G2A.COM achieves PCI DSS 4.0.1 recertification, strengthening its leadership in payment security.
LONDON, UNITED KINGDOM, May 8, 2025 / EINPresswire.com / -- G2A.COM achieves PCI DSS 4.0.1 recertification, strengthening its leadership in payment security
G2A.COM, the world's largest marketplace for digital entertainment, has successfully renewed its compliance with the Payment Card Industry Data Security Standard (PCI DSS), achieving certification under the latest version 4.0.1. This recertification reinforces G2A's continued commitment to safeguarding user data and upholding the highest global standards of payment security.
The PCI DSS standard, established by the PCI Security Standards Council, is a mandatory compliance framework for any company that stores, processes, or transmits cardholder data. Major global brands such as Amazon, Apple, and Microsoft maintain this certification, and G2A.COM is proud to stand alongside them in prioritizing secure commerce.
'The renewal of our PCI DSS certification – especially under the latest and most stringent version – underscores our long-term dedication to protecting our users' data at every stage of the payment process,' said Dorota Wróbel, General Manager at G2A.COM. 'Security isn't a checkbox – it's a mindset that runs through every system, every process, and every person at G2A.COM.'
Upgrading to PCI DSS 4.0.1 is a new standard in vigilance
Version 4.0.1 of the PCI DSS introduces a major evolution in how organizations must operate. Unlike earlier iterations, this version transforms compliance from a one-time project into an ongoing security program, requiring organizations to implement continuous monitoring, proactive risk mitigation, and security-by-design development practices.
G2A.COM's infrastructure and operations were assessed by Patronusec, one of the Qualified Security Assessor (QSA), as part of a comprehensive audit covering nearly 270 rigorous security controls across people, processes, and technologies. G2A's recertification process validates the integrity of its security architecture and the robustness of its payment ecosystem. Achieving this certification is far from a formality — it is reserved for only the most thoroughly prepared companies in the world when it comes to data security.
Building trust through security
First certified in February 2024, G2A has now maintained its PCI DSS compliance for a second consecutive year. The renewal, awarded on February, confirms that the company continues to meet – and exceed – the industry's most demanding cybersecurity requirements. The first year is the most challenging, as it introduces a range of new and complex security processes that must be implemented and strictly followed. Compliance is not declarative – it must be proven with solid evidence during re-certification audits.
'For our millions of global users, trust is everything,' said Dorota Wróbel, 'This certification is one of many ways we prove that we take that trust seriously – not just once a year, but every single day.'
To learn more about G2A's, visit: G2A's Corporate website.
– ENDS –
About G2A.COM
G2A.COM is the world's largest and most trusted marketplace for digital entertainment, where more than 35 million people from 180 countries have purchased over 135 million items. Users can choose from more than 90,000 digital offerings incl. games, DLCs, in-game items, as well as non-gaming items such as gift cards, subscriptions, software, or e-learning - sold by sellers from all over the world. G2A.COM leads in online security, awarded with the prestigious American CNP award for the Best Merchant Team of the Year in Anti-fraud and Cybersecurity, alongside companies such as Microsoft, Barclay's Bank, and First Data.
Julia Horvath
Ranieri
email us here
Legal Disclaimer:
EIN Presswire provides this news content 'as is' without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Associated Press
5 hours ago
- Associated Press
G2A.COM introduces G2A Plus Free, a new package for its loyalty program
LONDON, UNITED KINGDOM, June 4, 2025 / / -- the world's largest marketplace for digital entertainment, has announced a new package in its loyalty program – G2A Plus Free. The free version enables G2A marketplace users to collect Plus Points for purchases and reduce the order price in the future. It is the next step in mission to democratize digital entertainment and make it accessible to everyone worldwide. Launched in 2017, G2A Plus is a loyalty program designed to enhance the shopping experience for buyers while supporting sellers in driving repeat purchases. Over the years it has provided real value across various membership plans that have saved members more than €2.1 million. Following its mission to democratize digital entertainment, wants to inspire and invite more people to explore this world. For this reason, it is introducing the G2A Plus Free, where users can collect Plus Points and use them on the G2A marketplace, choosing from more than 90,000 different offers, including game keys, subscriptions, gift cards, software, and e-learning. Each paid order is awarded with a certain number of Plus Points visible to users on the product page and in the shopping cart. Each 100 Plus Points has a value of €1 and can be used in future orders to reduce the price. opens Gate 2 Adventure in the digital world. We inspire users to take advantage and develop their potential online, and to discover and explore more of what's out there in digital entertainment. Operating globally, we take care of every user and allow them to discover more for less, from now on, also by joining G2A Plus Free, a membership program designed to enhance user satisfaction,' said Mona Kinal, Chief Marketing Officer at G2A marketplace users can choose from two G2A Plus plans – Free or Premium. G2A Plus Free enables users to collect Plus Points while G2A Plus Premium offers, in addition to Plus Points, benefits such as better prices, regular bonuses and rewards, post-buy premium assistance and much more. G2A Plus Premium is available in three subscription plans – 1, 3, and 12 months. Users can join both plans through the G2A Plus website or by selecting the offer with the Plus discount when making a purchase on You can find more details on the corporate website: --- About is the world's largest and most trusted marketplace for digital entertainment, where more than 35 million people from 180 countries have purchased over 135 million items. Users can choose from more than 90,000 digital offerings incl. games, DLCs, in-game items, as well as non-gaming items such as gift cards, subscriptions, software, or e-learning - sold by sellers from all over the world. leads in online security, awarded with the prestigious American CNP award for the Best Merchant Team of the Year in Anti-fraud and Cybersecurity, alongside companies such as Microsoft, Barclay's Bank, and First Data. Lawrence Taylor Ranieri Agency +44 7413 070637 email us here Legal Disclaimer: EIN Presswire provides this news content 'as is' without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.
