| Website | groundlabs.com |
| Category | Software |
| Employees |
Ground Labs is a software company creating security and auditing products designed to assist PCI DSS compliance.
The flagship product offered by Ground Labs is branded Card Recon. Card Recon is a software application capable of identifying payment card (credit card) data in a wide variety of storage formats including documents and emails.
Card Recon was created in direct response to the evolution of the PCI standards including PCI DSS and PCI PA-DSS. Whilst developing Card Recon Ground Labs consulted with various industry stakeholders including PCI QSA’s and IT security professionals to verify product accuracy, usefulness and applicability to PCI standards.
Card Recon is presently the only commercial application known to exist that exclusively focuses on payment card identification for PCI Compliance.
The engineering experience used to develop card recon is derived from Antivirus and Intrusion Detection technologies. When developing Card Recon the Ground Labs development team primarily focused on elimination of false positives. Traditionally when detecting 15-16 digit numbers that conform to MOD10 it is normal to find a significant number of false positives. Often the false positive rate may overshadow the intended outcome of identifying real payment cards being stored. Card Recon leverages its user base to identify and report ongoing data matches that may be deemed a false positive. Ground Labs openly requests data from its user base to feed back into its development cycle for product improvement.
Ground Labs has provided Card Recon as a Desktop/Server application for file system scanning from the outside. Ground Labs is presently testing other editions of Card Recon including an Open API for OEM to software and hardware vendors and a network/protocol scanning implementation for specific applications such as intrusion detection and SMTP scanning/blocking of credit cards.
