Aquarium recently achieved compliance with the Payment Card Industry (PCI) Data Security Standard (DSS) Level One as a service provider. Achieved in under six months, this compliance represents the highest level of payment processing security and is a major achievement for Aquarium and demonstrates commitment of both people and processes to ensure the highest levels of data security to our insurance clients.
Delivering world class security standards
Security is one of the most important aspects in our commitment to insurance companies and their customers. Whilst we do not store payments details, our platform connects consumers directly to insurance companies. This means we need to deliver the highest standards of security to build the trust needed by global insurance brands.
About PCI DSS
The PCI Security Standards Council is a global organisation that maintains Payment Card standards for the safety of cardholders across the world. The council has two priorities: to help merchants and financial institutions implement standards for security policies, technologies and processes that protect their payment systems from data theft and fraud; and to support vendors implementing relevant standards that deliver secure payment platforms.
Level One PCI DSS compliance is required of service providers that either store, process, or transmit more than 300,000 credit card transactions every year.
The standard is extremely rigorous. It requires a compliance report from a Qualified Security Assessor and quarterly network scanning. Aquarium ensured compliance by creating a fully tested intrusion detection system and updating firewalls. The entire Aquarium platform was then penetration tested by leading independent cyber security company ProCheckUp to ensure compliance with the relevant standards.
Investment and innovation
Despite the significant investment, in both time and money, required to achieve compliance, Aquarium managed to achieve PCI DSS Level One in less than six months. This demonstrates our commitment to fast and effective innovation and delivering the highest level of security standards to our customers. Our new office is staffed with on-site security, CCTV and 24hr alarm monitoring, making physical intrusion extremely unlikely. No client data is held on site.
We can now offer any insurance company that uses the Aquarium platform access to class leading security solutions to drive reassurance and trust.