All companies that store, process or transmit cardholder data, must maintain a secure, PCI DSS compliant environment and follow the standards maintained by the PCI Security Standards Council. Enfuce Financial Services is no exception in this. These Standards were created by four major card brands including Amex, Discover, MasterCard and Visa to protect businesses and consumers from fraud.
PCI security standard provides not only technical, but also operational requirements to ensure that companies of all sizes and their cardholders Data Environments are secure to accept card payments from all major credit card brands.
Enfuce Financial Services has completed the annual PCI DSS assessment using an approved Qualified Security Assessor and we are certified as compliant under PCI DSS version 3.2 Audit. The results are available in an AoC - Attestation of Compliance. An External Assessor has reviewed our Cardholder Data Environment, Policies and Procedures covering all in-scope services to ensure that Enfuce will handle the Cardholder Data according to PCI standards. For us, that means that we are committed to maintain and develop a secure infrastructure to provide secure Cardholder Data ensuring that all requirements are met without exceptions.
The GDPR - General Data Protection Regulation replaces the Data Protection Directive 95/46/EC. It will combine the scattered laws around Europe into one single data protection law which applies to all companies regardless of their location processing, or controlling the personal data of EU data-subjects
We see GDPR as a big leap forward in the field of data privacy protection and we are proud to say that our environment complies with oncoming regulation. For us, building a GDPR compliant environment has been our main goal from the beginning, this has been achieved by following the PCI DSS framework and oncoming regulation which shares the same principles and controls to protect the cardholder data.
As a major outsourcing partner for technology and payment processing for our customers Enfuce Financial Services need to comply with requirements for local Financial Supervisory Authorities (FSA). We are the first financial service provider in the world, to be FSA approved while running our platform in a public cloud, allowing our customers to be fast to market, still meeting the applicable compliance standards of the industry.