Snapfinger will process more than 12 million online orders in 2012, totaling more than $250 million in sales. About 70 percent of those transactions will include a secure credit card payment through more than a dozen different POS systems and more than 18 different credit card processors, Garrett said.
Snapfinger chose ControlCase to certify its compliance with PCI DSS because ControlCase provides a reliable turnkey compliance solution at a significant cost savings, Garrett said. Through its unique CaaS platform, ControlCase provides Snapfinger with a single source for such services as compliance issue tracking, vulnerability scanning, penetration and application security testing, sensitive data discovery, firewall security, event logging and monitoring, user access review and vendor risk management. The offering also provides continuous 24/7 monitoring of PCI DSS compliance, to ensure customer data is more secure and better protected.
Read more about PCI compliance.