Leaders in payment processing for the NFP Sector

Valldata achieves Level 1 PCI DSS compliance

Wednesday 5th June 2013


Valldata has announced that as of 5th June 2013, its operations and systems are Level 1 PCI DSS (Payment Card Industry Data Security Standards) compliant. The UK-based company, a leading provider of payment processing and response handling solutions for the not-for-profit sector received approval confirmation this week following an audit conducted by the QSA team at Ambersail Ltd.

Hamish Horton, CEO at Valldata said, ‘I’m delighted with the outcome of the audit. Achieving Level 1 PCI DSS compliance demonstrates Valldata’s ongoing commitment to the highest security and compliance standards possible. For Valldata, this is absolute priority and integral to the service that we offer our clients, given the terabytes of data and volume of payments that we process annually’.


What Level 1 PCI DSS compliance requires

Level 1 PCI DSS compliance is now required by all payment handling companies processing more than 300,000 card transactions per year which has contributed towards Valldata’s decision to proceed with the independently audited scheme as the number of donations made by card increase. PCI DSS compliance is achieved by meeting a number of requirements, including the building of secure networks; protection of cardholder data; the application of a vulnerability management programme; implementation of enhanced access control measures; and the generation of processes to ensure regular monitoring and testing of all of the above. The Level 1 audit is carried out by an independent QSA (Qualified Security Assessor).

John Cruise, Director of IT at Valldata comments, ‘We take our responsibility for the data that we hold for clients extremely seriously and achieving Level 1 PCI DSS has reinforced this. The project has been intensive but it has been well worth the effort to affirm our rigorous standards in the eyes of the PCI DSS Security Council and the NFP sector as a whole’.


Valldata standards

Alongside PCI compliance, Valldata has built further on attaining recognised standards to support its standing as a superior provider to the NFP sector. The organisation is a BACS approved bureau and was recently certified ISO 18001:2007 (health and safety) and ISO 14001:2004 (environmental management systems) in addition to ISO 9001:2008 (quality management).

Find out more about our standards.


Cancer Research: Celebrating partnership
Ethiopiaid - on-boarding
Kidney Research UK: Improving ROI
Médecins Sans Frontières: Data Development