PayPoint secures PCI compliance

Source: PayPoint,the UK's biggest independent payment service provider, today announce that PCI specialist and Qualified Security Assessor, Nettitude, has confirmed PayPoint's PCI Level One compliance status to the PCI Standards Council after the required on-site audits and security testing were finalised last month. Compliance ensures that's online payment platform continues to remain secured to global standards.

The Payment Card Industry Data Security Standards (PCI DSS) is a comprehensive set of global standards that applies to all businesses that process, store and transmit sensitive cardholder information. The mandated standards were developed to ensure a secure environment is maintained by businesses in the management of card data storage.

Dan Salmons, Managing Director, E&M Commerce, PayPoint, commented: "PCI Compliance is not for the faint-hearted these days. With the standards being updated regularly in accordance with new security measures, it is a complex, challenging and resource intensive task, even for the most experienced organisations. So it's not surprising that many of our clients have reduced their PCI scope by outsourcing card security management to

"As a partner in their PCI strategy, we can safeguard our clients from future changes to the rules, and they also benefit from our platform's additional capabilities, such as our tokenisation functionality."

Ben Densham, Head of Compliance at Nettitude, added: "For organisations to comply with this standard, they must meet a list of security criteria, including the necessary levels of encryption, network security and access to data and firewalls. I am pleased to confirm that, following a successful audit and rigorous security testing from the team at Nettitude, has demonstrated its servers and network architecture continue to meet the highest possible security standard."

As a further pledge to data security, was also one of the first suppliers to register its Third Party Agent Status on the Visa Merchant Agent list, an approved list of all merchant agents that provide services involving the storage and management of cardholder data.

Comments: (0)