)
Certifications
In cashless payment transactions, large amounts of sensitive data are processed every day. Therefore, the highest security standards are extremely important.
We operate all the systems we use to provide our services in two regionally separate data centres in Germany. They meet the high security requirements at all times with regard to availability, confidentiality and integrity protection of the data as well as for maintaining these standards, which are necessary in the credit business environment. This is regularly verified through a variety of audits and certification.
PCI DSS certification for credit card transactions
Every market participant who wants to store, transmit or process credit card transactions must meet the high requirements of PCI DSS. The abbreviation stands for Payment Card Industry Data Security Standard. The primary goal is to protect credit card data from loss and misuse. For this purpose, the specifications are constantly being developed further by the international PCI Security Standards Council.
First time we were subjected to this certification in 2004 with our e-payment system "Pagateq Payment Solution". In 2020, the certification of our authorisation and clearing platform was added.
PCI DSS audits of our platforms are carried out annually.
PCI PIN auditing and certification
Anyone who processes or accepts so-called PINs (Personal Identification Numbers) must meet the security requirements of the PCI PIN standards and prove this every two years by means of a corresponding audit.
The requirements include both security and procedural specifications for the administration, processing and transmission of PINs in online and offline transactions. In addition, the key management used to protect PINs must also meet the high requirements of the PCI PIN standards.
As the development of technology continues to advance, the security mechanisms used must also be constantly developed and their compliance regularly checked.
In our function as a platform operator for ATMs and payment terminals, we are also obliged to have compliance with the PCI PIN standards regularly assessed by an independent auditor. The certification is then valid for two years.
We last successfully completed the audit in 2023.
3D Secure: Certification for Visa, Mastercard and Amex
When the second Payment Services Directive (EU) 2015/2366 (PSD2 for short) comes into force in autumn 2019, it will be necessary to further develop the old 3DS standard for credit card schemes, as it is mandatory to approve electronic payments by means of "strong customer authentication".
Anyone who wants to process credit card payments in e-commerce in the future must implement the current 3D Secure Standard and be certified accordingly. This requires a series of audits that focus on both the security and the functionality of the systems involved.
Since the successful PCI 3DS certification of our e-payment platform "Pagateq Payment Solution" in autumn 2021, we are able to process payments using Visa Secure, Mastercard® Identity Check™ and Amex SafeKey. This certification is also reviewed annually by independent auditors.
)
)
)
