MobileData, a global technology solutions provider focused on payment facilitation and prepaid electronic value distribution, has acquired PCI DSS v3.0 certification and strengthened its enterprise service platform TradeSwitch with payment feature.
PCI DSS or Payment Card Industry Data Security Standard compliance is vital for all merchants that accept credit cards, online or offline. A certified PCI DSS system, like TradeSwitch, is able to guarantee the security of a customer’s payment card data.
PCI DSS is mandatory and focuses on Card Holder Data and the processes and controls that govern the CHD area. All 12 requirements must be met and audited by a Qualified Security Assessor (QSA).
ISO27000 on the other hand is voluntary, covers the whole company, and the degree of compliance is standards voluntary.
PCI DSS 3.0 helps organizations focus on data security, not compliancy, by making payment security business-as-usual and increase awareness and education across organizations.
“By becoming PCI DSS certified, TradeSwitch® is even more secure and customers know they can trust the system with sensitive payment card information,” says André Louw, CEO of MobileData.
In January 2015 MobileData became one of the first companies in Africa – and only a small elite group globally, to secure status as a Level 1 certified Service Provider of the version 3.0 PCI DSS.
“The standard gives reassurance to our customers that we strive to stay competitive in terms of security and compliance. The standard or framework so to speak, gives MobileData the ability to monitor the effectiveness of their security controls and maintain their PCI-DSS compliant environment,” adds Louw.
MobileData sees security as a shared responsibility when it comes to third party integrations or hosting facilities.
“As industry leaders, we need to work together to manage risks and keep information secure. PCI DSS provides an assurance that written agreements are in place between vendors or service providers to indicate explicitly the segregation of duty or responsibility in question.
PCI DSS is in its 3rd life cycle already, updated and reviewed every three years, and formed late 2004 makes for a mature framework that outlines what works and what doesn’t,” Louw continues.