Case Study: E-xact Transactions achieves PCI DSS compliance and cross-region zero-trust microservices security with Aporeto

E-xact Transactions - Customer Case Study

E-xact Transactions, a payment solutions provider building cloud-native microservices and containerized apps, was commissioned by a major bank to deliver a multitenant credit-card reader system that had to be scalable, hybrid (cloud + legacy) and PCI DSS compliant across us-west, us-central and us-east. The project exposed gaps in Kubernetes security and operations: NetworkPolicy couldn’t enforce cross-cluster controls, non‑Kubernetes components lacked uniform protection, pod-level visibility and real-time control were missing, traffic needed end‑to‑end encryption and comprehensive logging, and PCI certification had to be achieved quickly.

Aporeto implemented a zero‑trust, identity‑based security fabric—providing out‑of‑the‑box service identity, PKI, micro‑segmentation, transparent encryption, telemetry/logging and CI/CD integration—so security was decoupled from the network and uniformly applied across cloud and legacy components. The result: E-xact Transactions achieved PCI DSS certification on schedule, rolled the solution out to over 200 merchants supporting 2,000–4,000 readers, automated security in the CI/CD pipeline, improved visibility and control, and reduced compliance scope and operational overhead.

E-xact Transactions

Derek Ferguson

Vice President Operations