PCI - DSS
Payment Card Industry Data Security Standards are basic requirements for any kind of business that stores, process, transmits...Back Office
Our partners have access to our robust online management system that provides a clear overview of merchant settlements, batches, transactions...Merchant Application
We reply to applications sent from partners within 24 hours and grant acceptance within 48 hours provided that the applicant meets our requirements...
January 13, 2012
Valitor has achieved validation of compliance against the PCI DSS
Card information security is an issue that has been much discussed recently. All over the world, such information has increasingly been under attack from criminals, and card fraud has become one of the most common crimes in global financial systems. Valitor has now, first among Icelandic financial and payment card companies, received comprehensive PCI DSS (Payment Card Industry Data Security Standard) security certification specifically intended to combat such developments. Today, international payment card companies require all companies that handle, store, send or accept payment card information to operate in accordance with the requirements of this standard.
The adoption of the PCI DSS security standard at Valitor applies to all the company’s activities, acquiring services as well as card issue. Valitor already has ISO 27001 certification for its operations and services to retailers, banks, savings banks and card holders. Together, these two security standards form a sound foundation on which to build the company’s security affairs for the future.
Viðar Þorkelsson, CEO of Valitor: “This new certification is an important instrument, as regards both implementing our policies in security issues as well as meeting the requirements of the international community. The application of the validation is actually quite extensive, as requirements on the status of security affairs in companies in general have become extremely important in their communications and ability to continue as a going concern. The PCI DSS validation of compliance does not, of course, mark the end of our efforts in this field. We will, as before, continue to be vigilant and fully participate in the further development of global security issues”.
Valitor information security policies are based on laws and regulations on personal privacy, the EU’s directives on personal privacy and relevant security standards ISO 27001 and PCI DSS. At the same time, the policies fully accord with the rules of the Data Protection Authority as regards the security of personal information and the guidelines issued by the Icelandic Financial Supervisory Authority (FME) on the operation of the IT systems of parties subject to supervision.Back
