Latest news with #PCISecurityStandardsCouncil
Associated Press
08-05-2025
- Business
- Associated Press
G2A.COM achieves PCI DSS 4.0.1 recertification, strengthening its leadership in payment security.
LONDON, UNITED KINGDOM, May 8, 2025 / / -- achieves PCI DSS 4.0.1 recertification, strengthening its leadership in payment security the world's largest marketplace for digital entertainment, has successfully renewed its compliance with the Payment Card Industry Data Security Standard (PCI DSS), achieving certification under the latest version 4.0.1. This recertification reinforces G2A's continued commitment to safeguarding user data and upholding the highest global standards of payment security. The PCI DSS standard, established by the PCI Security Standards Council, is a mandatory compliance framework for any company that stores, processes, or transmits cardholder data. Major global brands such as Amazon, Apple, and Microsoft maintain this certification, and is proud to stand alongside them in prioritizing secure commerce. 'The renewal of our PCI DSS certification – especially under the latest and most stringent version – underscores our long-term dedication to protecting our users' data at every stage of the payment process,' said Dorota Wróbel, General Manager at 'Security isn't a checkbox – it's a mindset that runs through every system, every process, and every person at Upgrading to PCI DSS 4.0.1 is a new standard in vigilance Version 4.0.1 of the PCI DSS introduces a major evolution in how organizations must operate. Unlike earlier iterations, this version transforms compliance from a one-time project into an ongoing security program, requiring organizations to implement continuous monitoring, proactive risk mitigation, and security-by-design development practices. infrastructure and operations were assessed by Patronusec, one of the Qualified Security Assessor (QSA), as part of a comprehensive audit covering nearly 270 rigorous security controls across people, processes, and technologies. G2A's recertification process validates the integrity of its security architecture and the robustness of its payment ecosystem. Achieving this certification is far from a formality — it is reserved for only the most thoroughly prepared companies in the world when it comes to data security. Building trust through security First certified in February 2024, G2A has now maintained its PCI DSS compliance for a second consecutive year. The renewal, awarded on February, confirms that the company continues to meet – and exceed – the industry's most demanding cybersecurity requirements. The first year is the most challenging, as it introduces a range of new and complex security processes that must be implemented and strictly followed. Compliance is not declarative – it must be proven with solid evidence during re-certification audits. 'For our millions of global users, trust is everything,' said Dorota Wróbel, 'This certification is one of many ways we prove that we take that trust seriously – not just once a year, but every single day.' To learn more about G2A's, visit: G2A's Corporate website. – ENDS – About is the world's largest and most trusted marketplace for digital entertainment, where more than 35 million people from 180 countries have purchased over 135 million items. Users can choose from more than 90,000 digital offerings incl. games, DLCs, in-game items, as well as non-gaming items such as gift cards, subscriptions, software, or e-learning - sold by sellers from all over the world. leads in online security, awarded with the prestigious American CNP award for the Best Merchant Team of the Year in Anti-fraud and Cybersecurity, alongside companies such as Microsoft, Barclay's Bank, and First Data. Julia Horvath Ranieri email us here Legal Disclaimer: EIN Presswire provides this news content 'as is' without warranty of any kind. We do not accept any responsibility or liability for the accuracy, content, images, videos, licenses, completeness, legality, or reliability of the information contained in this article. If you have any complaints or copyright issues related to this article, kindly contact the author above.
Techday NZ
05-05-2025
- Business
- Techday NZ
WitnessAI 2.0 boosts PCI DSS compliance & AI risk controls
WitnessAI has announced the release of WitnessAI 2.0, offering new tools to help enterprises meet PCI DSS 4.0.1 compliance requirements while integrating AI technologies. The updated platform introduces five significant features: PCI-specific AI controls with measures to prevent payment data loss, agentless and proxy-less policy enforcement for remote employees, risk analytics for AI usage, detection of insider threats across AI platforms, and a privacy mode tailored for applications such as Microsoft Copilot. The release of WitnessAI 2.0 comes as organisations face increased obligations under revised PCI DSS standards to address risks presented by artificial intelligence tools. The PCI Security Standards Council recently issued new guidelines outlining how AI should factor into PCI assessments, highlighting the need to control and monitor all technologies with access to cardholder data environments. The company's new update features PCI DSS-specific controls and reporting, which align AI activity with the 4.0.1 standard and incorporate focused protections against payment card data loss. Additionally, the platform's remote employee controls support compliance for staff working in hybrid, remote, or travelling situations without requiring software installation or changes to network architecture. Behavioural and runtime analytics form part of the regulatory risk analytics tools, offering organisations detailed insights to identify and remedy potential compliance gaps as they expand their use of AI. Insider threat detection capabilities use analysis of user interactions