www.verygoodsecurity.com Open in urlscan Pro
18.66.248.97  Public Scan

Form analysis
0 forms found in the DOM

Text Content

 * Solutions
   
   Products
   
    * VGS Platform Collect, Protect, and Exchange
   
    * VGS Control Automated Compliance
   
    * VGS Payment Optimization Acceptance, Costs, Approvals
   
   Use Cases
   
    * PCI Compliance
   
    * Card Issuance
   
    * Tokenization
   
    * Data Privacy / PII
   
   Compliances
   
    * PCI
   
    * SOC 2
   
   Featured Content
   
   The Essential Guide to PCI DSS Compliance
   
   3 Ways To Reduce PCI Costs

 * Developers
   
   Vault Docs
   
    * Overview
   
    * Getting Started
   
    * Guides
   
    * Platform
   
    * Dashboard
   
    * Developer Tools
   
   Payment Optimization
   
    * Overview
   
    * Collecting Payment Information
   
    * Universal Checkout
   
    * Payment Orchestration
   
    * CALM
   
   Control Docs
   
    * Overview
   
    * Getting Started
   
    * Features
   
    * Compliances
   
    * Integrations
   
    * Walkthroughs
   
   Contact
   
    * API Status
   
    * Support
   
   Connect
   
   VGS Devs Community
   
   VGS Github VGS Samples
 * Company
   
    * Product Overview Sign Up for Our Product Demo
   
    * Resources Case Studies, Guides, & Webinars
   
    * About VGS Mission, Values, and Initiatives
   
    * Blog Thought Leadership, Product News
   
    * Careers Come Join Our Team
   
    * Contact Start a Conversation
   
    * Press Press Releases, Media Coverage
   
    * Partners Value Add Partner Program
   
   From the Blog
   
   Payment Orchestration: Bringing Harmony to Your Payments Environment
   
   VGS Named to Forbes’ 2021 Next Billion-Dollar Startup List

 * Pricing
 * Request Demo

 * Sign Up
 * Log In


EEDENBULL ACHIEVES PCI LEVEL 1 AND SOC 2 COMPLIANCE 
WITH VGS IN HALF THE TIME &
COST



Case Study Summary


CASE STUDY


CLIENT

EedenBull is a fintech innovation company specializing in creating and
delivering B2B and commercial payment solutions. They work with banks, card
schemes, and payment partners on a global basis to enhance and drive innovative
business solutions and products to better serve Corporate and SME clients.

Andrew Veitch
COO

Region

Global

Industries

FinTech

Goal

Become PCI DSS and SOC 2 compliant to make it easier to sell


CHALLENGE

Meet a client deadline to become PCI Level 1 and SOC 2 compliant, with limited
resources


SOLUTION

PCI DSS Level 1, VGS Vault, VGS Control for SOC 2


RESULT

With help from VGS, EedenBull became both PCI Level 1 and SOC 2 compliant in
less than four months, with no additional headcount and at half the time and
cost quoted by the Big Four Accounting Firms.


BACKGROUND

EedenBull’s mission is to work with partner banks to improve how businesses pay
and get paid. They provide a spend management and card program, Q Business, in
partnership with more than 60 banks. In turn, these banks are able to meet their
customers' needs for better, safer and more convenient ways to pay and manage
their expenses using EedenBull’s cloud platform.

One of EedenBull’s key offerings is their turnkey card management system (CMS)
that helps banks issue and manage cards. Though the team employed serious data
security measures, they always knew they’d need to adhere to international
standards like SOC 2 and PCI since banks were their primary partners.


CHALLENGE

Though SOC 2 and PCI compliance were on their roadmap, EedenBull signed a large
banking partner that accelerated their timeline. The contract had deadlines for
achieving certifications in each area.

As a young organization, EedenBull never intended to take on the heavy workload
of compliance internally. They began discussions with some of the Big Four
Accounting Firms, but quoted timeline for SOC 2 alone was 6-7 months.

When discussions were well under way, Andrew Veitch, COO at EedenBull came
across VGS.

> “It was always in our heads to use a third-party that could help us with
> compliance because it's a nightmare to do yourself.”
> 
> Andrew Veitch
> COO


SOLUTION

> “I don't think we would have hit our date if we hadn't used VGS.”
> - Andrew Veitch, COO

At the start, Andrew looked to VGS to help with PCI compliance and to provide
data security through the VGS Vault. Once he got into discussions around PCI and
VGS Control, it soon became apparent there was a time-saving and cost-cutting
solution for SOC 2 as well.

“I must say we were quite skeptical at first. Can VGS really do what they say?
If it looks too good, it can’t be true, right?” Andrew shared. “But we talked to
VGS clients and they all raved about VGS. They confirmed that not only would it
be half the cost of the Big Four, it would take only half the time.”

Andrew went on to explain, “Considering time and cost were the major decision
making factors, it really became a very easy choice to partner with VGS.”


PROTECTING EEDENBULL, ITS BANKING PARTNERS’, AND THEIR CUSTOMERS’ SENSITIVE DATA

Accelerating PCI all starts with the VGS Vault, which insulates EedenBull’s
architecture from ever touching cardholder data. VGS intercepts data as it flows
to their servers, redacting the sensitive data and replacing it with an alias.


API-DRIVEN VIRTUAL CARD ENABLEMENT

While EedenBull, their banking partners, and even their banking partners’
customers only have access to that aliased data, using VGS enables virtual card
presentment so the end cardholder can receive and see their card information.
Since virtual cards are a huge area of growth, this ability to do real-time card
issuance while keeping EedenBull and partners PCI compliant is invaluable.

