PCI DSS level 1 certification: the Holy Grail for protecting our Members' banking data
Thanks to the quality of our processes and the ongoing rigor of our teams, John Paul has just renewed its PCI DSS (Payment Card Industry Data Security Standard) certification! It's a celebratory event, and one that speaks volumes about the importance of this security standard when it comes to managing banking data. We explain.
What is the PCI DSS standard?
It's a "security standard imposed on all players handling payment data", explains Kévine Zerbib, CISO (Information Systems Security Manager) at John Paul. With the increasing digitization of our economy, the risks associated with the leakage or theft of banking data have risen considerably, requiring the implementation of a standard guaranteeing the security of users' payment data.
This common standard is a contractual obligation for a player such as John Paul. "As a leading white-label concierge service, the security of our Members' data is an absolute priority, and the PCI DSS certification requirement imposes rigor on us at all times, regardless of the region of the world in which we operate".
A team of concierges on the same wavelength
With such high standards, "the PCI security standard has a major influence on the way we structure the operational platform and the actions of our concierges", explains Kévine Zerbib. Without revealing all the secrets of the John Paul method, each concierge is aware of the rules to be respected to guarantee the highest level of security when in contact with one of our Members.
A protected and confidential operating platform where pens, paper and telephones are forbidden, no banking data sent by email, each concierge's session locked when they leave their post... the measures taken to keep in step with the criteria of the PCI DSS acronym are numerous. And beyond the high level of vigilance required of concierges, they won't hesitate to educate Members about good data-sharing practices.
PCI DSS, a company-wide security standard
As an evolving concept, security requires us to constantly question our methods to ensure the best possible quality of service for our Members. The PCI DSS certificate, in addition to its rigorous approach to the use of banking data, enables John Paul to set high standards for data security internally.
In a way, "PCI certification serves as a yardstick by which we can guarantee our customers, and all our Members, irreproachable data security", concludes Kévine Zerbib.