Skip to main content

Help us improve the Digital Marketplace - send your feedback

Silver Lining Convergence Limited

PCI-DSS Compliance Solution

PCI compliance for your voice transactions to protect your business from fraud; no card information is ever revealed by the call recipient. No interruption to the conversation without need to pause, suppress or manipulate recordings. This delivers savings by reducing the number of PCI controls required simplifying auditing and management.

Features

  • Real-Time Data Masking: Hides sensitive information during calls automatically.
  • Seamless Integration: Compatible with existing systems & no upgrades needed.
  • Voice Processing: Maintains natural conversation flow without interruptions.
  • Automated Reporting: Automatically generates necessary compliance reports.
  • Encryption: Employs strong encryption protocols for data security.
  • Scalable : Easily adjusts to increasing call volumes.
  • Data Storage: Prevents local storage of sensitive cardholder data.
  • 24/7 Monitoring: Offers constant monitoring and technical support.
  • Auditing: Includes detailed logging and auditing tools.
  • User-Friendly Dashboard: Centralised management and reporting dashboard.

Benefits

  • Enhanced Security: Protects against data breaches and fraud.
  • Regulatory Compliance: Ensures adherence to strict PCI-DSS requirements.
  • Cost Savings: Reduces required PCI controls and associated costs
  • Improved Customer Trust: Secures payment information, boosting consumer confidence
  • Operational Efficiency: Streamlines operations, maintaining call quality.
  • Flexibility: Adapts easily to various business sizes and needs.
  • Data Integrity: Maintains data integrity with advanced encryption.
  • Minimal Disruption: Minimal impact to existing workflows during implementation.
  • Simplified Auditing: Streamlines management and auditing processes.
  • Business Continuity: Supports continuous operation during compliance activities.

Pricing

£7.50 a licence a month

  • Education pricing available
  • Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@silver-lining.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

4 1 7 4 2 7 9 2 4 6 3 2 4 7 7

Contact

Silver Lining Convergence Limited Silver Lining
Telephone: 0345 313 1111
Email: sales@silver-lining.com

Service scope

Software add-on or extension
No
Cloud deployment model
Private cloud
Service constraints
N/A
System requirements
None, Fully managed solution

User support

Email or online ticketing support
Email or online ticketing
Support response times
The SLA is from 30 minutes
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Onsite support
Support levels
We provide comprehensive support services tailored to ensure uninterrupted operations and customer satisfaction. Our support is available 24/7/365, offering unlimited fault resolution to promptly address and rectify any issues that may arise, ensuring minimal disruption to your business operations. Each client benefits from a personalised service as they are assigned a dedicated Technical Account Manager. This manager acts as your primary point of contact, helping to streamline communications and ensure that all your service needs are met efficiently. Additionally, a dedicated solutions manager is assigned to each client to help customise our solutions to fit your specific requirements perfectly, enhancing the overall effectiveness of the deployed solutions. For detailed information on the various support tiers and associated costs, we encourage potential clients to get in touch with us directly.
Support available to third parties
Yes

Onboarding and offboarding

Getting started
To ensure users start using our service smoothly, we have developed a comprehensive onboarding process managed by a dedicated project team, led by an experienced PRINCE2-certified project manager. Our approach begins with 'kick-off' and 'discovery' meetings to understand your specific needs and establish a tailored onboarding strategy.
We provide flexible training options including online and in-person sessions, designed to make users proficient in operating our service. These training programmes accommodate all user levels, ensuring everyone from tech-savvy to novice users can effectively utilise our offerings.
In addition to training, we supply detailed user documentation and welcome packs. These resources are crafted to guide users through the service features and functionalities, enabling them to navigate and leverage our service effectively right from the start. The documentation is easily accessible and regularly updated to reflect the latest features and best practices.
Our aim is to facilitate a seamless transition to our services, ensuring that every user can maximise the benefits from day one with confidence and support.
Service documentation
Yes
Documentation formats
  • HTML
  • PDF
End-of-contract data extraction
Varies based on solution taken.
End-of-contract process
Varies based on solution taken.

Using the service

Web browser interface
Yes
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
No
Designed for use on mobile devices
Yes
Differences between the mobile and desktop service
None noted. Service works on all platforms. Only difference is amount of real estate utilised.
Service interface
Yes
User support accessibility
None or don’t know
Description of service interface
Our PCI solution uses technology that doesnt store any card data, intercepts and mutes keypad tones to provide companies with a secure way of handling card payments.
Accessibility standards
None or don’t know
Description of accessibility
N/A
Accessibility testing
N/A
API
Yes
What users can and can't do using the API
Date/Time
CLI/DDI
Agent/Department/Company Name/Number/Identification
Order/Transaction Number
CRM/PSP Integration
PSP Transaction Number
Accept / Decline Detail
API documentation
Yes
API documentation formats
PDF
API sandbox or test environment
Yes
Customisation available
Yes
Description of customisation
The landing page and any subsequent pages can be specifically customised to the client, team or company utilising the solution.