over time and across AI systems to flag compromised or malicious accounts that could lead to breaches. Privacy controls have also been enhanced, with an executive privacy mode designed to protect confidential internal discussions on AI platforms, specifically catering to tools like Microsoft Copilot. Rick Caccia, Chief Executive Officer and Co-founder of WitnessAI, commented on the regulatory compliance landscape with artificial intelligence: "Too often, AI regulatory compliance focuses on future-facing regulations such as the EU AI Act. But employee AI usage brings significant risk to the regulations, such as PCI DSS, that companies face today. With WitnessAI 2.0, any organisation subject to PCI DSS can ensure complete compliance and easy reporting of control effectiveness." David Neuman, Senior Analyst at TAG Infosphere, highlighted organisations' shifting work environment and compliance issues. He said, "The ability to enforce AI use policies regardless of where employees work is critical for PCI compliance. The new guidelines around AI use in PCI assessments will become an increasingly significant concern for organisations, even as they continue to adapt to PCI DSS 4.0.1 requirements." Jonathan Kennedy, Chief Information Security Officer at InComm Payments, shared his organisation's experience using WitnessAI. "We're focused on ensuring intellectual property and sensitive information isn't accidentally leaked. WitnessAI helps us achieve security and compliance with our diverse portfolio, reducing risk while maximising productivity." WitnessAI's platform is designed to help regulated industries manage compliance and security as they introduce AI into their workflows. Its recognition as a finalist in the Best Compliance Solution category at the 2025 SC Awards underscores its position in supporting organisations navigating established and emerging artificial intelligence regulations.
Business Wire
30-04-2025
- Business
- Business Wire
WitnessAI 2.0 Delivers New Regulatory Compliance Capabilities to Support Safe AI Adoption
MOUNTAIN VIEW, Calif.--(BUSINESS WIRE)-- WitnessAI, creator of the first enablement platform for safe AI use, and a finalist for the SC Awards for Best Compliance Solution, today announced the release of WitnessAI 2.0, offering five key updates for organizations looking to remain compliant with regulations such as the Payment Card Industry Data Security Standard (PCI DSS) while adopting enterprise AI tools. PCI DSS-Specific Controls and Reports: AI activity controls mapped directly to PCI DSS 4.0.1, including payment card data loss prevention. Remote Employee Controls: The industry's first and only zero-install, agentless and proxy-less capability for AI observability and policy control. This feature ensures compliance in remote, traveling, or hybrid environments. Regulatory Risk Analytics: Behavioral and runtime analytics can provide insight into best practices, potential risks, and areas for improvement as organizations develop their AI strategies and put them into practice. AI Insider Threat Detection: By analyzing conversations over time and across AI applications, WitnessAI can detect compromised or malicious user accounts likely to cause data breach or theft. Executive Privacy Mode: Applications like Microsoft Copilot can share data in unexpected and insecure ways. Executives can now leverage Copilot and other AI tools with enhanced privacy controls, keeping internal AI conversations private. 'Too often, AI regulatory compliance focuses on future-facing regulations such as the EU AI Act," said Rick Caccia, CEO and Co-founder at WitnessAI. 'But employee AI usage brings significant risk to the regulations, such as PCI DSS, that companies face today. With WitnessAI 2.0, any organization subject to PCI DSS can ensure complete compliance and easy reporting of control effectiveness.' The PCI Security Standards Council recently released guidelines for ' Integrating Artificial Intelligence in PCI Assessments,' demonstrating growing recognition of AI's role in payment security ecosystems. Under PCI DSS 4.0.1, organizations must carefully scope and secure all systems that 'could impact the security of the CDE' (Cardholder Data Environment) - a criterion that implicitly includes AI tools with access to sensitive environments. WitnessAI provides the visibility, control, and protection needed to ensure that these AI interactions comply with PCI requirements, helping organizations maintain regulatory compliance while safely leveraging AI capabilities. "The ability to enforce AI use policies regardless of where employees work is critical for PCI compliance," stated David Neuman, Senior Analyst, TAG Infosphere. "The new guidelines around AI use in PCI assessments will become an increasingly significant concern for organizations, even as they continue to adapt to PCI DSS 4.0.1 requirements. Organizations face real challenges in ensuring compliance when employees work away from the corporate network, like during travel or just working from home. Maintaining flexibility while having complete confidence in compliance posture isn't just desirable, it's a business necessity." As more organizations grapple with the complexities of maintaining compliance and preventing data loss, innovative solutions become paramount. This is precisely why FinTech provider InComm Payments turned to WitnessAI. "We're focused on ensuring intellectual property and sensitive information isn't accidentally leaked,' said Jonathan Kennedy, CISO at InComm Payments. 