PCI Compliance

With our PCI DSS Level 1 compliance status, we meet payment security standards and help protect customer data.

As a fully compliant PCI DSS Level 1 Service Provider and a principal member and licensed acquirer of Visa and MasterCard, Viva Wallet adhere to the card schemes’ operating regulations. We are also subject to yearly audits by a third-party PCI Qualified Security Assessor, Visa, MasterCard, and the banks we partner with.


Tokenization is a major industry technology that is shaping the way merchants accept payments and use payment data

Tokenization is the process of replacing sensitive data with non-sensitive data. In the payments industry, it is used to safeguard a card’s PAN by replacing it with a unique string of numbers that cannot be used to make transactions.

Dynamic CVV Technology

Dynamic CVV has become a key weapon against fraudulent transactions

Rather than using a static three or four-digit code on the back of the card, dynamic CVV technology creates a new code periodically. When a customer is ready to initiate a transaction, they will receive an SMS or email with a one-time CVV. The unique code then expires after the purchase is complete or within the next few hours.

AI-based anti-fraud algorithm

An integrated AI-powered risk management system built directly into our payments platform

Our AI-powered fraud detection technology learns from each transaction in real-time and can anticipate fraudulent attacks before they even happen, resulting in us seeing a reduction of fraud by 70 percent, while increasing conversion rates by as much as 35 percent. Our detection results are completely transparent, so you can understand exactly why a transaction was blocked or accepted.

Biometric Security

Integrating Biometrics into our payments solution, adds an extra level of security

Microsoft’s face recognition technologies provide a powerful & reliable Face Verification Service. By adding this extra layer of security, we ensure that payments are performed by the persons expected, minimizing fraud in Card-Not-Present transactions.

Information Security

We focus on all aspects of information security within our systems, services, and data. We extend compliance requirements to offer a maximum level of safety, resilience, and trust

Our infrastructure implements multiple levels of protection by using industry-accepted mechanisms and best practices ensuring we provide:

  • Availability: cloud infrastructure with DDOS protection, load balancing, and DR configurations.
  • Confidentiality: HTTPS & Point-to-point Encryption, use of certified Hardware Security Modules, strict key management controls, and near real-time threat detection.
  • Integrity: Transaction fingerprinting, database backups, access control, and code review process.