Monavate becomes one of first organisations in Europe to successfully certify against PCI DSS v4.0

Monavate, the cloud-based payment solutions provider, is making it quicker, simpler and more convenient to launch secure payment solutions. The Cambridge-based fintech has become one of the first organisations in Europe to certify against the latest version of the PCI Data Security Standard (PCI DSS v4.0).

PCI DSS is a global standard that provides a baseline of technical and operational requirements designed to protect sensitive payment card data. Published in March 2022, PCI DSS v4.0 replaces v3.2.1 and addresses emerging security threats and technologies. Version 3.2.1 remains in force until the end of March 2024 and so technically not all organisation will be compliant against version 4.0 until March 2025.

Mat Peck, Chief Technology Officer of Monavate said: “Certifying against the new Standard nearly 18 months ahead of time helps decrease the scope and burden of PCI on our customers. For example, because we manage card account numbers and CVVs on behalf of our customers, we can tokenise sensitive data even during real-time processes, such as 3D-Secure authentication or real-time card funding. This not only reduces their PCI DSS scope for greater peace of mind, but also contributes towards speedy, seamless product launches.”

“We’ve had the luxury of building our systems from scratch with modern thinking, architecture and processes. So, we’ve been able to bake in security from the start. There’s also no need for us to retrofit an old system, way of thinking or working to comply with new standards. Or manage a process of backward compatibility.”

“Our systems and our one-stop card issuing platform come with the software, hardware and ‘headware’ to go forward unencumbered by unhelpful legacy. These benefits accrue to our customers through our ‘as-a-service’ model.”