Card Recon will accurately scan a file system to identify non-compliant storage of payment card numbers issued by major card schemes including American Express, Diners Club, Discover, JCB, Mastercard and Visa. When a scan is complete Card Recon provides a simple and easy to read report in a variety of common formats for compliance record keeping or evidence during a PCI onsite review.
With active deployments in over 44 countries, Card Recon is an industry leading solution that is recognized by PCI Qualified Security Assessors (QSAs) as a reliable and effective way to establish assurance of compliant cardholder data (CHD) storage practices.
Card Recon implements intelligent pattern matching algorithms to interpret and verify findings within a wide variety of data types to achieve the highest data match rate available whilst eliminating more than 99% of false positives.Simple and easy to use
Card Recon does not require any configuration or setup prior to standard use. Simply run Card Recon on any system for fast and accurate results.Detailed reporting facilities
Card Recon offers compliance reporting to enables organizations an ability to retain evidence of compliant storage practices. Reporting formats include PDF, XML, CSV and Text.Exclusively designed for PCI Compliance
Card Recon was developed in co-operation with PCI Qualified Security Assessors (QSAs) globally to ensure Card Recon provides the required levels of accuracy for merchants and service providers when complying with PCI security standards including PCI DSS and PCI PA-DSS.
Features and Benefits
Saves time and money
The use of simple pattern matching scripts and manual system reviews to verify storage of Card Holder Data is a time consuming and costly process that offers low accuracy and little accountability. Card Recon streamlines the process of identifying stored Card Holder Data by enabling a user to quickly and easily initiate a system scan at the click of a button.
Card Recon can be run by users of any level and requires little or no configuration in order to conduct a scan. This offers the ability for organizations to empower non-IT staff to perform scans of desktops or departmental service in order to verify card storage practices.
Card Recon saves it's customers time and money for a number of reasons including:
- Quick and easy – Card Recon performs all the hard work at a click of a button. Simply run Card Recon on the target system and click Start. There is no installation required.
- No tuning or configuration – Card Recon is purpose designed to find payment card data therefore removing the need to undergo an extensive tuning or configuration process
- Production System Safe - Given most systems that form part of PCI compliance scope are production in nature, Card Recon was designed to be highly efficient in it's allocation and usage of resources thereby making it safe for deployment within production environments.
- Facilitate PCI QSA on-site reviews faster – Card Recon compliance reports can be used to show evidence to QSA's of compliant storage practices therefore reduce the need for further manual review of in-scope systems.
- Spend less time analyzing results – Card Recon users benefit from clear easy to read results both on-screen and within compliance reports. The interface design is both intuitive yet simple allowing any findings to be reviewed and resolved.
Provides a high level of assurance
Card Recon has been designed to provide superior levels of accuracy when scanning for Card Holder Data (CHD). Organizations and their PCI QSAs trust Card Recon to produce reliable results for many reasons including:
- All files are searched with high accuracy – Card Recon employs deep inspection scanning techniques when searching for Card Holder Data across all accessible files on a target system. This achieves unrivaled levels of accuracy with industry leading false positive elimination.
- Identifies stored cards across many formats – Card Recon has been developed to natively read and interpret an extensive list of document and file formats thus greatly enhancing the quality of results identified.
- Identifies stored cards within emails - Transmission and storage of cards via email software is a common occurrence within organizations Card Recon can identify payment card numbers within many popular email clients including Outlook, Thunderbird, Eudora and more.
- Clear and Concise audit report – Card Recon generates a detailed report on findings which can be used for in-house and external PCI reviews. Reports contain a full breakdown of results and can be exported in multiple file formats.
GeneralThere are no framework prerequisites (i.e. Java, .NET) No application footprint – does not require installation
Operating Systems Supported
- Windows 2000
- Windows XP
- Windows Vista
- Windows Server 2008
- Windows 7
- Linux x86 (all distributions)
- HPUX 11 IA64
- HPUX 11 PA-RISC
- Solaris Opteron (x86)
- Solaris SPARC
- AIX pSeries
- Mac OSX (coming soon)
Payment Card formats identified
- All major schemes - American Express, Diners Club, Discover, JCB, Mastercard, Visa, and others.
- All scheme issued types - Consumer, Premium, Corporate, Prepaid, Postpaid, Debit, Credit
- All known structures - 14,15,16,17-19 digit card lengths
- Specialist flags for prohibited data - Track1 / Track2
- ASCII/Clear Text
- Over 120 known PAN storage structures recognized
Compliance Reporting – supported export formats
- Adobe Portable Document Format (PDF)
- Spreadsheet (CSV)
- Plain text file
File Format Support
- MS Word (v5, 6, 95, 97, 2000, XP, 2003 onwards)
- MS Access (97, 2000-2003)
- MS Excel (version 4 onwards)
- MS Powerpoint (all known)
- Rich Text Format
- Open Document Format
- Open Office
- Star Writer (v3,4,5)
- Adobe PDF
- Generic XML
- Open Document Spreadsheets
- Data Interchange Format
- Star Calc
- Generic OLE2 support
- Text Spreadsheets - CSV
- Compressed TAR
- Compressed ZIP (all types)
- Compressed Gzip (all types)
- Compressed Bzip2
- Microsoft backup archives
- Various database formats
- Generic binary and ASCII text file support
Email Client and Server file support
- MS Outlook/Exchange formats (PST, DBX) 32/64 bit variants
- MBox (Thunderbird, Sendmail, Postfix, Exim, Eudora, and others)
- Maildir (Qmail, Courier, Exim, Posfix, and others)
- MIME encapsulated file attachments
- Quoted printable MIME encodings
- Base64 MIME encodings
Advanced Detection Engine Capabilities
- Load prioritization for production systems
- High performance custom pattern matching engine
- Enhanced storage I/O pipeline
- False positive elimination post-processor offering 99+% accuracy