Principal, Vice President
CISSP, ISSMP, CFS, CPISM/A, PCI/QSA, PCI PA-QSA
Mr. Arnold is Co-founder and Principal with PSC, in San Jose, California. He specializes in internal and external security assessments related to US and international standards. Mr. Arnold leverages his payments background to evaluate and design security controls and secure systems that accept a variety of traditional and emerging consumer payment technologies. Among his clients are trans-global payment processors; over-the-air and traditional card production/ personalization companies; global telecommunication companies; travel and hospitality companies; large multi-national retailers; oil and gas companies; big-box retailers; pharmacies; consumer financial institutions; and, global payment card brands.
Prior to PSC, he served as VP of Product Development and Chief Software Architect for the Merchant Services Division of InfoSpace, Inc. Products include Internet and IP/card-present payment gateway, loyalty earn and rewards systems, private-label hosting, Internet yellow pages, POS systems, and wireless retail interaction system.
And, prior to that, he was the Chief Technical Officer for CyberSource Corporation. While at CyberSource, he designed and deployed the full suite of Internet Commerce Services for the Company. He has an extensive background in Internet eBusiness systems and electronic commerce, having published several white papers, designed and consulted to some of the most successful electronic businesses, and provided policy guidance to the US Government policy makers.
In May 25, 1999, Mr. Arnold gave expert testimony to the US House of Representatives, Committee on Commerce, Subcommittee on Telecommunications, Trade and Consumer Protection to assist in their deliberations on the proposed SAFE Act, related to the use of encryption technology to secure and protect Internet eBusiness trading. Then, on June 10, 1999, Mr. Arnold testified before the US Senate, Committee on Banking on the security and technology impact of the proposed Export Administration Act of 1999. Since that time, he has been consulted by numerous regulatory agencies including the Department of Commerce, Department of Treasury, Department of Justice, World Trade Organization, European Union Tax Ministers, Organization for Economic Cooperation and Development, and the US Fair Trade Commission on topics of Internet commerce, digital rights management, identity theft, fraud, consumer protection and consumer privacy.
Back to Top
Principal, Vice President Business Operations
Tony Bates is the President and CFO of PSC. With global experience of the e-payment, Internet, enterprise software and ASP services industries, Tony has built multi-national organizations with a focus on strategic relationships and international sales from multiple channels. He has profound expertise in the areas of e-commerce, enterprise systems solutions, credit card payments, global payment processing, merchandizing, marketing and sales, international corporate business development, and technology companies.
Prior to PSC, Tony was the Senior Business Development Executive for WorldPay Inc., the global online payments provider of the RBS group. He was responsible for business strategy, market development and building high-performance sales teams for the multi-currency e-payments company.
As Senior Vice President of Enterprise Solutions for InfoSpace Inc.'s Merchant Business Unit, Tony lead InfoSpace into new markets. In this role he developed business plans, go-to-market strategies, and built strategic relationships to promote InfoSpace with organizations such as Visa, MasterCard and American Express, and First Data Corporation.
Previously, Tony was Senior Vice President of Sales and Marketing for QSI Payments, Inc., a global provider of e-payments infrastructure software and secure payments solutions for large financial institutions and major enterprises.
From 1997 to 2000, Tony served as Executive Vice President of International Operations for CyberSource Corporation, a developer and provider of real-time, on-demand e-commerce transaction services. His responsibilities included managing their intellectual property management business and all international business units. Tony also acted as President of CyberSource during the spin-off, and successful, initial public offering of its software reseller operation, Beyond.com.
Tony has also held senior level positions with Serena Software, Inc., a provider of software change management products and services for organizations whose business operations are dependent on managing information technology; and Specialix, Inc., a leading international manufacturer and marketer of connectivity peripherals and data communications products in over 70 countries.
Receiving an Honors Degree in Electrical and Electronic Engineering from Newcastle upon Tyne Polytechnic in the United Kingdom, Tony brings prestige and accomplishment to PSC.
Back to Top
Principal, Vice President
CISSP,PCI QSA, PCI PA-QSA, CPISM, CPISA, CTGA
As Principal and co-founder of PSC, Paul Guthrie’s vision and expertise drives the strategic development of PSC’s extensive base of code, systems, and its application in the design and implementation of identity, authentication, and payment solution.
Paul formerly served as the Chief Technology Officer for The Brodia Group. Under Paul’s supervision, the development of Brodia’s extensible identity and authentication platform was integrated with the technologies and services of a range of business partners, including wireless carriers and seven of the top ten financial institutions in America.
Prior to his work at Brodia, Paul served as Vice President of Technology Research at Visa International. He developed strategies to utilize emerging technologies within Visa’s payment systems and incorporated these technologies to develop proofs of concept. In addition, he briefed Visa’s executive management team and member banks about technology-related issues affecting emerging technologies, including smart cards, payments, key public infrastructures, and electronic cash and checks. He also was the technical lead for Visa’s successful venture capital organization.
As Director of Networks and Systems for Visa Interactive, Visa International’s home banking subsidiary, Paul oversaw operations related to the company’s transaction processing systems and bank extranets. Paul designed financial voice and data networks deployed on an international basis. Prior to his work at Visa, Paul was an early employee at US Order, a pioneer in home banking and online catalog and grocery shopping, which was later, sold to Visa International.
Paul has consulted for several prominent telecommunications organizations, including AT&T Bell Laboratories and Rockwell International, where he worked on high speed switching, ISDN, voice response and fax servers, and other areas of telephony. Paul has spoken at numerous industry and related events including CardTech/SecureTech and Jupiter Financial Services forums in the topics of security, telecommunications and payments.
