Blog hero image 1440 x 450

Upholding payment security

Brokers / 17th January

Premium Credit is pleased to announce recertification of its Payment Card Industry Data Security Standard (PCI DSS). PCI DSS is an evolving information security standard created by the Payment Card Industry Security Standards Council (PCI SSC) providing a unified approach to how payment card data should be protected during its lifecycle.

Maintaining payment security is of paramount importance to us as we store, process and transmit cardholder data. Implementation of the PCI Data Security Standards helps safeguard this personal information and meet the highest operational and technical requirements needed to accept and process payment transactions.

Through this ongoing accreditation, Premium Credit has formerly been recognised as a company demonstrating that payment card data is handled securely on behalf of our partners and their customers. To gain ongoing PCI DSS recertification, Premium Credit is assessed annually by a Qualified Security Assessor.

Alongside PCI DSS we are compliant with Cyber Essentials Plus, a government backed scheme to demonstrate an organisation’s protection against common cyber-attacks as well as ISO27001, the international standard relating to successfully managing information security.

Graeme Penwarden, Premium Credit’s Chief Security Information Officer said: “We understand the criticality of the card payment journey and the validation of its controls. The PCI Certification provides the independent assessment needed to assure our customers and partners that all transactions we undertake on their behalf are safe and secure.

Our security team is continually assessing and addressing threats and vulnerabilities that could potentially impact the organisation.”

Security standard accreditations form part of Premium Credit’s market leading Cyber Programme. Following considerable investment the initiative is designed to robustly protect Premium Credit’s smooth operation and delivery of premium finance to some 3000 intermediary partners.

Data security