Back to all articles

MakeCommerce achieves the highest global card payment standard

13.08.2024

MakeCommerce has achieved the highest-level global card payment certification, PCI DSS Level 1, version 4. This makes us the first payment service provider focused on the Baltic market to meet the newest version of the standard.

By obtaining the highest-level certification in the Payment Card Industry Data Security Standard (PCI DSS), we have solidified our position as the leading e-commerce payment solution provider in the Baltics. This demonstrates that MakeCommerce adheres to the strictest security protocols, requirements, and processes, ensuring the highest level of security for card payments and cardholder data.

High security as top priority

“Achieving this certification shows our commitment to the highest security standards and service quality,” says Ivars Erdmanis, CEO of MakeCommerce.

“Mainly due to innovative payment methods, such as Apple Pay, card payments are becoming increasingly popular in our region,” explains Erdmanis. “Therefore, this certification is a crucial milestone in improving the security of e-commerce in our region and boosting consumer confidence.”

Compliance with PCI DSS Level 1, version 4, ensures that our merchants can offer their customers convenient payment methods with the highest level of security. With MakeCommerce’s dedication to following strict security protocols, customers’ transactions are protected and aligned with global best practices.

What is evaluated in PCI DSS?

The PCI DSS certification process involves a thorough evaluation of various security measures and practices to ensure the protection of cardholder data. Key focus areas include:

  1. Build and Maintain a Secure Network and Systems. Installing and maintaining network security controls and applying secure configurations to all system components.
  2. Account Data Protection. Protecting stored account data and protecting cardholder data with strong cryptography during transmission over open, public networks.
  3. Maintaining a Vulnerability Management Program. Protecting all systems and networks from malicious software and developing and maintaining secure systems and software
  4. Implement Strong Access Control Measures. Restricting access to system components and cardholder data by business need to know. Identifying users and authenticate access to system components. And restricting physical access to cardholder data.
  5. Regularly Monitor and Test Networks. Log and monitor all access to system components and cardholder data. Testing security of systems and networks regularly.
  6. Maintain an Information Security Policy. Supporting information security with organizational policies and programs”