In the mobile payments arena, security truly is job #1, as the consequences of even a minor compromising of cardholder data or other sensitive information can be catastrophic to any firm or entity in the entire payments chain. For this reason, Cellum likes to stay not only current with all relevant industry best practices, but at least one step ahead.
Case in point is the latest version of the Payment Card Industry Data Security Standard (PCI DSS 3.0), the requirements codified by the PCI Security Standards Council, a forum founded a decade ago by the five leading global payment brands (Visa, MasterCard, American Express, JCB International and Discover Financial Services). This week Cellum revealed that it is one of a handful of mobile payments firms worldwide to have already adopted the new and more stringent standard.
Unlike most organizations subject to the standard, which are expected to implement it closer to the December 31st deadline, Cellum jumped on the chance to become the first in the Central and Eastern European region – and among the first globally – to do so. And it made the transition less than three months after reporting guidelines for the new version were made available.
“We were confident that we would successfully pass the PCI DSS 3.0 certification process because our own internal security requirements are even stricter,” said Balázs Inotay, Cellum’s founder and chief visionary.
As its designation suggests, PCI DSS 3.0 is the third main update to the council’s standards, which aim to enhance the security of cardholder data while at the same time broadening the adoption of universal data security standards for all entities that process, transmit or store cardholder data.
PCI DSS 3.0 focuses more strongly on the most pressing risk areas in the extremely dynamic threat environment in which firms like Cellum operate, while also providing enhanced flexibility for those adopting or building to the standard, especially in regards to the adoption of new technologies.
According to Inotay, Cellum’s early adoption of PCI DSS 3.0 is not only a reflection of the firm’s commitment to its customers and partners in the area of security, but of its sense that the industry as a whole must better work together to build trust.
“The new standards offer another boost to cardholder security, which we believe is the key to growth in our industry, where the only acceptable rate for fraud or customer data loss is zero” he added.