Jumio is PCI DSS Level 1 compliant. We regularly conduct security audits, vulnerability scans and penetration tests to ensure compliance with security best practices and standards. To demonstrate PCI compliance, a yearly on-site validation assessment by a QSA is carried out. Jumio carries the security controls established to achieve PCI compliance over to PII data, which is of comparable sensitivity, and has extended the scope of such controls to cover and protect all systems used to transmit, process and store PII data.
Jumio extracts, redacts (masks) and stores payment processors' credit card information while adhering to PCI DSS, reducing customers’ internal processing and operational costs. Because Jumio complies with PCI DSS's strict information security requirements, our customers can have greater confidence that their data — whether it's payment card data, PII or government-issued IDs — is handled in a secure manner throughout its lifetime.