'We knew we needed a way to maintain security and compliance while encouraging our teams to leverage modern approaches with GenAI applications. We chose WitnessAI because they help us achieve just that with our diverse portfolio. Our compliance, data-loss prevention, and privacy teams now have total visibility and confidence in our AI security. We're reducing risk while maximizing our productivity because of WitnessAI.' WitnessAI is designed to address unique and ongoing compliance challenges of AI in regulated environments, offering a platform that will evolve with AI regulations as they emerge. The WitnessAI Secure AI Enablement Platform was recognized as a 2025 SC Awards finalist in the 'Best Compliance Solution' category, showing a proven dedication to helping businesses navigate the intersection between AI innovation and compliance. View the full list of 2025 SC Awards finalists here: WitnessAI is in use by global organizations today, detecting shadow AI, providing full visibility into user activity, and protecting users and data from loss and harm. Security and privacy leaders interested in a demonstration of the WitnessAI platform can contact the company at demo@ WitnessAI enables safe and effective adoption of enterprise AI, through security and governance guardrails for public and private LLMs. The WitnessAI Secure AI Enablement Platform provides visibility of employee AI use, control of that use via AI-oriented policy, and protection of that use via data and topic security. Learn more at
Web Release
14-03-2025
- Business
- Web Release
HyperPay launches HyperTap for seamless contactless payments for UAE businesses
By Editor_wr Last updated Mar 14, 2025 HyperPay, a leading digital payment solutions provider, launched HyperTap, a secure Tap on Phone payment solution designed to transform the way UAE businesses receive payments. By allowing smartphones to serve as contactless point-of-sale (POS) terminals without the need for additional hardware, HyperTap offers seamless, cost-effective, and efficient transaction experiences for both customers and merchants. HyperTap represents a significant milestone in the digital payment revolution, providing businesses with the ability to accept payments anywhere and at any time, particularly small and medium-sized enterprises (SMEs). Merchants can use NFC-enabled smartphones to securely process transactions through a straightforward app, further enhancing customer satisfaction and operational efficiency. Muhannad Ebwini, Founder and CEO of HyperPay, commented: 'In the current fintech landscape, businesses need flexible, affordable payment options that adapt to their evolving requirements. We are providing SMEs and business owners with innovative solutions such as HyperTap that streamline payment acceptance, promote digital adoption, and ensure customer convenience while maintaining the highest security standards.' Businesses can utilize this application to transform their current smartphones into contactless payment terminals without the need for POS devices. Certified by the PCI Security Standards Council (PCI SSC) as a validated MPoC Solution (MPOC), HyperTap is protected by industry-leading encryption and security protocols that safeguard transactions, ensuring safe payments for both customers and businesses. It also lowers costs associated with traditional payment hardware, making it an ideal choice for startups, mobile centric or field-based SMEs. Additionally, consumers can use wearable technology, digital wallets, or credit/debit cards to quickly and securely perform contactless transactions. HyperTap's launch aligns with the UAE's goal of a cashless economy and digital transformation. Owing to the increasing demand for secure and seamless payment solutions, it is projected to significantly impact financial transactions across the region. HyperTap is designed to serve a diverse range of industries and merchant segments, including retail, eCommerce, delivery, logistics, freelancers, and independent professionals. Furthermore, the application helps SMEs adjust to the evolving financial landscape by bridging the digital gap. By utilising technology that streamlines transactions, HyperTap offers companies a competitive edge, enabling them to focus on expansion rather than operational inefficiencies. HyperTap can now be utilised by businesses across the UAE, with further plans set to expand to other markets such as Saudi Arabia and Egypt. Merchants can download the HyperTap app from popular app stores or register on the official HyperPay website. Comments are closed.
Arabian Business
14-03-2025
- Business
- Arabian Business
HyperPay unveils HyperTap for secure contactless payments via smartphones in UAE
UAE digital payment solutions provider HyperPay announced the launch of 'HyperTap', a secure 'Tap on Phone' payment solution. The new payment solution allows smartphones to serve as contactless point-of-sale (POS) terminals without the need for additional hardware. HyperTap for UAE businesses HyperTap offers seamless, cost-effective, and efficient transaction experiences for both customers and merchants, the company said. Muhannad Ebwini, Founder and CEO of HyperPay, said in the current fintech landscape, businesses need flexible, affordable payment options that adapt to their evolving requirements. 'We are providing SMEs and business owners with innovative solutions such as HyperTap that streamline payment acceptance, promote digital adoption, and ensure customer convenience, while maintaining the highest security standards,' he said. Certified by the PCI Security Standards Council (PCI SSC) as a validated MPoC Solution (MPOC), HyperTap is protected by industry-leading encryption and security protocols that safeguard transactions, ensuring safe payments for both customers and businesses, the company said. It also lowers costs associated with traditional payment hardware, making it an ideal choice for startups, mobile-centric or field-based SMEs. HyperPay said its new mobile-based payment solution can now be utilised by businesses across the UAE, and the company has plans to expand to other markets such as Saudi Arabia and Egypt. website, it said.
