In February 2026, the solution successfully passed its annual audit, confirming that its processes for processing, storing, and transmitting payment data comply with the current requirements of the industry.
The PCI DSS v4.0.1 standard sets mandatory best-practice requirements for all participants that work with cardholder data, including data encryption, access management, security event monitoring, and timely vulnerability management. Regularly confirming compliance with this standard enables tapXphone to maintain a predictable and transparent level of security for all partners — banks, payment organizations, and merchants — while minimizing operational and regulatory risks.
Vadzim Smatrayeu, VP of FinTech Services at IBA Group
Regularly confirming PCI DSS compliance is part of our ongoing work to ensure resilient and predictable security of the payment infrastructure behind our solution. We are consistently improving our processes so that partners and their customers can be confident in the reliability of tapXphone today and in the future.
Security is one of the key priorities for tapXphone. This is why tapXphone was among the first in the world to obtain certification under the PCI MPoC standards, which, together with PCI DSS, forms a comprehensive approach to payment data protection. This combination of certifications allows the solution to meet market requirements regarding key security aspects and helps partners develop cashless payments anywhere in the world.
