Sorry, you need to enable JavaScript to visit this website.

NuPay is setting the security trend…

In today’s modern world the security around our bank cards are critical. To this end the major card schemes including Visa, MasterCard, American Express, Discover, etc. have created a list of security standard that all institutions that processes bank cards must adhere to. The lists of these standards are called “Payment Card Industry Data Security Standards (PCI-DSS).

The security standards can be broken into six areas and in total there are 12 high level standards that must be adhered to:

Control Objectives PCI DSS Requirements
Build and Maintain a Secure Network 1. Install and maintain a firewall configuration to protect cardholder data
2. Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data 3. Protect stored cardholder data
4. Encrypt transmission of cardholder data across open, public networks
Implement Strong Access Control Measures 7. Restrict access to cardholder data by business need-to-know 5. Use and regularly update anti-virus software on all systems commonly affected by malware
6. Develop and maintain secure systems and applications
Implement Strong Access Control Measures 7. Restrict access to cardholder data by business need-to-know
8. Assign a unique ID to each person with computer access
9. Restrict physical access to cardholder data
Regularly Monitor and Test Networks 10. Track and monitor all access to network resources and cardholder data
11. Regularly test security systems and processes
Maintain an Information Security Policy 12. Maintain a policy that addresses information security

On a yearly basis the institution that requires to be certified as being compliant with these set of standards must undergo an external audit from a certified Qualified Security Assessor (QSAs).  During the onsite audit the institution must provide proof that it followed its security policies and procedures throughout the year and that it is compliant at that stage. 

NuPay has just been certified to be PCI-DSS Version 3 compliant for the second year running. This compliancy requires extreme continuous effort from skilled well trained individuals and is something to be very proud of. This is proof that NuPay provides quality products and has the systems and resources to back it up. Very few institutions in South Africa have this “qualification”.