Yahoo
2 days ago
- Yahoo
G2A.COM introduces G2A Plus Free, a new package for its loyalty program
the world's largest marketplace for digital entertainment, has announced a new package in its loyalty program – G2A Plus Free. The free version enables G2A marketplace users to collect Plus Points for purchases and reduce the order price in the future. It is the next step in mission to democratize digital entertainment and make it accessible to everyone worldwide G2A Plus Free AMSTERDAM, June 02, 2025 (GLOBE NEWSWIRE) -- Launched in 2017, G2A Plus is a loyalty program designed to enhance the shopping experience for buyers while supporting sellers in driving repeat purchases. Over the years it has provided real value across various membership plans that have saved members more than €2.1 million. Following its mission to democratize digital entertainment, wants to inspire and invite more people to explore this world. For this reason, it is introducing G2A Plus Free, where users can collect Plus Points and use them on the G2A marketplace, choosing from more than 90,000 different offers, including game keys, subscriptions, gift cards, software, and e-learning. Each paid order is awarded with a certain number of Plus Points visible to users on the product page and shopping cart. Each 100 Plus Points has a value of €1 and can be used in future orders to reduce its price. ' opens Gate 2 Adventure in the digital world. We inspire users to take advantage and develop their potential online, and to discover and explore more of what's out there in digital entertainment,' said Mona Kinal, Chief Marketing Officer at 'Operating globally, we prioritize every user, helping them discover more for less. Now, with G2A Plus Free—a membership program designed to enhance user satisfaction—they can enjoy even greater benefits.' G2A marketplace users can now choose from two G2A Plus plans – Free or Premium. Both plans allow users to collect Plus Points, but G2A Plus Premium goes further by offering additional benefits such as better prices, regular bonuses and rewards, post-buy premium assistance and much more. G2A Plus Premium is available in three subscription plans – 1, 3, and 12 months. Users can join both plans through the G2A Plus website or by selecting the offer with the Plus discount when making a purchase on You can find more details on the corporate website: About is the world's largest and most trusted marketplace for digital entertainment, where more than 35 million people from 180 countries have purchased over 135 million items. Users can choose from more than 90,000 digital offerings incl. games, DLCs, in-game items, as well as non-gaming items such as gift cards, subscriptions, software, or e-learning - sold by sellers from all over the world. leads in online security, awarded with the prestigious American CNP award for the Best Merchant Team of the Year in Anti-fraud and Cybersecurity, alongside companies such as Microsoft, Barclay's Bank, and First Data. Press Contact Daniel Perez Communication ConsultantA photo accompanying this announcement is available at
Business Journals
4 days ago
- Business Journals
The hidden cyber risk you're probably ignoring: User access reviews
Poorly managed user access reviews don't just jeopardize audit outcomes; they create pathways for data breaches, fraud, operational inefficiencies, regulatory fines and reputational damage. Despite these risks, many organizations struggle with timely, thorough and precise execution, or worse, they skip these reviews altogether. Far from trivial, this 'routine' process plays a pivotal role in broader cybersecurity and risk management strategies. Access reviews serve as a frontline defense, ensuring that only authorized individuals have appropriate access to systems and data, and help prevent privilege escalation, insider threats and vulnerabilities that could compromise an organization's security posture. User access reviews are essential for maintaining compliance with a wide range of frameworks, including SOX, PCI DSS, ISO 27001, SOC 2, HITRUST, NIST 800-53 & 171, HIPAA, GDPR and others. A well-executed access review helps reduce the risk of: Individuals having unauthorized or inappropriate access based on their role. Excessive access that creates segregation of duties conflicts. This guide provides an eight-step process for establishing and conducting a quality access review that will satisfy multiple compliance frameworks. Step 1: Identify relevant compliance frameworks and standards that require an access review Before identifying compliance requirements, organizations should begin with a clear strategy for their access review process. This includes understanding the overarching goals, such as reducing security risk, maintaining regulatory compliance, enhancing operational efficiency or supporting audit readiness. With this strategic direction in mind, organizations can then determine which regulations and standards they must adhere to. This will help establish the