WHY YOU CAN TRUST PAYSTACK, FLUTTERWAVE AND OTHER FINTECH COMPANIES WITH YOUR CARD DETAILS

If you’ve ever made a payment online, chances are that you’ve come across paystack, flutterwave or quickteller.

Financial technology in Africa has grown in leaps and bounds in the last couple of years. According to Forbes, Africa’s Fintech ecosystem raised $320m since January 2015 and grew 60% in two years.

While the payment industry has received large adoption and they’ve helped thousands of businesses receive payments from their customers in few easy steps, there are still several people who are skeptical about making online payments with their debit or credit card. This is understandable due to the high rate of cybercrimes in the country.

These companies are aware of the risks involved and they have measures in place to protect your information and ensure it doesn’t get into the wrong hands. Aside from this, regulations and standards are guiding their operations.

Every company that process card details of its customers have to be compliant with PCI DSS (Payment Card Industry Data Security Standard)

PCI-DSS is a set of security standards designed to ensure that ALL companies that accept, process, store or transmit credit card information maintain a secure environment. For companies to achieve PCI-DSS compliance, they must meet the following requirements:

• Build and maintain a secure network and systems.
• Protect Cardholder Data.
• Maintain a vulnerability management program.
• Implement strong Access Control measures.
• Regularly monitor and test systems.

The PCI compliance certification is valid for one year from the date the certificate is issued. To maintain their compliance, they are required to complete the PCI DSS self-assessment questionnaire annually and conduct any applicable network scans every quarter.

Another regulation guiding the Fintech companies is the Nigeria Data Protection Regulation (NDPR). This regulation was issued:

• To safeguard the rights of natural persons to data privacy
• To foster safe-conduct for transactions involving the exchange of Personal Data
• To prevent manipulation of Personal Data; and
• To ensure that Nigerian businesses remain competitive in international trade through the safe-guards afforded by a sound data protection regulation.

You can download and read all about it here

While all these do not guarantee that there will not be data breaches, it is a reassurance that these companies care about our information and are doing all they can to protect it.