Coalfire Systems and Herjavec Group Validations Reaffirm Critical Cyber Security Capabilities for Financial Services Community

June 24, 2015

The Payment Card Industry (PCI) Data Security Standard (DSS) is a worldwide standard, published and maintained by the PCI Security Standards Council (SSC), endorsed by all major credit card brands and intended to protect cardholder data wherever it is processed, stored or transmitted. Nothing is more important than keeping your customer's payment card data secure. In a recent engagement, Herjavec Group, a PCI Authorized Scanning Vendor (ASV) and Qualified Security Assesor (QSA), re-certified SecureKey under the PCI DSS in order for them to stay ahead of the curve and provide identity and authentication for organizations that deliver online consumer services. Read more in the press release below:

SecureKey Connect Meets FFIEC Guidance for Secure Internet Banking Authentication and Renews PCI-DSS Security Certification

Coalfire Systems and Herjavec Group Validations Reaffirm Critical Cyber Security Capabilities for Financial Services Community

Toronto – June 24, 2015SecureKey Technologies today announced its Connect service meets the Federal Financial Institutions Examination Council’s (FFIEC) layered security guidance for secure authentication in an online banking environment. The service has also received re-certification for Payment Card Industry Data Security Standard (PCI-DSS) compliance. Verified by independent regulatory compliance services provider, Coalfire Systems, Inc. and global information security firm, Herjavec Group, respectively, SecureKey provides financial institutions with multi-channel customer authentication assurances.

According to Verizon, 33 percent of today’s web application attacks are financially motivated, with hackers targeting vulnerable identity and authentication controls to obtain access to customer accounts, transaction funds and other sensitive information.

“Cybercrime is the single greatest security threat to today’s companies and their consumers,” said Robert Herjavec, Founder and CEO of Herjavec Group. “By achieving PCI-DSS certification and eliminating the vulnerabilities of standard username and password approaches, SecureKey is ahead of the curve, providing peace of mind and an important level of dual factor authentication security to its customers.”

Although SecureKey currently does not process payment transactions or personal identifiable information (PII) data, the company has gone the extra mile with its infrastructure to ensure the safe handling of cardholder information for its customers. SecureKey’s continuous monitoring practices and strict information security controls have enabled its Connect and CMS (Card Management System) services to once again achieve PCI-DSS compliance certification from global security leader Herjavec Group.  

“Recent breaches have dramatically changed the way the financial services industry views security,” said Adam Sarote, managing director of Coalfire in the Northeast. “With financial institutions increasingly turning to FFIEC recommendations to guide them in their security programs, SecureKey’s layered authentication approach and initiative in affirming FFIEC compliance are clear competitive differentiators in the industry.”

Single-factor authentication is inadequate to prevent the risks associated with identity theft and fraudulent transactions. FFIEC guidelines recommend a security approach that includes a combination of multi-factor authentication and effective layered security controls.     

Rather than developing and implementing a strong authentication solution for a stand-alone application, Connect functionality is designed to be embedded into existing web and mobile applications. Customers only need one credential, and financial institutions maintain full control of the customer experience across all channels and devices.

“ Connect eliminates the need to store and transport passwords, mitigating the privacy risks associated with usernames, passwords and personal verification questions,” said Charles Walton, CEO of SecureKey. “Coalfire’s verification of our compliance with FFIEC guidelines, and Herjavec Group’s PCI-DSS re-certification reaffirm that we are taking the right steps to address the top-of-mind concerns and challenges faced by the financial institutions we serve in the U.S. and Canada.”

To learn more about SecureKey’s Connect platform and discover how you can improve your online authentication services, please visit:

About Coalfire

Coalfire is the global technology leader in cyber risk management and compliance services for enterprises and government organizations. Coalfire’s professionals are renowned for their technical expertise and unbiased assessments and recommendations. Coalfire’s approach builds on successful, long-term relationships with clients to achieve multiple compliance objectives tied to a long-term strategy to prevent security breaches and data theft. For more information, visit

About Herjavec Group

Dynamic IT entrepreneur Robert Herjavec founded Herjavec Group in 2003, and it quickly became one of North America’s fastest-growing technology companies. Herjavec Group delivers managed security services globally supported by a state-of-the-art, PCI compliant Security Operations Centre (SOC), operated 24/7/365 by certified security professionals. This expertise is coupled with a leadership position across a wide range of functions including consulting, compliance, risk management & incident response. Herjavec Group has offices globally including three headquarters in Toronto (Canada), New York City (USA) and Reading (United Kingdom).  For more information, visit

About SecureKey Technologies

For online services that require privacy and security, SecureKey is the identity and authentication service provider that gives consumers secure and convenient access to critical online services. Its services allow organizations to build or subscribe to an identity network that connects consumers with online services where both privacy and security are paramount. SecureKey is headquartered in Toronto, with offices in Boston, Washington D.C., and San Francisco. The company is backed by a world-class group of venture and corporate investors that include strategic investments from Visa, MasterCard, Discover, Rogers Venture Partners, and Intel Capital.


For more information, please contact:

David Mahdi

SecureKey Technologies

Amy Zorich

fama PR

+1 617 986 5016



Please download Herjavec Group's latest report to review highlights of PCI DSS version 3.1 including updates versus version 3.0 and the impact of these requirements on your business. For a complete review of PCI DSS version 3.1, refer to the  SSC’s release, its accompanying Summary of Changes document and the “Migrating from SSL and Early TLS” information supplement available online at the PCI SSC’s Documents Library.


For more information on Herjavec Group's PCI Compliance services, please contact

Stay Informed 

    Follow us on Twitter

    Connect with us on LinkedIn


*By selecting one of the communications above, you consent to Herjavec Group
sending commercial electronic messages to you for marketing purposes, including information about the products, services and events selected.

About Herjavec Group

Dynamic entrepreneur Robert Herjavec founded Herjavec Group in 2003 to provide cybersecurity products and services to enterprise organizations. We have been recognized as one of the world’s most innovative cybersecurity operations leaders, and excel in complex, multi-technology environments. Our service expertise includes Advisory Services, Technology Architecture & Implementation, Identity Services, Managed Security Services, Threat Management and Incident Response. Herjavec Group has offices and Security Operations Centers across the United States, United Kingdom and Canada.

Stay Informed

Follow us on Twitter

Connect with us on LinkedIn