Ingenico Group, the global leader in seamless payment, today announced that its Axis payment gateway has successfully obtained ISO/IEC 27001:2013 certification, the most stringent global security standard for Information Security Management Systems. Ingenico is among the first PSPs to receive this accreditation, which is part of Ingenico’s continuous improvement process that takes into account business processes, international best practices, and regulatory requirements.
The company further announced that the control framework for the Axis payment gateway is now certified as Payment Card Industry Data Security Standard (PCI-DSS) Version 3.2, ahead of the February 2018 date set by the PCI Security Standards Council. This certification includes multi-factor authentication of every single system that has administrative access to the platform. Having already attained ISO 27001 certification – which is applicable to any type of organization - helped Ingenico integrate the new PCI DSS 3.2 requirements, which are very specific to the payment industry.
Cybercrime becomes ever more sophisticated, which means data protection is inevitably an ongoing process rather than a one-time event. The new certifications provide independent validation that Ingenico has all of the required policies and technical measures in place to meet the highest standards for protection of personal information against unauthorized access, accidental loss, improper use, and disclosure. Furthermore, the certifications confirm Ingenico’s commitment to be a part of a united, global response to fighting payment data compromise. To that end, Ingenico is also a member of the PCI Security Standards Council as a participating organization and member of the board of advisors. In this capacity, the company works with the Council to continuously evolve the PCI Data Security Standards (DSS) and other payment card data protection tools.
Security is at the heart of our organization. Because we collect payments on behalf of our customers, their trust and the protection of their customers’ personal data is essential to us. With these certifications, we accelerate our commitment to fulfil the highest and most stringent security standards available in our industry.