The client is a renowned software company that specializes in mobile messaging solutions. With a strong foothold in the industry, they offer a range of innovative products and services to facilitate effective communication and engagement between businesses and their customers through mobile devices.
One of the key offerings from the company is their secure and reliable mobile messaging platforms. These platforms enable businesses to send various types of mobile messages, such as SMS (Short Message Service) and MMS (Multimedia Messaging Service), to their customers and stakeholders. The messaging solutions are designed to ensure message delivery across different networks and devices, providing a seamless experience for both senders and recipients.
The client provides a comprehensive suite of APIs (Application Programming Interfaces) that allow developers to integrate mobile messaging capabilities into their own applications and systems. This flexibility enables businesses to customize and tailor their messaging solutions to meet specific requirements and seamlessly integrate messaging functionalities into their existing workflows.
Recently, the client’s customers requested evidence of the client’s due diligence in securing their messaging APIs.
To address this requirement, Orion collaborated with the client to create an official Letter of Opinion from the Directory of Cybersecurity Services. This letter succinctly presents the results of the latest security testing conducted by Orion. The Letter of Opinion serves as evidence that security testing has been carried out and provides information on whether the overall results meet the PCI ASV (Payment Card Industry Approved Scanning Vendor) standards.
Orion worked closely with the client to schedule testing against multiple API systems, each assigned to different customers. Following a prescribed methodology, Orion executes the PCI ASV test process. Upon completion of testing, Orion collaborates directly with the client to assist in remediating any identified security vulnerabilities. Once the target systems align with the PCI ASV standards, Orion generates PCI Reports and the Letter of Opinion. These documents can then be distributed to the client’s customers as evidence of the client’s due diligence and compliance with the latest PCI ASV standard.
For the past five years, the client has partnered with Orion to conduct API endpoint testing and provide Letters of Opinion regarding the status of those endpoints. As a result, the client has expanded its customer base to include major multinational telephone companies in North America, the European Union, Asia, and Australia. Orion continues to work closely with the client to ensure that the endpoints remain up-to-date with the latest security standards, reinforcing the client’s commitment to maintaining a secure messaging environment for its customers.