4th August, 2017
We are delighted to announce Mosaic have now received full PCI DSS v3.2 accreditation.
Mosaic’s Attestation of Compliance to the latest standard of the Payment Card Industry Data Security Standards (PCI DSS), version 3.2. The audit & assessment was carried out by Security Risk Management (SRM), a Qualified Security Assessor (QSA) who we utilise for ongoing audit and assessment, as well as regulatory network scans to ensure continued compliance.
This is a fantastic achievement for Mosaic, we are not aware of any other response handling and fulfilment provider in the UK who have achieved PCI DSS v3.2, and it is worth adding that organisations that haven’t achieved v3.2 are no longer considered to be PCI compliant.
The changes required to meet the standards for v3.2 are significant and include changes in encryption protocols, cryptographic infrastructure, increased multifactor authentication and tokenisation. We take our responsibility for the data that we hold on behalf of our Clients extremely seriously and achieving PCI DSS version 3.2 demonstrates our continued commitment to the highest levels of data and information security.
In recent times we’ve seen an enhanced focus on information security management and data compliance, the General Data Protection Regulation (GDPR) comes into force on 25 May 2018 and I’m very pleased to say that Mosaic is ready and, in a position to support our clients and help keep them safe. Earlier last year, Mosaic achieved ISO27001, we’re DataSeal accredited, we’ve completed all the work required to meet our GDPR obligations as well as working with our Clients to help them implement change so they can meet the same.
If you have any questions or would like to discuss any areas of information security, please do not hesitate to get in touch.
The Mosaic Team