NovaPay confirmed compliance with international payment security standards

NovaPay has been certified again according to the international payment card data security standard PCI DSS. This year, the company was audited according to the updated standard — PCI DSS 4.0, which contains more requirements for payment institutions and considers changes in technology, cyber threats, and security practices.

“PCI DSS standards have been in place worldwide since the 90s, and in Ukraine banks and financial institutions have been certified according to them since the 2000s. If a company operates with card data, it must comply with the PCI DSS standard. This means it makes payments safe for customers, — says Hryhorii Lisnychyi, CIO of NovaPay. — Since 2020, we have been certified annually, and this year, we have accomplished several projects to change the architecture and implement new information security systems. The challenge was that we did all this with a constant load of about 3 million daily transactions without stopping the service and risking our customers”.

Compliance Control, a company certified by the international payment systems Visa and MasterCard, carried out the audit.

NovaPay is an international financial service that is part of the NOVA group of companies (Nova poshta) and has been providing online and offline payment services in more than 3,600 Nova poshta outlets for 12 years. NovaPay was the first non-bank financial institution in Ukraine to receive an extended NBU license, which allowed it to open accounts and issue cards.