International payment service provider and direct card acquirer ECOMMPAY has once again demonstrated its commitment to upholding the Payment Card Industry Data Security Standards (PCI DSS), successfully passing a compliance audit by Qualified Security Assessor Company Kyte Consultants Ltd.
Having recently undergone an annual audit on compliance to the security standards outlined by the Payment Card Industry Security Standards Council, comprised of leading payment card systems, ECOMMPAY received its PCI DSS version 3.2 certification as a Level 1 Service Provider on February 20, 2018.
PCI DSS certification for service providers is divided into two levels, both of which permit the processing of set transaction volumes and are therefore assessed to different requirements. ECOMMPAY’s certification is the highest available. Compliance with PCI DSS Level 1 requirements must be verified by an independent Qualified Security Assessor Company.
The audit requires a thorough analysis of the company’s policies, procedures, and technical systems that process, transmit, or store credit card data, as well as vulnerability scans of the aforementioned systems. Renewing its PCI DSS certification affirms the security of ECOMMPAY’s infrastructure, including both internal and external processes.
PCI DSS acts as insurance against potential data breaches. Companies which are not PCI DSS compliant can incur fines issued by payment card organisations for the loss of customer data and may be liable for the financial losses incurred against these cards, as well as any associated costs.
ECOMMPAY has successfully demonstrated its adherence to the “tight controls surrounding the storage, transmission, and processing of cardholder data that businesses handle” to receive PCI DSS version 3.2 certification as a Level 1 Service Provider.