Skip to main content

Technical Design Architecture - Security

To enable Transact achive PCI-DSS accreditation, Aiphoria, implementes and evidences several security controls across the application. These include:

Scope control and segmentation

  • Define the CDE: exactly which systems touch card data (or could impact its security).
  • Network segmentation so non-CDE systems can’t reach the CDE by default.

Strong access control (least privilege)

  • Least privilege RBAC for admins, developers, support, and services.
  • MFA for all administrative access and remote access.
  • Privileged Access Management (JIT/JEA, approvals, time-bound elevation).
  • Strong password policy and secure secrets management (no secrets in code).

Protect card data (storage, transmission, handling)

  • No persistant storage of sensitive card data.
  • Card data only stored in volatile memory, with a TTL of 60 minutes, and encrypted at rest.
  • TLS 1.2+ everywhere for data in transit; strong ciphers; cert lifecycle management.
  • Tokenisation and truncation/masking when displaying PAN (only last 4, etc.).
  • Encryption key management: rotation, separation of duties, restricted access, HSM/KMS where appropriate.

Secure configuration and hardening

  • Hardened baselines for servers/containers/endpoints (CIS-style).
  • Remove/disable unnecessary services, ports, default accounts.
  • Secure build & deployment: signed artifacts, controlled pipelines, restricted admin access.

Logging, monitoring, and alerting

  • Centralised audit logging for:
  • authentication events, privilege changes
  • access to systems in scope
  • security events (firewall, WAF, IDS/EDR, key vault access)
  • Time sync (NTP), log retention, tamper resistance.
  • Alerting + incident response playbooks; evidence of monitoring review.

Vulnerability management

  • Regular vulnerability scans (internal and external) by an ASV where required.
  • Patch management SLAs and proof (tickets, reports).
  • Penetration testing (at least annually and after significant change), including segmentation testing.
  • Secure SDLC: SAST/DAST, dependency scanning, threat modelling for in-scope apps.

Network security controls

  • Firewalls / WAF at ingress (and egress controls where applicable).
  • Restrict inbound/outbound traffic to only what’s required (ports, destinations).
  • IDS/IPS or equivalent detection controls for CDE traffic (or strong compensating controls).

Malware protection and endpoint security

  • EDR/anti-malware on systems commonly affected (servers/endpoints), including monitoring and response.
  • Controls for administrative workstations (secure admin machines, browser isolation if needed).

Policies, training, and operational evidence

  • Security policies covering access, change control, incident response, data handling.
  • Security awareness training + role-based training for engineers/operators.
  • Change management: approvals, testing, backout, separation of duties.