Pinwheel Achieves PCI DSS Level 2 Compliance

Pinwheel is now a PCI DSS Level 2 Compliant provider of income and employment data, strengthening its commitment to setting the industry standard for security and compliance.
PRNewswireMay 12, 20234 min

Today, Pinwheel, the market-leading provider of income and employment data engineered for next-generation fintech innovation, achieved Payment Card Industry Data Security Standard (PCI DSS) Level 2 compliance.

The PCI DSS is a set of security standards designed to ensure that all companies that accept, process, store, or transmit credit card information maintain a secure environment. To achieve PCI DSS Level 2 compliance, Pinwheel underwent a rigorous assessment carried out by A-LIGN, an independent Qualified Security Assessor (QSA). The review evaluated the company’s infrastructure, policies, and procedures against the PCI DSS requirements, which include maintaining a secure network, implementing strong access control measures, and regularly monitoring and testing networks.

This milestone demonstrates Pinwheel’s unwavering commitment to maintaining the highest security standards and protecting sensitive customer data. As a result, customers can feel confident that their data – ultimately, the consumers’ critical income and employment data – is well protected when using Pinwheel’s payroll connectivity solutions.

Pinwheel’s growing list of compliance certifications and achievements includes the following:

  • SOC 2 Type II Certification: A third-party audit evaluating Pinwheel’s security, availability, confidentiality, processing integrity, and privacy.
  • Consumer Reporting Agency (CRA): Pinwheel was the first income and connectivity provider to provide consumer-permissioned income and employment data to clients while ensuring consumers have full protections available under the Fair Credit Reporting Act (FCRA), unlocking new FCRA-permissible use cases like credit evaluation.
  • ISO/IEC 27001:2013 Certification: The highest security certification in the industry.
  • Visa-Ready Certification: Meeting Visa’s global standards around security and functionality, Pinwheel recently joined the Visa Fintech Partner Connect Program, allowing Pinwheel to work more seamlessly with merchants, financial institutions, and fintech companies to launch new use cases.
  • The Income and Employment Connectivity Industry’s First and Only CISO: Last year, Pinwheel appointed Jeff Hudesman as its CISO.

“Reaching PCI DSS Level 2 compliance is a testament to our dedication to providing secure and reliable solutions for fintechs, financial institutions, and their customers,” said Jeff Hudesman, CISO at Pinwheel. “Pinwheel’s ability to streamline innovation and power use cases is meaningless if the information is not impeccably safeguarded. Security has always been, and will remain, a guiding principle for Pinwheel, as we remain committed to the ongoing journey of exceeding and creating new security standards for the industry.”



We are one of the world’s leading Fintech-based media publication with our content strategized and synthesized to fit right into the expanding ecosystem of Finance professionals. Be it fintech live news, finance press releases, tech articles from Fintech evangelists or interviews from top leaders from global fintech firms, we give the best slice of knowledge topped up with the aptest trends. Our sole mission is to help tech and finance professionals step up with the rapidly emerging Fintech civilization and gain better insights to emerge victorious in every possible way. We adopt a 360-degree approach in order to cater to present a holistic picture of the fintech arena.

Our Publications

FintecBuzz, 2024 © All Rights Reserved