21 June 2014

Kenya: Online Payments Company Certified Compliant in Global Security Standard

3G Direct Pay Ltd, an Irish online payments service provider that has a regional office in Nairobi, has been certified compliant with a global standard for payment card security.

The firm has attained the Payment Card Industry Data Security Standard (PCI DSS) level 1 certification, becoming the first in East Africa to achieve the feat.

The PCI DSS standard provides a framework for developing a robust account data security process encompassing prevention, detection and reacting to security incidents.

The standard was developed by the major card brands as a baseline of minimum controls to enhance payment cards security. It is intended to help companies to proactively protect customer information as data compromise becomes more sophisticated.

"Complying with PCI DSS standard is mandatory for all entities storing, processing or transmitting credit card transactions," said Eran Feinstein, 3G Direct Pay's managing director.

Rising instances of cyber crime have discouraged payment card holders from using them frequently, particularly for high-value transactions. Experts pointed to increased cases of hacking and skimming as a key cause for the trend.

"Recent security breaches, especially those involving credit card data, have made companies averse to doing business and sharing data with non-compliant entities," Feinstein said.

The trend has become more overt for prepaid cards, a convenient payment mode for online transactions, travel and accommodation, in the five months to February despite cards issued increasing in number. The number of transactions declined steadily over the period, matching a similar trend on the value.

The number of prepaid cards issued has increased steadily to 128,872 in February from a mere 17,000 in mid-July 2009, according to Central Bank data.

The number of prepaid card transactions slowed month-on-month over five months to 4,701 in February from 5,196 in October. A similar inflection is seen in the value of transactions which decreased steadily to Sh44.1 million in February from Sh57.8 million.

The third version of the PCI DSS standard is to be rolled out at the end of this year.

Copyright © 2014 The Star. All rights reserved. Distributed by AllAfrica Global Media (allAfrica.com). To contact the copyright holder directly for corrections — or for permission to republish or make other authorized use of this material, click here.

AllAfrica publishes around 2,000 reports a day from more than 130 news organizations and over 200 other institutions and individuals, representing a diversity of positions on every topic. We publish news and views ranging from vigorous opponents of governments to government publications and spokespersons. Publishers named above each report are responsible for their own content, which AllAfrica does not have the legal right to edit or correct.

Articles and commentaries that identify allAfrica.com as the publisher are produced or commissioned by AllAfrica. To address comments or complaints, please Contact us.