Processes and Data

At BS PAYONE, the security issue has top priority.

BS PAYONE is awarded the data protection certificate

Protecting sensitive data such as credit card numbers or bank details is a top priority for BS PAYONE.

Following an audit process that we underwent voluntarily, the independent consultancy firm SRC Security Research & Consulting awarded us the SRC Certificate; official confirmation that we meet all of the requirements set out in the German Data Protection Act (Bundesdatenschutzgesetz or BDSG for short) with regard to order data processing.

Quality criterion for data protection

The certificate provides our customers with the assurance that the technical and organisational measures for data protection required under the German Data Protection Act are in place. This is important for BS PAYONE, as data protection has always been a major quality criterion in our business. It is also why we underwent certification as part of a voluntary data protection audit.

In 2009, BS PAYONE was the first company in Germany to offer both acquiring and independent network operation confirming full PCI DSS compliance.


PCI DSS stands for Payment Card Industry Data Security Standard and refers to a catalogue of binding rules laid down by the PCI Security Standard Council. These describe the level of protection that must be applied to sensitive cardholder data by any company that stores, transmits or processes credit card transactions.

BS PAYONE builds on know-how

All systems, networks and processes at BS PAYONE that are relevant to PCI DSS are inspected regularly by the certification body usd AG as part of data protection audits and thus their compliance with the requirements of the standard is confirmed.

As part of the certification process, BS PAYONE has made the necessary changes in all respective company areas and in so doing has built up extensive PCI DSS know-how.