Processes and Data

At B+S Card Service, the security issue has top priority.

B+S is awarded the data protection certificate

Protecting sensitive data such as credit card numbers or bank details is a top priority for B+S.

Following an audit process that we underwent voluntarily, the independent consultancy firm SRC Security Research & Consulting awarded us the SRC Certificate; official confirmation that we meet all of the requirements set out in the German Data Protection Act (Bundesdatenschutzgesetz or BDSG for short) with regard to order data processing.

Quality criterion for data protection

The certificate provides our customers with the assurance that the technical and organisational measures for data protection required under the German Data Protection Act are in place. This is important for B+S, as data protection has always been a major quality criterion in our business. It is also why we underwent certification as part of a voluntary data protection audit.

In 2009, B+S Card Service was the first company in Germany to offer both acquiring and independent network operation confirming full PCI DSS compliance.

B+S PCI DSS certified

PCI DSS stands for Payment Card Industry Data Security Standard and refers to a catalogue of binding rules laid down by the PCI Security Standard Council. These describe the level of protection that must be applied to sensitive cardholder data by any company that stores, transmits or processes credit card transactions.

B+S builds on know-how

All systems, networks and processes at B+S Card Service that are relevant to PCI DSS are inspected regularly by the certification body usd AG as part of data protection audits and thus their compliance with the requirements of the standard is confirmed.

As part of the certification process, B+S has made the necessary changes in all respective company areas and in so doing has built up extensive PCI DSS know-how.