Download PDF version of this pageACCREDITATIONS
SECPay works hard to meet and exceed industry security standards. We are vetted yearly by the credit card schemes and meet PCI (Payment Card Industry) Data Security Standards.
PCI Compliance
The Payment Card Industry has a recognised standard set of requirements governing the safekeeping of cardholder information throughout the transaction process. The PCI standard is applicable to all entities that store, process or transmit cardholder data.
SECPay utilises a Visa Qualified Security Assessor (QSA) to perform yearly assessments to ensure we maintain high security standards as required by the Payment Card Industry.
Compliance involves:
-
Completion of a Self Assessment Questionnaire - Completed by technical/security personnel covering a wide range of areas, such as physical security, access control, application and system development.
-
Scanning services / Remote Vulnerability Assessments - Using a non-intrusive scanning methodology which places minimal load and impact to the target network, meaning that checks can be made to ensure the integrity of SECPay’s systems without affecting transaction processing for merchants.
-
Onsite assessments - Independent assessors regularly visit SECPay’s operational sites and data centres to validate the assessment information collected and observe operating procedures and structures. Assessment includes an internal vulnerability assessment, review of in-house procedures, observation of physical security and controls as well as interview management.
News from SECPay
September 2006 - SECPay, the UK’s leading independent internet payment service provider, tod...
July 2006 - Philip Whittaker, SECPay's Chief Information Security Officer, has earned the de...
9 May 2006 - Leading independent internet payment service, SECPay, today announces the launc...
