Card brands receive trillions of dollars in payments worldwide (VISA data 2021) and these figures are based on the trust that the cardholder has to place their card data for purchases of goods and services in present and non-present card channels.

IQ Information Quality has fourteen years of experience in providing security services in digital payments for Latin America and the Caribbean, approved by the PCI SSC (PCI Security Standard Council), to perform the evaluation of compliance with international standards (PCI DSS, PCI PIN, PCI 3DS) that protect payments made with cards (VISA, Amex, Master, Discovery) in card present (POS) and card not present (e-commerce and telephone) environments.

PCI standards are industry best practices to protect any electronic transaction where sensitive data must be protected and can be used to secure other payment ecosystems such as:

  • Private Cards
  • BNPL (Buy Now Pay Later)
  • International Wire Transfers
  • Person-to-Person P2P payments
  • Toll Payment
  • Loyalty points
  • Cryptoassets.

In any payment your customers make, there is sensitive card data information that must be protected.


Person-to-person payments (P2P payments) are an online technology that allows users to transfer funds from their bank or credit card account to another individual's account via technologies such as the Internet or cell phone.

Person-to-person payments generally use personal data of those sending and receiving the transfer and authentication mechanisms to access web portals or mobile applications in digital wallets.

The risks associated with this type of payment ecosystem are related:

  • Leaks of sensitive information that are used to make payments.
  • Changes in transaction data with man-in-the-middle attacks.
  • Compromises in the systems that perform transactions that can lead to fraudulent transactions on web portals or mobile applications.

Services that support the protection of P2P payment transactions:

  • Identification and documentation of information flows in processes where sensitive customer information is used.
  • Scope identification and validation
  • Identification of controls that apply to the scope in accordance with PCI best practices.
  • Diagnosis with respect to PCI standards.
  • Validation and support in the action plan to close the findings.
  • Third party audit to validate compliance with controls.

Your mission:

Start NOW to protect your customers and your business.

¿Te interesa este tema?
Scan the code
¡Hola! Gracias por escribirnos ¿Estas interesado en proteger tus pagos digitales?