DANA logo. (is)

Hitekno.com – Information security is paramount, especially in this digital age, personal data is very important. Therefore, DANA strives to strengthen the standards for security systems.

DANA continues to strengthen its excellence as a digital wallet, strongly committed to standards of security systems in accordance with strict guidelines and international standards.

A high standard security system not only provides optimal protection for every transaction and user data activity, but also increases trust in DANA and protects users from criminal offenses.

In connection with DANA’s strong commitment to building such a trustworthy security system, DANA recently received PCI-DSS (Payment Card Industry Data Security Standard) certification, the assessment of which was carried out on October 16, 2020.

With this certification, DANA is establishing itself as a digital wallet that makes card-based transactions safer and more trustworthy for all users and partners.

PCI-DSS is an information security standard for companies that manage card-issuing banks and branded card networks (VISA, MasterCard, Discover, American Express, JCB) of the most important card systems.

This security system is administered by the Payment Card Industry Security Standard Council to improve control over cardholder data and reduce credit card fraud. Currently, DANA is a Level 1 service provider that processes, stores and transfers more than 6 million VISA / Mastercard / Discover cardholder data each year.

“Since the beginning of operations, security has been and remains the top priority for DANA. Therefore, DANA has managed the qualifications and requirements for the PCI-DSS standard since 2018 and updates it regularly. This certification is important to ensure the confidence of our users and partners in security to strengthen the DANA application in addition to protecting users from criminal acts such as data theft due to fraud, “said Vince Iswara, CEO and co-founder of DANA.

DANA must meet the 12 requirements to renew the last PCI-DSS certification after PCI-DSS version 3.2.1 uses a certified QSA (Qualified Security Assessor) company.

These requirements include efforts to establish and maintain secure networks and systems, protect cardholder data, maintain vulnerability management programs, implement reliable access control measures, monitor and audit networks regularly, and comply with information security guidelines.

PCI-DSS certification offers several benefits, one of which is to reduce the risk of security breaches. Based on the study, PCI compliant organizations are up to 50% more likely to successfully breach cardholder data.

Another benefit is that it provides customers with security and convenience as the PCI-DSS requirements can minimize cardholder data retention, making users feel secure in releasing sensitive data to trusted companies like DANA.

Having a PCI DSS certification will also increase customer loyalty. According to Quirk’s 2014 Marketing Research Review, 69% of customers are less interested in getting involved in a company that is committing a crime.

On the corporate side, PCI-DSS certification increases profits, avoids expensive fines due to custody, and maintains and strengthens the business.

“This PCI-DSS certification also strengthens DANA’s three pillars, Trusted, Friendly and Accessible. We believe that DANA users have a strong commitment to protecting their cardholder data by following certain standards and requirements,” added Vince . .

The PCI-DSS certification is checked independently by a certified auditor of the PCI Security Standards Board. DANA must also ensure that the quarterly and annual validations meet the 12 requirements of the PCI DSS standard.

“In line with DANA’s commitment to prioritizing the protection of customer data and a simple, secure and comfortable transaction experience as a primary focus, DANA will strive to follow international standards that can trigger continuous improvement in our products and services. This includes our obligation to adhere to standards and baselines. “Management systems for information security and other certification requirements according to ISO 27001”, emphasized Vince.