Scaling

Independence of resources
Organisations have private dedicated resource.

Analytics

Service usage metrics
Yes
Metrics types
Metrics types
CPU
Disk
HTTP request and response status
Memory
Network
Number of active instances
Reporting types
  • API access
  • Real-time dashboards
  • Regular reports
  • Reports on request

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Conforms to BS7858:2019
Government security clearance
Up to Security Clearance (SC)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least every 6 months
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
  • Physical access control, complying with CSA CCM v3.0
  • Physical access control, complying with SSAE-16 / ISAE 3402
  • Physical access control, complying with another standard
  • Encryption of all physical media
Data sanitisation process
Yes
Data sanitisation type
  • Explicit overwriting of storage before reallocation
  • Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
N/A no data is stored in within the system.
Data export formats
Other
Other data export formats
N/a
Data import formats
Other
Other data import formats
N/A

Data-in-transit protection

Data protection between buyer and supplier networks
  • Private network or public sector network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway
  • Bonded fibre optic connections
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
100% infrastructure uptime guarantee, up to 99.999% service availability.
Approach to resilience
Our cloud service is designed with a robust multi-layer resilience strategy. The core network utilises the latest technology, connecting to multiple availability zones across multiple data centres across the UK. This setup is fully multihomed and includes multi-location interconnects with internet transit for enhanced reliability.

Strategically positioned outside of Greater London, the availability zones ensure our network exceeds all standard survivability requirements. Our infrastructure allows for distribution across the whole network, with banking-grade availability and data protection. This includes real-time synchronous data centre replication for storage and cross data centre failover, alongside mirroring of compute workloads through VMware’s hyperconverged infrastructure.

To safeguard against data loss, all data is backed up to converged storage nodes equipped with checksumming to prevent corruption. Our rigorous engineering protocols are designed to eliminate human error and maintain high standards of change control. This commitment to operational excellence ensures that our cloud platform remains one of the UK’s most reliable solutions for a comprehensive approach to resilience, no matter the product. Specific details on our data centre setup are available upon request to maintain security and confidentiality.
Outage reporting
Online Portal, E-mail alerts, Ticket updates, Calls from the support desk.

Identity and authentication

User authentication needed
Yes
User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
Access restrictions in management interfaces and support channels
Privileged access policies implemented.
Access restriction testing frequency
At least every 6 months
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
User-defined
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
User-defined
How long system logs are stored for
User-defined

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
BSI
ISO/IEC 27001 accreditation date
09/06/2023
What the ISO/IEC 27001 doesn’t cover
Varies on service taken.
Initial Certification: 03 June 2017
Latest Issue: 09 June 2023
Expiry Date: 03 May 2026
ISO 28000:2007 certification
No
CSA STAR certification
No
PCI certification
Yes
Who accredited the PCI DSS certification
ProCheckup
PCI DSS accreditation date
July 2023
What the PCI DSS doesn’t cover
Services outside the PCI Level 1 accredited environment
Cyber essentials
Yes
Cyber essentials plus
Yes
Other security certifications
No

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Strict internal processes as well as ISO27001, PCI level 1 Certified, GDPR best practices, ITIL framework etc.

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
Change management is implemented at varying approval levels with risk assessments and roll back considered. We work to customer change management process as well as our own.
Vulnerability management type
Supplier-defined controls
Vulnerability management approach
Internal policies which are audited by an approved third party. Patches are deployed in line with our patching policy. Threat information is supplied by software vendors and accredited third parties.
Protective monitoring type
Supplier-defined controls
Protective monitoring approach
Varies based on solution taken.
Incident management type
Supplier-defined controls
Incident management approach
Varies based on solution taken.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks
No

Social Value

Social Value

Social Value

  • Fighting climate change
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

Fighting climate change

Silver Lining is deeply committed to environmental sustainability, guided by the principle of leaving the world better than we found it. Our efforts, underpinned by ISO 14001 accreditation, focus on minimising our carbon footprint through various initiatives. This includes establishing an effective environmental management system aimed at reducing waste, improving operational efficiency, and lowering toxic emissions. We prioritise recycling internally and among stakeholders, opt for environmentally friendly products, and ensure compliance with or exceeding environmental legislation.

Through accredited programs, we offset greenhouse gas emissions, resulting in significant energy reductions. For instance, from January 2021 to January 2022, our energy consumption decreased from 9,600 kWh to 6,600 kWh, further bolstered by investments in solar panels. Additionally, our vehicle fleet transitioned to 90% electric, with plans to reach 100% by the end of 2024, positively impacting local air quality and reducing our carbon footprint.

