3G Direct Pay Ltd, an Irish online payments service provider that has a regional office in Nairobi, has been certified compliant with a global standard for payment card security.
The firm has attained the Payment Card Industry Data Security Standard (PCI DSS) level 1 certification, becoming the first in East Africa to achieve the feat.
The PCI DSS standard provides a framework for developing a robust account data security process encompassing prevention, detection and reacting to security incidents.
The standard was developed by the major card brands as a baseline of minimum controls to enhance payment cards security. It is intended to help companies to proactively protect customer information as data compromise becomes more sophisticated.
"Complying with PCI DSS standard is mandatory for all entities storing, processing or transmitting credit card transactions," said Eran Feinstein, 3G Direct Pay's managing director.
Rising instances of cyber crime have discouraged payment card holders from using them frequently, particularly for high-value transactions. Experts pointed to increased cases of hacking and skimming as a key cause for the trend.
"Recent security breaches, especially those involving credit card data, have made companies averse to doing business and sharing data with non-compliant entities," Feinstein said.
The trend has become more overt for prepaid cards, a convenient payment mode for online transactions, travel and accommodation, in the five months to February despite cards issued increasing in number. The number of transactions declined steadily over the period, matching a similar trend on the value.
The number of prepaid cards issued has increased steadily to 128,872 in February from a mere 17,000 in mid-July 2009, according to Central Bank data.
The number of prepaid card transactions slowed month-on-month over five months to 4,701 in February from 5,196 in October. A similar inflection is seen in the value of transactions which decreased steadily to Sh44.1 million in February from Sh57.8 million.
The third version of the PCI DSS standard is to be rolled out at the end of this year.