Worldline - 2020 Universal Registration Document

D

EXTRA-FINANCIAL STATEMENT OF PERFORMANCE Building customer trust with reliable, secured, innovative and sustainable solutions

Our specific strategy for mobile D.2.3.1.2 security challenges Nowadays, the Internet is browsed by mobile applications more than web browsers, and the trend keeps going. Yet, if web browser developers are now well on par with hackers, the typical app developer team is small, junior, UX-centered and considers security only at a second level. Quite logically, hackers and fraudsters aim at them first – 4 out of 5 intrusions involve mobile applications. Banking always was a target of choice for fraudsters and hackers. Unsurprisingly, it still holds true on the mobile apps ecosystem. Cyber-security is for that reason an all-time, first-class concern for Worldline bank clients. Individuals become increasingly aware of the value and sensitiveness of their personal data. Legal institutions accompany this trend by creating new regulations of which DSP2, CCPA, GDPR regulations are but the first embodiments. The latter are constraining heavily every online activities and lay new legal responsibilities on any service provider collecting personal data, like integrating the consent or opt-out options in their platforms. Worldline has been protecting banking data for years and is constantly striving to improve its ability to fight against mobile fraud. The Company has accumulated a hefty advance in that field to ensure security of its platforms, and thus support its customers, not only banks but also E-health, transportation and retail sectors, by meeting their arising needs relating to mobile security and privacy. Worldline strategy to address mobile fraud relies on the three following pillars: 1. Creation of a Worldline Mobile Security Centre For ten years, this Mobile Security Centre has been gathering the needed experts in device security, cryptography and data science to strengthen and better foresee how Worldline addresses future mobile security challenges. This expert team’s goal is threefold: Liaise with the Research, Development & Innovation ● departments and digest whatever newtechnolo gies they foster, and push up the new fields of interest of the Company; Liaise with the Presales in all Worldline to get a clear ● reading of the market, and help them get a feeling about arising technologies; Offer continued expertise, support and perspective to the ● product teams so that they can see what is in store, and collect practical issues they are facing. Worldline’s Mobile Security Centre allows the securing of more than 15 million of mobile devices various sectors such as Financial Service, Identity & Health, and now Transportation and Merchant Services. In 2020, the Mobile Security Centre secured more than 400 million transactions.

Alerting/security incidents: This includes generation of ● alerts based on 1:1 mapping or correlated events and production of alerts, to notify recipients of issues immediately. Depending on the classification of the alert or security incident, customers are informed or/and qualified personnel start working to analyse the alert; Retention: SIEM employs long-term storage of raw log ● data to satisfy compliancy requirements. This feature is critical in forensic investigations; 24x7 SOC Monitoring and analysis: The SIEM SOC ● provides continuous monitoring of security incidents and reaction to abnormal behaviour according to the levels of severity defined in the Security Incident Response Procedure of Worldline. Security incidents are analysed and those identified as “false positives” are closed. In case of confirmed security incidents, the corresponding escalation procedures are performed by a SOC Analyst . C. Respond The Computer Security Incident Response Team (CSIRT) ● analyses potential incidents and determine their severity, priority and what activities to undertake to mitigate the threat. If a security incident is detected, the CSIRT initiates mitigation measures and generates recommendations to remediate the root cause. For each priority 1 and 2 security incident, the CSIRT leads a defined action plan and perform all necessary escalations in Worldline or using a customer escalation matrix. Customer contact persons are involved in this escalation. In case the incident requires a forensic analysis, the Security incident management team performs it remotely. The services provided by CSIRT: Provides comprehensive security functionalities around ● threat management, security incident response and forensic analysis; Protects the end user devices and servers by analysing ● all activities of malicious code; Helps to protect Worldline intellectual property, ● business-critical information, and sensitive data against internal and external harassments: Security Incident Response , which analyses detected ● security incidents, initiates mitigation measures and generates recommendations to remediate the root cause, Forensic Analysis , whereby CSIRT investigates and ● analyses suspicious activities on systems ( e.g. evidences malicious activities, data loss or data manipulation).

124

Universal Registration Document 2020