Preparing for its pilot operations, NayaPay (Pvt.) Ltd is now certified as PCI-DSS (Payment Card Industry Data Security Standard) compliant by Risk Associates, a leading PCI-qualified security assessor in Pakistan.

PCI DSS v3.2.1 is a widely accepted set of policies and processes intended to optimize the security of card transactions and protect cardholders against misuse of their personal information. Compliance with this international standard confirms that NayaPay has implemented stringent controls for the protection of customer data.

As an E-Money Institution, NayaPay will enable Pakistanis to open E-Money accounts and make convenient digital payments to each other and to businesses. Users will have ready access to their funds through the NayaPay app and debit card, which can be used to withdraw money from any ATM across the country and perform POS transactions with numerous retailers. The PCI-DSS certification will enable the digital payments platform to add globally accepted VISA and MasterCard debit cards to its offering in addition to PayPak cards.

CEO of Risk Associates, Dr. Aftab Rizvi stated:

Information security is currently a primary concern for customers dealing with financial transactions over various channels. The PCI DSS certification validates NayaPay’s dedication to providing a safe and secure environment for their customers' account data.

He further added,

NayaPay team has shown high proficiency and realization of their security systems which reveal a secure and robust organization. It was a pleasure working with NayaPay, and we congratulate them on achieving PCI DSS compliance certification.

Danish Lakhani, CEO NayaPay, said:

As an EMI, we are cognizant of our responsibility towards safeguarding the interests of our customers, particularly the security of sensitive data stored, processed and transmitted through our platform. We have made adherence to international best practices and State Bank guidelines an organizational imperative. The PCI-DSS compliance certification is a step in this direction -- minimizing exposure to threats such as breaches and theft of cardholder data.