A journey through payment security standards, or the history of the creation of Cloud EFT (Eurocard EFT)

Read more
A journey through payment security standards, or the history of the creation of Cloud EFT (Eurocard EFT)

The history of the creation of the Eurocard EFT is an example of striving for a dynamic response to customers’ needs in meeting the highest standards of payment security.

Getting started with PA-DSS in 2012

In 2012, we started standardising the Eurokarta EFT software to the requirements of PA-DSS (Payment Application Data Security Standard). PA-DSS is a payment data security standard developed by the PCI Security Standards Council that specifies requirements for securing applications that process payment card data. This standard is designed to ensure that payment applications are designed, developed, and maintained to minimise the risk of card data leakage. PA-DSS accreditation has enabled us to enter the payments market, confirming that our software meets the highest security standards and complies with global industry requirements.

Development towards PCI DSS

From 2014 to 2015, we started working on obtaining the PCI DSS Service Provider Level 1 certification. PCI DSS (Payment Card Industry Data Security Standard) is an information security standard that defines the requirements for protecting payment card data during storage, processing and transmission. This standard is governed by the PCI Security Standards Council and is required by major payment card brands. We created a Cloud EFT that met all PCI DSS requirements and 200 PCI DSS requirements within client environments, which allowed us to acquire our first customer. Soon, a nationwide supermarket chain also benefited from our solution.

Creation of BU-EFT and further successes

In 2016, the BU-EFT team was formed, which, thanks to investments in new equipment and the creation of a Primary Site in ATM (the main data centre in ATM), convinced another large customer to migrate to our Cloud EFT.

PIN Security and PCI P2PE certifications

In 2019, we obtained the PIN Security certificate, which enabled us to expand Key Loading services for Acquirers and Banks. From 2018 to 2020, we created a P2PE solution that included the P2PE application, the P2PE KIF, and the full certified P2PE Solution. In January 2020, we were certified as the first Polish manufacturer with a P2PE solution.

Latest developments in 2022-2024

In 2022-2024, we continued our mission, obtaining further certificates and confirming our readiness to provide our customers with the highest level of security. Our activities focused on continuously improving processes and technologies to meet the growing requirements for card data protection. This has enabled us to provide our customers with solutions that meet and often exceed industry standards, giving them peace of mind that their data is fully protected.

After two years of changes and adaptation to the new PCI DSS (SSF—Secure Software Framework) standard, the EFT Eurocard has been approved by the PCI SSC council, which confirms our readiness to continue providing the highest level of security.

Do you need a reliable IT services provider?

Then, you are in the right place. We would be happy to talk to you about your next project.