Connect with us

Software

Upperlink Achieves ISO/IEC Certifications for e-Payment, Software Development

Published

on

, SiliconNigeria

Upperlink, Nigeria’s leading software development and e-payment firm, has achieved the International Organization for Standardization (ISO) and International Electrotechnical Commission (IEC) certifications.

The chief executive officer of the company, Mr Segun Akano in a statement explained that e-payment applications and software development in recognition of its management system which complies with ISO/IEC 27001:2013 (ISMS) are part of the scope of activities covered by the certificate.

 He added that the organisation’s documentation and implementation has been reviewed by the ISO/IEC body and found to comply with the relevant standard rules. “Upperlink believes that adhering to the high standards of information security is a requirement in the e-payments market.

“We have invested substantially in that responsibility, an effort that has now resulted in our company becoming ISO/IEC 27001:2013 (ISMS) certified, receiving accreditation for our e- payment applications and software development processes,” Akano explained. 

 The emphasis placed on data security has steadily risen as awareness and legal protections have grown in response to damaging data breaches in the past. An industry with a conservative posture on security, electronic payment has continued to demand more from the ecosystem.

“By adopting this international standard, Uppelink has demonstrated its intention to meet the needs and expectations of our enterprise clients for whom data security is a foundational expectation,” Akano noted. 

ISO 27001 is recognized as the global standard for information security with over 100 requirements governing the creation and management of a robust ISMS.

These requirements span physical protection, software development practices and systems architecture, and far-ranging operational processes including risk management and business continuity.

Akano said Upperlink’s certification would ensure that its clients can rely on its systems and business practices to protect the confidentiality and integrity of the data under its control.

He listed some of the implemented controls by the company to include security-by-design, product development, data encryption, vulnerability management, business continuity and disaster recovery plans.

“We have made this commitment over a year ago because we believe that information security is a prerequisite to serving e-payments customers and it represents the dominant risk to the emerging market, our business, and our customers,” Akano added.

He said the company prepared and achieved this certification to convince itself that its operations are appropriately secure. “But we know that our clients care deeply about these issues. We also know that this is a non-negotiable consideration when you are operating in a regulated market like e-payment,” he said.

Continue Reading
Advertisement Advertisement
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Apps

AppsFlyer Unveils Measurement, Analytics and Data Clean Room Support for ChatGPT Plugins

Published

on

, SiliconNigeria

AppsFlyer has announced the launch of its new measurement and Data Clean Room support for ChatGPT plugins. Brands and marketers can now measure the customer journeys and performance of their ChatGPT plugins across all platforms – including mobile app, CTV and web, as well as across all paid, social and organic traffic sources such as Meta, Google, and Apple.

In March 2023, OpenAI announced ChatGPT plugins, allowing its users to interact with other services through ChatGPT’s interface. With the plugins, ChatGPT users can query services like Expedia, FiscalNote, Instacart, KAYAK, Klarna, and Shopify to get real-time, actionable answers from these data sources without leaving OpenAI’s platform. 

ChatGPT plugins have opened up a new world of consumer interactions and revenue opportunities. However, without cookies and device identifiers, analytics and measurement are impossible with current tools. AppsFlyer’s privacy-preserving measurement and analytics support for ChatGPT solves this challenge by providing brands and marketers with analytics and actionable insights into their customers’ interactions and performance of their plugins, together with their marketing activity across all traditional digital platforms and traffic sources. 


“ChatGPT plugins present a revolutionary opportunity for brands and consumers to connect, in addition to interactions on web and mobile apps,” said Oren Kaniel, CEO and Co-founder, AppsFlyer. “As an industry, we have an opportunity to architect this new world in a responsible way, by maximizing both customer value, experience and privacy. This new world is not bound to the status quo and building blocks like cookies and device identifiers. I am thrilled to take part in this revolution, not only because we have been building privacy-preserving tech for a cookieless environment for the last 10 years, but mainly because it is perfectly aligned with our vision for a better and safer digital experience.”

Continue Reading

IT and Telecomms

NCC-CSIRT Issues Advisories to protect Nigerians against Threat Actors  

Published

on

, SiliconNigeria

The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT), in line with its mandate, has rolled out some advisories in the first few weeks of the year 2023 as cyber threat actors continue to devise means of compromising their targets.

The latest of such advisories urged users to be mindful after attackers use Microsoft OneNote attachments in phishing emails that infect victims with remote access malware, which may allow hackers to remotely access vital information on victims’ devices.

The Team advised users not open files from people they do not know, not to click ‘OK’ and immediately exit the application if they receive a warning that opening an attachment or link can damage their computer or files and to promptly share an unknown email they believe to be genuine with a security or Windows administrator to assist in determining whether the file is secure.

It had recently advised people not to open attachments in suspicious emails and to only purchase or download applications from official websites in response to the discovery of phishing malware that can gain unauthorized access to sensitive user data and download further malware.

The team reported that cybersecurity analysts at ASEC (South Korea’s cybersecurity emergency response centre), discovered a NetSupport RAT malware being distributed by threat actors from a phishing website disguised as a popular Pokemon card game.  

The malware is a remote access tool that easily controls its victims’ Personal Computers and may allow the attackers to remotely control the compromised computer’s mouse and keyboard, access the system’s file management and history and even execute commands allowing them to install additional malware.  

According to the researcher, the CRAFTED website that spread the malware is still online. It claims to be home to a new NFT card game built around the Pokemon franchise, offering users strategic fun together with NFT investment profits.  

Continue Reading

Software

NCC Advises Zoom Users to Update Software After Vulnerabilities Found

Published

on

, SiliconNigeria

The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has advised users of videotelephony platform, Zoom, to install the latest update of the software from its publisher’s official website following the discovery of vulnerabilities that allows a remote attacker to exploit the app. 

In advisory issued on Wednesday, NCC-CSIRT reported that the Indian Computer Emergency Response Team (CERT-In) found several flaws in Zoom product. The videotelephony platform became popular for virtual meetings in the wake of the COVID-19 Pandemic with more than 300 million daily users. 

According to the NCC-CSIRT advisory, “A remote attacker could exploit the vulnerabilities to circumvent implemented security measures and cause a denial of service on the targeted machine.”  

It noted that “These vulnerabilities exist owing to incorrect access control implementation in Zoom On-Premises Meeting Connector MMR prior to version 4.8.20220815.130. A remote attacker could exploit these flaws to join a meeting they were not permitted to attend without being seen by the other attendees. They can also access audio and video feeds from meetings they were not permitted to attend, as well as interrupt other sessions.” 

Continue Reading

Popular News