Payment related products should have a relatively higher standard for security and privacy compared to most other online applications. Let’s be honest you’d probably be more upset if you weren’t paid on time vs. if you lost your high score on Candy Crush.

Payments security 101: Why Money Platform Should be (at least) PCI Compliance

Payment compliance standard is typically administered by a combination of local monetary authorities (like HKMA in Hong Kong and MAS in Singapore) and global security councils (like PCI security standards). In case it’s helpful, we wanted to provide a bit more background on the type of security measures, platforms like Reap have to go through in order to confidently facilitate online payments, keep your data secure and ultimately garner.

Anyone involved with the processing, transmission, or storage of card data must comply with the Payment Card Industry Data Security Standards (PCI DSS). Platforms like Reap, Shopify, Uber has securely integrated with a global payment processor that has gone through independent PCI Qualified Security Assessor (QSA) and is certified as a PCI Level 1 Service Provider. This is the most stringent level of certification available in the payments industry typically conducted on banks and other financial institutions. These security standards include several important requirements. A few examples of these requirements below:

  • Implementation of control measures
  • Implementation of data security policy
  • Maintaining safe network
  • Infrastructure that protects cardholder’s Personal Identifiable Information (PII)
  • Regular testing and monitoring of network
  • System vulnerability testing

Separately, businesses that adhere to these PCI standards must demonstrate that they can maintain these standards through regular onsite reviews and scans performed by data security and/or cyber security companies.

Why does it matter?

The main goal for PCI compliance are to ensure that the quality of all systems related to processing credit card are standardized and secure. More importantly, it ensures that those who do not comply, are fined and have your processing capabilities taken away. This provides an additional layer of trust when cardholders passthrough your sensitive credit card details to businesses that comply with PCI standards. PCI compliance can bring in more clients, as your trust will rise if you know that the company has taken every measure necessary for protection of your personal information.

Reap immensely value trust, security and transparency -- if you’d like a bit more information on how security at Reap works, click here.

與大多數網上應用程式相比,支付相關的產品不論在安全性和私隱度上都應該具有相對較高的標準。老實說,如果你在進行電子支付時未能按時付款,應該比你玩Candy Crush時掉失高分數更令你覺得心煩沮喪。



任何人牽涉到信用卡的數據處理、傳送和儲存都必須要遵照支付卡行業資料安全標準(簡稱PCI 安全標準)。網上平台好像Reap、ShopifyUber已經與全球支付處理器安全地整合,該處理器已通過獨立的PCI保安資格評估(QSA)並被認證為PCI一級服務供應商。這認證一般是應用於銀行和其他金融機構,是支付行業中最嚴格的認證級別。這些保安標準包括幾個重要要求。以下列舉了幾個例子:

  • 執行監控措施
  • 執行數據保安政策
  • 維護網絡安全
  • 保障持卡人確認身份的個人資料(PII)的基礎設施
  • 定期測試和監控網絡運作
  • 進行系統安全漏洞測試




Reap極其注重互信、系統保安且具透明度 – 如果你想了解Reap 是多盡心盡力去維護系統安全,請按這裡。

Subscribe To Our Blog

Stay on top of the latest SMEs Management, Cash Flow tips, and best practices

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

訂閱我們的 Blog


Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.