Case Study: allPay secures its third-party payment platform and reduces vulnerabilities with Checkmarx CxSAST

allPay Implements Source Code Analysis to Secure Third-Party Payment Platform

allPay is a Taiwan-based fintech founded in 2011 that operates a third-party payment platform and must meet ISO27001 and annual PCI DSS requirements. As the company rapidly expanded, its development environment became complex (ASP.NET, PHP, Node.js, iOS, Android), creating a business need for a systematic, automated source-code review solution to eliminate vulnerabilities and raise developers’ secure-coding awareness.

allPay evaluated several tools and adopted Checkmarx CxSAST for its non‑rebuild scanning, multi‑language support and clear remediation reports, implementing it incrementally (starting with payment and membership apps) and integrating with Jenkins as part of a Secure SDLC. The rollout reduced software vulnerabilities, accelerated remediation and releases, strengthened PCI DSS compliance, and improved developer security awareness and overall application security posture.

allpay

Vincent Liang

VP of Information Technology