Cybersecurity is a major concern for companies. Now more than ever since everything is going digital and there have been more and more instances of hacking; it has alerted everyone. Amidst all these security concerns, there is some encouraging news. Fonepay has become the first Nepali Payment System Operator(PSO) to succeed in meeting the payment card industry security standards. The company has obtained 3.2.1 certification of Data Security Standards Payment Card Industry Data Security Standards, PCI-DSS.
Fonepay is Nepal’s largest Payment System Operator(PSO). The company has gained quite a reputation in the market over the last few years. There are currently 52 banks and financial institutions and 140,000 merchants in the network of FonePay licensed by Nepal Rastra Bank. The company, which has been providing services to 1.1 million mobile banking users, is currently conducting more than one lakh transactions daily.
The PCI-DSS Security Certificate and What Does it Mean?
With the receipt of PCI-DSS, all transactions made on FonePay’s network have been verified to be secure to the worldwide standard. The certificate is issued by the Payment Card Industry Security Standards Council (PCI-SSC). For this, the company has to fulfill the criteria set by PCI. This includes activities ranging from data storage, processing, and data security to payment fraud. Technology service providers need to undergo a detailed audit to ensure that their technology, networks, and internal processes are secure in accordance with PCI standards in order to obtain PCI DSS certification. FonePay has received PCI DSS certification after being found to be completely safe in the QSA SISA audit.
Diwas Sapkota, Chief Technical Officer of FonePay, expressed happiness over the success of Nepal in becoming a non-card payment service provider with such certification. “PCI has also helped to invest more in its infrastructure by preparing its own questionnaire (SAQ) for DSS,” he said.
Dharsan Shantamurthy, Founder and CEO of SISA Global, congratulates FonePay for being the first payment service provider in Nepal to acquire PCI DSS.”FonePay has now laid the groundwork for more data protection and risk mitigation,” he said. With PCI DSS certification, FonePay has ensured high security in all necessary technologies to secure its customers ‘payments.’
This is a much-needed encouragement for the digital security system in Nepal. Furthermore, the government had also recently announced plans to strengthen the cyber-security of Nepal in the recent budget announcement. The government aims on establishing a separate cyber-security center and forensic lab for this purpose. So, it is also good to see the private sector making substantial efforts to improve their cyber-security as well.