Security consulting and expertise for trusted servers

FIME is able to help you with setting up and improving the security of your Token Service Provider (TSP) or Trusted Service Manager (TSM) and help you with penetration testing and Payment Card Industry – Data Security Standard (PCI DSS) compliance.

FIME works in partnership with its clients to address information system security requirements from initial set-up and throughout development and integration. Our offer includes:

• Risk analysis - applying a vulnerability analysis methodology to search for applicable threats and assess corresponding risks using probability of occurrence or feasibility and impact assessment.
• Security requirements writing - identifying the applicable security requirements to be met in order to mitigate the identified risks.
• Product design review - searching for vulnerabilities at early stage of development in the product/system paper design/specifications through analysis by a security expert.
• Source code review -searching for vulnerabilities in the source code at the end of development using tools and security expertise – also includes cryptographic mechanisms validation.
• Vulnerability analysis - includes product design review and source code review in order to identify any exploitable vulnerability in the product/system and prepare, if needed, a penetration testing plan.
• Security audit / penetration testing - performing the corresponding security audit on security procedures and penetration testing on the product/system.

FIME can also support you through to compliance with PCI DSS requirements, including a pre-assessment gap analysis resulting in an action plan, follow-up and support services and penetration testing in order to assess the resistance of your information system to prepare you for the official compliance audit.