VAPEAHOLIX PAYMENT SECURITY
With our PCI DSS Level 1 compliance status, we meet payment security standards and help protect customer data.
As a fully compliant PCI DSS Level 1 Service Provider and a principal member and licensed acquirer of Visa and MasterCard, Viva Wallet adhere to the card schemes’ operating regulations. We are also subject to yearly audits by a third-party PCI Qualified Security Assessor, Visa, MasterCard, and the banks we partner with.
Tokenization is a major industry technology that is shaping the way merchants accept payments and use payment data
Tokenization is the process of replacing sensitive data with non-sensitive data. In the payments industry, it is used to safeguard a card’s PAN by replacing it with a unique string of numbers that cannot be used to make transactions.
Dynamic CVV Technology
Dynamic CVV has become a key weapon against fraudulent transactions
Rather than using a static three or four-digit code on the back of the card, dynamic CVV technology creates a new code periodically. When a customer is ready to initiate a transaction, they will receive an SMS or email with a one-time CVV. The unique code then expires after the purchase is complete or within the next few hours.
AI-based anti-fraud algorithm
An integrated AI-powered risk management system built directly into our payments platform
Our AI-powered fraud detection technology learns from each transaction in real-time and can anticipate fraudulent attacks before they even happen, resulting in us seeing a reduction of fraud by 70 percent, while increasing conversion rates by as much as 35 percent. Our detection results are completely transparent, so you can understand exactly why a transaction was blocked or accepted.
Integrating Biometrics into our payments solution, adds an extra level of security
Microsoft’s face recognition technologies provide a powerful & reliable Face Verification Service. By adding this extra layer of security, we ensure that payments are performed by the persons expected, minimizing fraud in Card-Not-Present transactions.
We focus on all aspects of information security within our systems, services, and data. We extend compliance requirements to offer a maximum level of safety, resilience, and trust
Our infrastructure implements multiple levels of protection by using industry-accepted mechanisms and best practices ensuring we provide:
- Availability: cloud infrastructure with DDOS protection, load balancing, and DR configurations.
- Confidentiality: HTTPS & Point-to-point Encryption, use of certified Hardware Security Modules, strict key management controls, and near real-time threat detection.
- Integrity: Transaction fingerprinting, database backups, access control, and code review process.