Our PCI-DSS servers are tested every three months by the independant organism Security Metrics :

• Scan made by an approved provider
• CVSS* Level 1 maximum
• External link allowing to control our certification
• Conformity certificate
• Self-assessment conduction

*Common Vulnerability Scoring System (CVSS) is a rating system standardized for the criticality of vulnerabilities with objective and measurable criteria. This scoring is constituted of 3 measurements called metrics : Basic metrics, time metrics and environmental metrics.

Software audits

• Software vulnerability tests made in january 2017 by Synopsys (ex-Cigital inc.) :
• Test realized in Black-box (Real test)
• Submission of a vulnerability report
• Breaches correction by EasyTransac’s teams
• Control of the corrections validated by Synopsys