Compliance and Certifications

VERITRAN is a company engaged in the provision of digital solutions as part of a commercial service portfolio aligned with a market which is diverse and demanding regarding quality guidelines and aspects. In the context of the protected granted to said commercial solutions, the executives of Veritran understand that the adoption and implementation of international models and standards vastly contribute to the ongoing improvement of services offered for the entire satisfaction of all stakeholders. Pursuant to the foregoing, Veritran is certified under international ISO 9001:2015 and ISO 27001:2013 standards. These good-practice guidelines set forth the responsibility for implementing and maintaining a Management System which is compliant to the principles on Service Quality and Information Security. These principles are met by Veritran under the following business policies:

Quality Policy

At Veritran, we believe that simplifying people's lives empowers our clients' businesses.

Through our Enterprise Low-Code Platform, we accelerate and streamline the development of immersive digital channels that create top-tier user experiences and are prepared for future challenges. We drive innovation for companies worldwide, reaching millions of users who conduct billions of secure transactions each year. We ensure that our services meet the expected requirements of our clients in every country where we operate, including our suppliers, partners, and collaborators.

We are a company known for its high professionalism, considering it essential to understand quality as a fundamental tool for conducting our activities. We aim to deliver the best results to our clients, society, and everyone who is part of Veritran through our Quality Management System, based on the following principles:

Continuous innovation

We foster an environment where innovative ideas are proposed across all areas of the company, where existing practices can be challenged, promoting co-creation of work, value addition, and disruptive innovation.

Service orientation

We focus on meeting our clients' needs, ensuring compliance with legal, regulatory, and internal requirements of the Management System. We make Quality a core element of the Company Culture, customer-oriented, and develop a participatory and collaborative management approach.

Transparency and communication

We comply with processes, providing access to information while maintaining open communication with all our stakeholders.

Process definition

We manage the business through a Process-Based Management System, adopting best practices to meet international standards. We draw on expert and shared knowledge, fluid communication, and continuous training.

Work environment

We promote a work environment where our collaborators generate initiatives for continuous improvement and active innovation; they work consciously, responsibly, collaboratively, and empathetically.

We commit to providing the resources to disseminate and implement this policy at all levels of the organization, extending its reach to our collaborators, suppliers, partners, shareholders, and clients.

Cyber Resilience Policy

Veritran has defined the following general policy which represents a statement of its commitment to ensure and maintain its mission objective by managing risks associated with information security, technology and business continuity:

Veritran has adopted and implemented recognized standards aligned to international regulations governing good practices to ensure, protect, preserve and manage the confidentiality, integrity and availability of information with the help of timely management of its risks, taking into account, the identification and implementation of controls to minimize the probability of occurrence and the level of impact enrolled to security incidents.

Certifications

SOC 2

SOC 2 is an auditing standard developed by the American Institute of Certified Public Accountants (AICPA) to assess the effectiveness of an organization's controls over information security, availability, processing integrity, confidentiality, and privacy. SOC 2 Type 1 measures an organization’s systems and controls and evaluates the design and implementation of these controls to ensure they are suitably designed to meet the relevant trust services criteria.

With SOC 2 compliance, Veritran is equipped to meet specific needs of key industries and provide customers with confidence that their sensitive data is protected by a trusted partner. For this compliance audit and certification process, Veritran enlisted a professional third-party auditor, Schellman & Company, LLC and has been confirmed to meet the American Institute of Certified Public Accountants (AICPA) Trust Service Criteria.

Veritran was verified through an in-depth independent audit relevant to security set forth in TSP section 100, Trust Services Criteria for Security. More than 120 requirements were met for Veritran to achieve this major milestone of becoming SOC 2 certified. The process included an extensive examination of Veritran's controls, practices, organization charts, and business processes, their effectiveness and value, and more.

PCI DSS

Veritran LLC (Veritran) is a level 1 service provider located in Buenos Aires (Argentina), operating as a tokenization service provider for cardholder transaction requests in the mobile wallet. Veritran is responsible for receiving and sharing token issuing requests from cardholders and authorizing these tokens with the brands.

Explanation of Third-Party Relationships: Amazon AWS (cloud computing service provider): Provides cloud computing services to Veritran (PaaS) such as virtual networks, load balancers, storage and other security and monitoring tools. Amazon AWS is PCI DSS compliant and its AOC (DOC-71, 14 Dec 2021 #3.2.1) was evaluated by the assessor to ensure that all applicable requirements are covered.

Token issuing process (TSP): In the issuing flow, the issuer wallet requests the tokenization of cards. The card's sensitive data is received where the token is generated. As the cardholder is operating from an issuer wallet, no terms and conditions and additional authentication flows applies.

ISO 27001

At Veritran, we are proud to have the ISO 27001 certification, and we want to share with you the reasons why this certification is essential to us. Firstly, the ISO 27001 certification demonstrates our unwavering commitment to information security and the protection of our clients' confidential data. With this certification, we guarantee that we have implemented a robust information security management system supported by recognized international standards.

Furthermore, the ISO 27001 certification allows us to systematically assess and mitigate risks associated with information security. Through a proactive approach, we identify potential vulnerabilities and take necessary measures to protect our infrastructure and the entrusted data. This certification also gives us a competitive advantage by instilling confidence in our clients and business partners, showcasing our commitment and capability to safeguard the confidentiality, integrity, and availability of information across all our operations. In summary, the ISO 27001 certification reinforces our dedication to information security and positions us as a trusted partner in an increasingly complex and threatening digital environment.

ISO 9001

Scope: "Design, development, and evolution of the low-code software platform 'Veritran Low Code Platform.' Design, development, customization, implementation, and support of Digital Solutions for banking and retail, based on the Veritran Low Code Platform.”


Elevating Excellence: Key Benefits of ISO 9001 Certification at Veritran.
Our ISO 9001 certification is more than just a quality mark; it is a commitment to continuous excellence that has transformed our operations and customer relationships. Here’s how:
  • Optimized Operational Efficiency: The certification has enabled us to establish clear and efficient processes, reducing waste and improving productivity across all areas.
  • Guaranteed Continuous Improvement: With a systematic focus on continuous improvement, we are constantly adapting and refining our services, keeping us at the forefront of the industry.
  • Enhanced Trust and Credibility: Our clients trust that we consistently deliver high-quality products and services, strengthening our relationships and setting us apart from the competition.
  • Simplified Compliance and Regulations: ISO 9001 provides us with a solid framework to meet global regulations and standards, minimizing risks and ensuring compliance.
  • Improved Customer Satisfaction: By focusing our processes on customer needs and expectations, we have enhanced customer satisfaction and loyalty, resulting in longer-lasting and more beneficial business relationships.
  • Access to New Markets: The certification has opened doors to international markets, allowing us to expand our global presence and seize new business opportunities.
ISO 9001 certification is a cornerstone of our quality and continuous improvement strategy, ensuring that Veritran not only meets but exceeds market expectations.