Following the corona pandemic, internet commerce is increasing and thus also payments handled online. High demands are placed on the online payment operators to guarantee secure payments. For the tenth consecutive year, Helsingborg based IT company Smart Refill has been approved according to PCI DSS Level 1, the card companies’ highest international security standard, and is now aiming for future solutions.
Smart Refill is certified according to PCI DSS highest merchant level since 2011. To achieve PCI DSS Level 1 compliance, a Qualified Security Assessor reviews the entire company annually, ranging from IT systems and security to routines and processes. Smart Refill’s compliance audit is performed by Trustwave and after a few months of thorough review, this year’s approval was completed on May 29.
– Our systems handle hundreds of millions of SEK in the form of card payments each year, through the prepaid applications we develop for telecom operators such as Telia, Telenor and Tre. Safety is a continuous work and the PCI DSS Level 1 compliance shows that customers and users can rely on our systems, says Tobias Persson, Chief Security Officer at Smart Refill.
In addition to the renewed certificate according to PCI DSS, Smart Refill has been approved as an E-money institution since 2019 under the supervision of the Swedish Financial Supervisory Authority.
– Through our permits, we can offer existing and new customers a wide variety of secure and smart payment solutions and other attractive digital services. To meet the increased demand for digital solutions for both telecom operators and financial companies, we are continuously developing our payment platform and other solutions. We are working to present innovative products and modules in the future, for example in the areas of Open Banking and Internet of Things, says Henric Ungh, CEO of Smart Refill.
PCI DSS (Payment Card Industry Data Security Standard)
PCI DSS (Payment Card Industry Data Security Standard) is a global regulatory framework for the safe management of cardholder data that has been developed by Mastercard and Visa and other major card brands. The purpose is to make the card payment process safer and reduce the risk of fraud.
Trustwave is a leading information security company and by PCI Security Standards Council approved QSA (Qualified Security Assessor). Trustwave handles the annual PCI audit on Smart Refill.