frequency, scope, control ownership and documentation requirements of the review. In the absence of a specified frequency, a risk-based approach should be used to determine how often reviews should occur. The following factors should be considered: Minimum required frequency to meet compliance requirements Complexity of the access within the system Volume of accounts and frequency of access changes Significance of the data stored within the system History of errors Effectiveness of preventive provisioning and termination controls Inherent risks of processes being supported by the systems Step 2: Identify the information systems in scope Determine which systems (i.e., applications, tools, database management systems, operating systems/servers and network domains) require an access review. This could include enterprise and/or financial applications, PaaS (Platform as a Service), database management systems, operating systems/servers, identity and access management (IAM) systems, source code migration and development tools, facilities and infrastructure components. Ultimately, the scope should be driven by the relevance and significance of the underlying data and/or system function governed by the system. Step 3: Assign ownership Clearly define who is responsible for: 1. Generating the information used in the reviews, and 2. Coordinating and/or executing the review and remediating any exceptions identified. Tip: Consider leveraging an off-the shelf tool to assist with automating and tracking reviews. Step 4: Generate the access listings Generate a complete and accurate listing of accounts from each system. Consider automating these reports for efficiency. The access listings should be granular enough so that the reviewer can see what role and/or permissions are assigned to each account. Provide enough details in the review documents so reviewers can make informed decisions. Some examples are below: expand Frazier & Deeter Tip: Retain documentation for how all access listings were generated (i.e. menus, reports, parameters, queries, time/date stamps, etc.). Explain any exclusions such as inactive accounts or accounts with read-only access. If the report is automated, include evidence that the underlying queries have not been modified. Step 5: Train the reviewers Provide clear expectations, guidelines, timelines and definitions for reviewers to reference. Ensure roles and responsibilities are clearly defined. Tip: Consider implementing a joiner-mover-leaver process in your IAM tools to automatically grant, revoke or modify access when employees join, leave or get promoted. This helps mitigate the risk of individuals being inadvertently granted the wrong level of access or access not being removed upon termination. Step 6: Execute the review and retain sufficient evidence Reviewers: Document proof of review, including justifications for approved and revoked access. Control Owner: Retain audit logs, screenshots, spreadsheets or other reports as needed. Tip: Store evidence in a central location that makes it easy to distinguish what is being reviewed. Consider using a template to consistently document each review. Step 7: Revoke unnecessary access and validate remediation Immediately remove or disable access that has been identified as needing to be revoked. Document the reason for revocation and verify timely deactivation of revoked accounts. Tip: Run a follow-up report to confirm that all access identified as a revoke within the access review are appropriately disabled and/or removed from the system. Step 8: Perform a lookback for anomalous activity Before closing the review: Review logs and audit trails for any inappropriate and/or unauthorized activity performed by revoked accounts. Investigate and follow up on any unusual activity. Define the scope of activities that are relevant to the framework and/or standard. Pay close attention to administrative accounts who can perform all transactions (including modifying user access). Tip: Accounts with admin privileges, segregation of duties conflicts or terminations are the revoked accounts with the highest risk of potential misuse. Final thought: Making user access reviews a business-as-usual process While each organization has unique circumstances, these steps may support you in conducting thorough, repeatable and audit-ready access reviews that will allow your organization to meet multiple compliance requirements and mitigate logical security risks in an efficient, consistent and cost-effective manner. Need help making your access reviews more efficient and compliant? Frazier & Deeter can help you design a process that meets your compliance requirements while saving time and reducing risk. Contact our experts today to get started. Frazier & Deeter (FD) is comprised of Frazier & Deeter, LLC, a US licensed CPA firm that provides attest services to its clients, and Frazier & Deeter Advisory, LLC, an alternative practice structure that provides tax and advisory services to clients worldwide. Learn more at