Our participation in the SME Climate HUB aligns with our commitment to net-zero emissions and climate change mitigation. Internally, we promote renewable energy use, achieve 80% paperless operations, and utilise energy-efficient office systems. Initiatives like the cycle-to-work scheme, supported by recycled-material bike shelters, and eco-friendly event products, such as biodegradable Silver Lining bags, further our sustainability goals.

Our innovative Cloud PC or Virtual Desktop solution contributes to carbon emission reduction by eliminating traditional desktop computing inefficiencies. Deploying virtual desktops for 1,000 users can save approximately 66.7 tonnes of CO2 annually.

As we progress towards a net-zero future, sustainability remains a core pillar driving every decision and initiative at Silver Lining.

Tackling economic inequality

We are deeply committed to workforce diversity and inclusion. By implementing targeted recruitment and inclusive practices, we ensure meaningful opportunities for all, particularly those facing employment barriers. Our onboarding and apprenticeship schemes, with a 90% retention rate and pathways to managerial roles, highlight our dedication to employee development and reflect similar commitments in our supply chain management.

In collaboration with educational institutions, we invest in skill development tailored to high-growth industries, preparing our workforce and supply chain partners for future challenges. These efforts are complemented by targeted training schemes that support educational attainment and skill qualification, empowering individuals to excel in their roles and contribute to our projects meaningfully.

Silver Lining promotes responsible business practices across our stakeholder network, advocating for workforce development and community engagement to create a thriving ecosystem of employment and skills development. Our fair and responsible approach in the supply chain ensures collaborative and productive partnerships.

Equal opportunity

At Silver Lining, inclusivity isn't just a buzzword; it's a guiding principle deeply ingrained in every aspect of the company's operations. One of the most tangible manifestations of this commitment is seen in how the company prioritises the representation of disabled individuals within its contract workforce. This isn't merely about meeting quotas or ticking boxes; it's about recognising the immense value that people of all abilities bring to the table and ensuring that everyone has equal opportunities to thrive.

Central to Silver Lining's approach is its investment in specialised training programs designed to cater to the unique needs of disabled individuals. By offering accessible training, the company not only equips these individuals with the skills necessary for success but also sends a powerful message of inclusion and empowerment. Through these programs, Silver Lining doesn't just fulfil contracts; it nurtures personal and professional growth, instilling a sense of confidence and capability in its workforce.

But Silver Lining's commitment to inclusivity extends far beyond the confines of its own operations. The company actively advocates for disabled individuals through inclusive policies, awareness campaigns, and proactive engagement with the broader community such as some of the charities we closely work with. By leveraging its influence and resources, Silver Lining seeks to effect meaningful change, not only within its own walls but also in society at large.

In doing so, Silver Lining contributes to a more equitable and accessible world where individuals of all abilities are valued and given the opportunity to thrive. By championing inclusivity in the workplace and beyond, the company serves as a beacon of hope, inspiring others to join in the pursuit of a more just and inclusive society.

Wellbeing

Silver Lining exemplifies how collaboration with users and communities can be integrated into business operations to strengthen community ties and enhance well-being. At its core, the company prioritises the health and well-being of all stakeholders by offering flexible working hours. This policy acknowledges the diverse personal responsibilities and lifestyles of employees, allowing them to adjust their work schedules to fit their needs while maintaining productivity. Such flexibility not only boosts employee satisfaction but also underscores a commitment to work-life balance.

Further fostering a cohesive work culture, Silver Lining invests in regular team-building and social activities. Each department receives a monthly budget for social outings, providing fun opportunities for team members to unwind and connect outside of the work setting. These gatherings not only help reduce work-related stress but also strengthen interpersonal relationships within the company.

Additionally, Silver Lining takes significant steps to support mental health. The company employs trained mental health first aiders, creates well-being-focused areas in the workplace, and organises all-expenses-paid trips to promote relaxation and bonding among staff. These initiatives demonstrate a deep commitment to creating a supportive environment where employees can thrive physically and mentally.

Through these efforts, Silver Lining not only positively influences its employees but also extends its impact to suppliers, customers, and the broader community. By embedding these values in the delivery of its contracts, Silver Lining sets a high standard for corporate responsibility and community integration, encouraging other organisations to adopt similar approaches for the benefit of their communities. This holistic approach significantly contributes to building strong, integrated communities centred around well-being and collective growth.

Pricing

Price
£7.50 a licence a month
Discount for educational organisations
Yes
Free trial available
Yes
Description of free trial
Demo accounts on request.

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at sales@silver-lining.com. Tell them what format you need. It will help if you say what assistive technology you use.