And it’s all done through API calls, which is one of the things that drew Andrew
to VGS in the first place. “We’re very API-driven, so Vault fit our
infrastructure model well,” Andrew explained. “The virtual card is generated via
our API calls into Visa APIs. VGS sits in the middle, redacts the sensitive
information, holds it, and then shows it to the cardholder in the app – and it
never sits anywhere in our architecture. It's always between VGS and the app,
and it keeps us PCI compliant.”


COLLABORATIVE PROBLEM SOLVING

While technology was obviously important to Andrew and team, they were also
looking for a true partner. “It was important to us to find a team that
understood our working style and culture. We wanted collaborative problem
solvers who deeply understood our industry.” Andrew said. “It’s not just VGS’s
product, it’s the guys on team that sit behind it. Whether that be from their
support or development team or anyone else within the organization. Everyone is
willing to talk to us and help us move things forward. It’s been a real team
effort.”




RESULTS

> "With VGS, EedenBull got our PCI DSS Level 1 and SOC 2 compliance at less than
> half the cost and several months earlier than we would have with one of the
> Big Four.” - Andrew Veitch, COO

In addition to implementing PCI DSS and SOC 2 compliance at half the rate quoted
by the Big Four Firms, VGS also mitigated the need to hire additional staff. If
EedenBull had partnered with a larger firm they would have to hire one to two
in-house employees at £75-100K each to manage the process. With VGS, EedenBull
did not have to make any additional hires. Andrew noted that partnering with an
auditor familiar with the VGS platform further accelerated and simplified the
auditing process.

VGS surpassed EedenBull’s expectations of a vendor so much that their internal
team members have become champions of VGS, promoting it to other clients as a
quick, simple way forward in compliance. Andrew says, “Because with VGS Vault,
our database did not hold any sensitive information, getting PCI certified was
just so, so easy to do.”




READY TO GET STARTED?

Join the thousands of customers, from startups to Fortune 500s, who trust VGS to
protect their sensitive data, fast-track their compliance and optimize their
payments. Connect with our team of experts and learn why VGS is the only
solution that solves security and compliance with one simple integration.

Request a DemoContact Sales

Recommended Case Study

TransferGo gets PCI Level 1 Compliant 10x more easily than DIY to facilitate
push card payments using multiple PSPs through one simple interface.

Read More
 * LinkedIn
 * Instagram
 * Twitter
 * Facebook
 * Github

207 Powell Street, Suite 200
San Francisco, CA 94102

 * Contact Us
 * support@verygoodsecurity.com

 * Terms
 * Privacy Notice
 * Report Vulnerability

Solutions

 * Product Overview
 * Card Issuers
 * Tokenization API
 * Data Privacy / PII
 * Pricing

Compliance

 * PCI
 * PCI Audit
 * PCI Assessment
 * SOC 2
 * CCPA for Developers
 * Compliance FAQs
 * Trust Center

Developers

 * Guides
 * Getting Started
 * FAQ
 * Sign Up

Company

 * About Us
 * Jobs
 * Blog
 * Contact
 * Resource Library
 * Media Assets

© VERY GOOD SECURITY, Inc.



PRIVACY PREFERENCE CENTER

When you visit any website, it may store or retrieve information on your
browser, mostly in the form of cookies. This information might be about you,
your preferences or your device and is mostly used to make the site work as you
expect it to. The information does not usually directly identify you, but it can
give you a more personalized web experience. Because we respect your right to
privacy, you can choose not to allow some types of cookies. Click on the
different category headings to find out more and change our default settings.
However, blocking some types of cookies may impact your experience of the site
and the services we are able to offer.
More information
Allow All


MANAGE CONSENT PREFERENCES

STRICTLY NECESSARY COOKIES

Always Active

These cookies are necessary for the website to function and cannot be switched
off in our systems. They are usually only set in response to actions made by you
which amount to a request for services, such as setting your privacy
preferences, logging in or filling in forms. You can set your browser to block
or alert you about these cookies, but some parts of the site will not then work.
These cookies do not store any personally identifiable information.

PERFORMANCE COOKIES

Performance Cookies

These cookies allow us to count visits and traffic sources so we can measure and
improve the performance of our site. They help us to know which pages are the
most and least popular and see how visitors move around the site. All
information these cookies collect is aggregated and therefore anonymous. If you
do not allow these cookies we will not know when you have visited our site, and
will not be able to monitor its performance.

FUNCTIONAL COOKIES

Functional Cookies

These cookies enable the website to provide enhanced functionality and
personalisation. They may be set by us or by third party providers whose
services we have added to our pages. If you do not allow these cookies then some
or all of these services may not function properly.

TARGETING COOKIES

Targeting Cookies

These cookies may be set through our site by our advertising partners. They may
be used by those companies to build a profile of your interests and show you
relevant adverts on other sites. They do not store directly personal
information, but are based on uniquely identifying your browser and internet
device. If you do not allow these cookies, you will experience less targeted
advertising.

Back Button


PERFORMANCE COOKIES



Vendor Search Search Icon
Filter Icon

Clear
checkbox label label
Apply Cancel
Consent Leg.Interest
checkbox label label
checkbox label label
checkbox label label

Reject All Confirm My Choices


By clicking “Accept All Cookies”, you agree to the storing of cookies on your
device to enhance site navigation, analyze site usage, and assist in our
marketing efforts.

Cookies Settings Reject All Accept All Cookies