Лицензии и сертификаты

Лицензия как компания электронных денегy

Через свою дочернюю компанию Payment-id Payment AS, Payment-id получила лицензию компании электронных денег LOV-2015-04-10-17, § 2-11.

Квалифицированного поставщика услуг

Payment-id присваивается статус квалифицированного поставщика трастовых услуг национальным органом связи (Nkom) в соответствии с Законом Об электронных трастовых услугах(eIDAS). Платеж-id является эмитентом квалифицированных сертификатов электронной подписи (квалифицированных сертификатов), Qualified Electronic Seal Certificates (Enterprise Certificates) and Qualified Site Certification Certificates (SSL/TLS Certificates).

Payment-id также декларируется в соответствии с правилами самопровозглашения и требованиями спецификации PKI в государственном секторе в качестве эмитента сертификатов, удовлетворяющих классам сертификатов.

Certifications

ETSI EN 319 411

Payment-id is certified in accordance with the ETSI EN 319 411 standards for digital certificate issuers.

The standards cover all areas of digital certificate issuing and management, including the authentication registration process, issuing of digital certificates with private key protection, blocking service, and certificate status services (CRL, OCSP), and more. The certification process involves an accredited external auditor confirming that the certificate issuer has systems, processes and procedures that comply with the requirements set by the standard.

Part 1: ETSI EN 319 411-1
Covers digital certificates in general, including SSL/TLS certificates. Suppliers of browsers and operating systems, such as Microsoft, Apple, Google, Mozilla and Oracle (Java), accept this certification as one of their requirements to enter our root certificates. See ETS 018 for details.

Part 2: ETSI EN 319 411-2
Covers EU Qualified Certificates in accordance with the eIDAS Regulation, including Qualified Certificates for Electronic Signature (QC eSignature), Qualified Certificates for Electronic Seal (QC eSeal) and Qualified Web Site Authentication Certificates (QWAC). The certification meets the requirements of the eIDAS Regulation. With this, Payment-id is certified as a Qualified Trusted Service Provider (QTSP). Such certification is a prerequisite to be registered as a qualified provider on the EU trust list. See ETS 053 for details.

ISO 27001

Payment-id is certified in accordance with ISO 27001 – Control / Management System for Information Security. The standard takes a comprehensive approach to information security. ISO 27001 ensures the protection of information as follows:

• Confidentiality ensures that information is only accessible to authorised parties.
• Integrity ensures that the methods of managing information are accurate and complete.
• Availability ensures that authorised users have access to information and associates assets when required.

ISO 27001 harmonises with other management systems that makes it easy to combine, for example with ISO 9001.

ISO 9001

Payment-id is certified in accordance with ISO 9001 – Control / Management System for Quality. ISO 9001 is the most common internationally recognised standard that ensures the quality of goods and services in a relationship between supplier and customer. The standard is process-oriented and emphasises continuous improvements and customer satisfaction.

PCI-DSS

Payment-id is approved in accordance with the credit card companies’ data standard PCI DSS (Payment Card Industry Data Security Standard). With this, Payment-id again shows that the company is at the forefront of information security.

PCI DSS is a set of comprehensive requirements developed by, among others, Visa, Master Card and American Express to increase the security of payment transactions and handling of cardholder information. All businesses that process, store or transfer cardholder data and/or transaction information from these companies are required to follow PCI DSS.