PCI security & compliance

section rich text

The bottom line on virtual card payments is that they are more secure than traditional credit card transactions because they’re locked to a single-use or an exact amount.

As far as PCI DSS (Payment Card Industry Data Security Standards) and SOC (Service Organization Control) certifications are concerned, you can feel confident in Edenred Pay’s commitment to these compliance requirements and full adherence to solid security standards.

For the record



CSI maintains PCI DSS Level 1 and SOC 1 & 2 certifications


We’re the Fort Knox of sensitive payment information.

  • We employ the highest level of encryption for data-in-transit and data-at-rest. We don’t mess around with our communication or take chances with compromising details. Funds are pre-authorized, so there’s no need for forms or signatures. And our tokenization of Primary Account Numbers (PAN) ensures payment information and instructions are never stored on our servers.
  • We take compliance seriously and drive security best practices companywide with ongoing policy review checkpoints. Every employee is PCI DSS trained from day one.
  • Edenred Pay, an Edenred Company, appreciates the importance of obtaining an independent assessment of its operating environment. The company annually invests in annual Standards of Controls (SOC) audits. Edenred Pay has its business evaluated annually for both a SOC 1 (SSAE 16) and SOC 2 (SSAE 18) type 2 review. These reports provide valuable insight into our organization’s risks, governance, security, and internal controls. The additional rigor of a type 2 review also measures how these controls are designed for their effectiveness over time.
call to action

Contact us