Worldline - 2019 Universal Registration Document

D

EXTRA-FINANCIAL STATEMENT OF PERFORMANCE Building customer trust with reliable, secured, innovative and sustainable solutions

Worldline strategy to address mobile fraud relies on the three following pillars: Creation of a Worldline Mobile Security Center 1. For ten years, this Mobile Security Center has been gathering the needed experts in device security, cryptography and data science to strengthen and better foresee how Worldline addresses future mobile security challenges. This expert team’s goal is threefold: Liaise with the Research, Development & Innovation ● departments and digest whatever new technologies they foster, and push up the new fields of interest of the Company, Liaise with the Presales in all Worldline to get a clear ● reading of the market, and help them get a feeling about arising technologies so that we can together imagine new user stories, Offer continued expertise, support and perspective to the ● product teams so that they can see what is in store, and collect practical issues they are facing. Worldline’s Mobile Security Center allows the securing of more than 15 million of mobile devices various sectors such as Financial Service, Identity & Health, and now Transportation and Merchant Services. In 2019, the Mobile Security Center secured more than 200 million transactions. Implementation of an adaptive security paradigm 2. Worldline has opted for an adaptive security paradigm able to optimally and dynamically respond to any cyber threat that may lead to data, service or image of the Company damage.

Worldline’s Mobile Security Center oers a set of expertise & tools: In prediction by publishing regularly mobile security reports ● to customers, co-createdwith academic research and supporting business teams, In prevention by providing an end-to-end mobile security ● hardening that aims to package all security features like an HSM, In detection & response by detecting intrusions on the end ● user smartphones and by managing alerts in the Company’s monitoring system. Anticipation of new market needs around mobile 3. cybersecurity With digitization of services and mobility usage, new services are becoming accessible on mobile applications, which entail new security needs in the following sectors: Transportation market: ticketing is digitalized and ● integrated on smartphones, Healthcare market: healthcare services with personal data ● are accessible on smartphones, Merchant market: new initiatives are implemented like ● replacing the payment terminal by a mobile phone for the payment. All Worldline security assets perfectly match with these new needs that require to ensure that sensitive data are not accessible and that an attacker cannot enter into the application. site, ensuring that users can always reach an available service. Similar redundancy principles are applied for servers, databases and storage, to prevent any single point of failure. Data replication ensures that business continuity can be achieved, with several technologies available depending on the RTO/RPO (Recovery Time Objective/Recovery Point Objective). Continuous monitoring & testing processes to ensure 2. highest possible platform availability Regular tests to verify the redundancy effectiveness and ● the robustness of the platforms . Security audits, penetration tests and scans are regularly performed for each key component of the Company’s infrastructure to check the redundancy effectiveness and the robustness of the platforms. Moreover, a patching process is in place to ensure state-of-the-art software, and to cover the security risks detected by the software vendors or open-source community. This is translated in its diverse security certifications (PCI, ISO 27001, TÜV IT).

A robust and reliable IT infrastructure [WL 1] [GRI 418-1] D.2.3.2 In order to deliver highly available services to its customers, Worldline has implemented a global Security Policy at two levels to ensure business continuity regardless of context: first, a secure and redundant technical infrastructure and second, a monitoring team that is responsible for ensuring that applications, network, servers remain fully operational to deliver the services to its customers. Continuity by design embedded in Worldline’s robust 1. and redundant platforms

Worldline ensures highly available services through a redundant system at multiple levels which includes: robust base hardware (redundant components, RAID, etc.), sub-services running on several distinct servers, servers located in separate data centers, data centers located in different countries. This design allows high global resiliency, preventing a single element outage to generate unavailability of the global service. Worldline integrates the high availability requirement at the earliest design step of all platforms. In the case of a breakdown, traffic is directed to another available

112

Universal Registration Document 2019

Made with FlippingBook Ebook Creator