PCI Compliance /Payment Security

Fortune 500 companies count on us to get it right.  Implementing and maintaining secure networks, payment applications, payment devices, policies, and vendor relationships does not happen by accident.  Allow us to work with your team to formulate a directed approach that includes full PCI-compliance, optimal payment security, peak efficiency, and minimized cost.

Payment Application Development

Trust your software development project to proven experts.  Diverge has spent two decades managing software development, and specializes in developing secure, reliable, scalable applications for e-commerce, customer relationship management, and third-party integrations.  Contact us for a custom bid.

Payment innovation & leaderSHIP

PCI-P2PE Trailblazer

Sam has had the privilege of being part of the internal team that built and released the first PCI validated point-to-point encryption solution in North America, as well as working with other solution providers to attain this challenging validation.  Sam's role has included writing cryptographic procedures, overseeing key management and policy compliance, and helping launch the world's first PCI-P2PE 2.0 decryption-as-a-service (DaaS) solution.  Sam is now a QSA (P2PE), one of fewer than 100 assessors worldwide certified to assess P2PE solutions.

PCI Liaison

Somewhere between internal distractions and your auditor's idealism is the optimal mix of security, risk-management, and efficient business operations.  Sam is a certified as a qualified security assessor (QSA), a P2PE QSA, and PCI Professional (PCIP), allowing him to operate in a unique position as both liaison to your QSA, as well as a surrogate team member to assist with the design of effective solutions for secure payment processing.  Other services include drafting policy documentation, penetration testing, network design, and in general demystifying the world of PCI compliance.

Payments Architect

Since 2006, when Diverge built the first-of-its-kind SaaS mobile EBT acceptance system on the Ingenico i7910 platform, we have never stopped innovating.  Sam's recent product work includes a jQuery-driven e-Commerce API, and the world's first PCI-P2PE/EMV semi-integrated/standalone countertop terminal for retail and small businesses (including signature capture and printer).   Roles included drafting business requirements, conducting vendor analysis, running RFPs, document writing, product management, and QA.

Application Specialist

Designing, building, or testing a payment solution requires understanding of the underlying software and hardware architecture, but also the impact of data flows on PCI compliance, EMV certification, and card brand compliance. Our team has worked with numerous software companies to architect payment solutions for security, compliance, and cost-effectiveness.  Whether as the application architect, PCI consultant, business analyst, project manager, or application security analyst we know how to navigate the pitfalls to ensure timely and on-budget project delivery.

phone / Video Consult

Set up a free 30 minute consult to discuss your needs, and how Diverge can assist.  Click here to schedule online.

On-Site / Project  Engagements

Prefer to meet face-to-face?  Contact us for our fee schedule, travel schedule, and no-obligation project review.

Call (303) 569-6977 for a free consult today.

• An avid distance runner, Sam recently completed his first 50-miler!
  

• Sam and his beautiful wife, Melinda, have been married for 26 years, and have three children (ages 23, 22, and 19).

SAM PFANSTIEL, Ph.D.

PRINCIPAL, FOUNDER

Sam is a perpetual student of innovation and technology. Over the past 25 years, he has held CIO and IT leadership roles with five organizations and managed over 1,000 distinct technology projects. Sam founded Diverge in 2004 in Broken Arrow, OK, and now resides in Broomfield, CO.

Sam recently received his doctorate, publishing his dissertation research entitled “Impact of Internal Control, Cybersecurity Risk, and Competitive Advantage on Retail Security Investment.” [Follow on ResearchGate]

Sam is currently engaged as principal security consultant with Coalfire, and is not seeking private consulting engagements at this time for any services provided by Coalfire. However, if you need Sam to speak at your event or require assistance with your system security and compliance, he would be happy to assist you within this role.

CURRENT CERTIFICATIONS*

Certified Information Systems Security Professional (CISSP)

Certified Information Security Manager (CISM)

Certified Information Systems Auditor (CISA)

Certified Ethical Hacker (CEH)

PCI Qualified Security Assessor (QSA)

PCI Point-to-Point Encryption (P2PE) Assessor

PCI Point-to-Point Encryption (P2PE) Application Assessor

PCI Qualified PIN Assessor (QPA)

Certified TG-3 Auditor (CTGA)

3-D Secure Assessor (3DSA)

Software Security Framework (SSF) Secure Software Assessor

Software Security Framework (SSF) Secure SLC Assessor

PCI Professional (PCIP)

* Some certifications only valid for work performed for employer, Coalfire