Back to Top
Richard Thompson graduated summa cum laude and Phi Beta Kappa from Harvard College in 1977. From there he entered Stanford Law, receiving his J.D. in 1980 and accepting induction into the Order of the Coif.
Starting at the firm of Rosenfeld, Meyer & Susman, Richard practiced transactional entertainment law, litigation and real estate law from 1980 to 1983. In 1983 Richard became an associate, and later a partner, at the firm of Silverberg, Rosen, Leon & Behr practicing transactional entertainment law. Upon dissolution of the firm at the end of 1988, he became a founding partner of Silverberg, Katz, Thompson & Braun where he stayed until March of 1995. From 1995 through May 2000, Richard was a partner in the firm of Bloom, Hergott, Diemer & Cook, one of the leading motion picture entertainment law firms in Los Angeles.
Beginning in 1989, Richard began to focus a significant part of his law practice in software and new media, initially representing developers and publishers of multimedia CD-ROM products as well as designers, writers, programmers, producers and other individual talent. As the Internet became a significant commercial medium, Richard’s software focus shifted to clients involved with Internet businesses, including The Brodia Group.
Richard became the first Senior Vice President of Corporate Development and General Counsel at The Brodia Group, which developed and licensed a consumer payments platform that facilitated secure online payment for the customers of major credit card companies, in May of 2000. He was subsequently promoted to Chief Operating Officer of The Brodia Group where he continued his work through December of 2001. While at Brodia, Richard became deeply involved in legal aspects of the payment business. Furthermore, he expertly negotiated strategic partnerships with a number of leading companies in the payment business, including majority of the top ten United States credit card issuers and MasterCard.
Richard has returned to practicing private law as counsel to the firm of Bloom, Hergott & Diemer. He continues to pursue entrepreneurial projects, such as his involvement with Payment Software Company. As past president of the Los Angeles Copyright Society, Richard has spoken extensively regarding internet and software-related legal issues at, among other places, USC, UCLA, the Practicing Law Institute and the Los Angeles Copyright Society.
Back to Top
Principal, Vice President
CISSP, ISSMP, QSA, PA-QSA, CPISM, CPISA
Nigel Tranter is a Principal of PSC. He brings years of security and procedure experience to PSC, and has extensive knowledge of developing and auditing web-site application security systems and assessment processes. He has deployed enterprise level computing infrastructures for both software development and web applications and developed and implemented corporate policies and procedures for a number of certification standards. Nigel’s experience enhances the ability of PSC to work with large-scale companies on a variety of different platforms.
Prior to PSC, Nigel was Chief Security Officer for Finaplex Inc. (now Broadridge Financial Solutions Inc.), a leading provider of wealth management enterprise software for banks and financial institutions. As CSO, Nigel was responsible for the overall security at Finaplex, taking the company through two certification processes (SysTrust in 2001 & Trust Services in 2004), and leading the deployment and management of the company’s ASP product offering for two leading customers.
Nigel has consulted for PricewaterhouseCoopers LLP on developing their web application assessment methodology and security procedures. As Vice President of Customer Support Services Nigel built the US support team at Sanctum Inc. and developed training programs. He also implemented tools and assessment methodology in support of the company’s web application security products.
As the Director of the Global Rights Registry (GRR) for CyberSource Nigel achieved ISO 9000 in four months. The GRR handled secure web digital downloads for software publishers such as Symantec, Qualcomm and McAfee.
Nigel holds a degree in Economics from London University. He is currently a member of the Bay Area InfraGard Chapter and a regular speaker at their meetings. Nigel has also contributed to the Open Web Application Security Project (OWASP).
Back to Top
Director of Technical Services
CISSP, GCIH, PCI: QSA, PA-QSA, PFI, QAE
Joseph Pierini, Director of Technical Services at PSC, is responsible for the development and execution of the penetration testing programs supporting PCI and other privacy laws and regulations. Years of security and compliance experience make Joseph an expert at understanding issues clients face in achieving and maintaining compliance. Having served as the Primary Point of Contact for the PCI Security Standards Council’s Approved Scanning Vendor for the last 7 years, Joseph has developed extensive knowledge in the area of weaknesses and vulnerabilities threatening client's network infrastructure and applications. When not leading his team, Joseph presents at security conferences promoting best practices in penetration testing for merchants, service providers and card processors seeking to meet and maintain compliance. Joseph is also an active penetration tester performing internal, external, wireless and social engineering engagements for clients. His field skills range from internal and external vulnerability analysis, web application testing and exploitation to mobile application analysis, antivirus evasion and post-exploitation.
Prior to joining PSC, Joseph held various high-level positions at McAfee (previously ScanAlert), the world’s largest, dedicated security technology company. As Director of Enterprise Services, Joseph was responsible for a team of security analysts assisting in the pre-sales cycle and post-sale customer support. He also functioned as the Primary Point of Contact for both the PCI Security Standards Council and Domestic and International Resellers.
Previously, as the Manager of Security Engineering and Compliance at MarketLive, a high-volume eCommerce website developer and hosting company in San Francisco, Joseph was responsible for the development of the security organization, the creation of the ISO 17799 program, the oversight of the security awareness program and the compliance of clients with the Payment Card Industry Data Security Standard.
Over the course of his career, Joseph has performed penetration tests and application assessments for over half of the Internet Retailer Top 500, Fortune 1000 and many of America’s top defense contractors. He is also a published vulnerability researcher, having discovered vulnerabilities in applications ranging from Apache Tomcat, Caucho's Resin Application Server, Search Engines, Web Application Firewalls and various Ecommerce Shopping Carts.Back to Top