Cognia, the provider of cloud communications services for compliance, risk and productivity, announces today that it has achieved QSA-validated ('Level 1') PCI DSS compliance for its global platform, Cognia Cloud.
Built on Amazon Web Services (AWS) infrastructure, Cognia Cloud is a unified solution for the control, capture and analysis of mobile, fixed-line and non-voice communications. Cognia's PCI compliant services enable organizations to take voice-based payments, while removing contact center agents and infrastructure from the scope of their own PCI DSS assessment — vastly reducing their compliance burden and exposure to risk.
Curtis Nash, Cognia's CEO, explains, "Cognia is the first provider in the world to achieve QSA-validated compliance with PCI DSS as a Level 1 service provider for a carrier grade, global cloud telephony and payment services platform."
Nash continues, "This fundamentally changes the ease and flexibility and reduces the cost, with which organizations can achieve their own PCI DSS compliance."
Because of the exacting nature of the PCI standard, until now, businesses wanting a PCI compliant telephone payment processing service have had a limited range of options which are inherently costly and complex to deploy and maintain. Other providers who claim to have a cloud-based solution often don't have the scalability and durability offered by Cognia's application running on the global AWS platform.
Iain Gavin, Director, Amazon Web Services says, "We are excited by the news that Cognia has achieved compliance as a QSA-validated ('Level 1') PCI DSS service provider, offering a solution running in the AWS cloud. By building on the PCI DSS compliant infrastructure of AWS, Cognia has been freed to concentrate on developing a highly secure, multi-tenanted global service for taking voice-based payments."
The Cognia Cloud scales across all of AWS's regions and availability zones, leveraging the full advantages of elastic computing to support a range of customers from the smallest business to the largest multinational on a single global platform, with a pay-as-you use cost model.
Andrew Dunn, Cognia's CTO, comments, "Using AWS enabled us to leverage their leadership in running an elastic and scalable global computing platform. However, achieving a fully compliant, multi-tenanted managed service was no small feat. The process involved mapping all parts of the Cognia Cloud against the PCI DSS controls to ensure that these requirements permeated its entire fabric, resulting in a number of security-based patents."
Cognia were validated by security specialist Security Risk Management (SRM). Tom Fairfax, CEO of SRM adds, "From the first meeting with Cognia we have been impressed by their technical competence, flexibility of thinking and willingness to embrace the information security discipline. They have consistently demonstrated an unflinching commitment to the security of the platform while ensuring it harnesses the revolutionary potential of cloud computing. In partnership with our assessors they have succeeded in finding innovative solutions to challenging information security issues and ensured that the Cognia offering really can deliver both compliance and business transformation."