Today, Pinwheel, the market-leading provider of income and employment data engineered for next-generation fintech innovation, achieved Payment Card Industry Data Security Standard (PCI DSS) Level 2 compliance.
The PCI DSS is a set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment. To achieve PCI DSS Level 2 compliance, Pinwheel underwent a rigorous assessment carried out by A-LIGN, an independent Qualified Security Assessor (QSA). The review evaluated the company’s infrastructure, policies, and procedures against the PCI DSS requirements, which include maintaining a secure network, implementing strong access control measures, and regularly monitoring and testing networks.
This milestone demonstrates Pinwheel’s unwavering commitment to maintaining the highest security standards and protecting sensitive customer data. As a result, customers can feel confident that their data – ultimately, the consumers’ critical income and employment data – is well protected when using Pinwheel’s payroll connectivity solutions.
Pinwheel’s growing list of compliance certifications and achievements includes the following:
- SOC 2 Type II Certification: A third-party audit evaluating Pinwheel’s security, availability, confidentiality, processing integrity, and privacy.
- Consumer Reporting Agency (CRA): Pinwheel was the first income and connectivity provider to provide consumer-permissioned income and employment data to clients while ensuring consumers have full protections available under the Fair Credit Reporting Act (FCRA), unlocking new FCRA-permissible use cases like credit evaluation.
- ISO/IEC 27001:2013 Certification: The highest security certification in the industry.
- Visa-Ready Certification: Meeting Visa’s global standards around security and functionality, Pinwheel recently joined the Visa Fintech Partner Connect Program, allowing Pinwheel to work more seamlessly with merchants, financial institutions, and fintech companies to launch new use cases.
- The Income and Employment Connectivity Industry’s First and Only CISO: Last year, Pinwheel appointed Jeff Hudesman as its CISO.
“Reaching PCI DSS Level 2 compliance is a testament to our dedication to providing secure and reliable solutions for fintechs, financial institutions, and their customers,” said Jeff Hudesman, CISO at Pinwheel. “Pinwheel’s ability to streamline innovation and power use cases is meaningless if the information is not impeccably safeguarded. Security has always been, and will remain, a guiding principle for Pinwheel, as we remain committed to the ongoing journey of exceeding and creating new security standards for the industry.”