As payment initiation providers, we handle very sensitive data. Building and maintaining robust infrastructure and protocols is the key to ensure we handle this data as it should. That’s why we are 100% committed to our security. Saying this is not enough; we need to demonstrate it, and the best way to do this is with a global standard like ISO27001.

With this, we reaffirm our commitment to the best international security standards across account-to-account payments in LatAm. This means that Fintoc meets more than 100 safety requirements, that we regularly undergo safety audits, and that our infrastructure complies with confidentiality, integrity, and availability of data at all times throughout the entire organization and lifecycle.

If your company accepts account-to-account payments, you need to make sure that your providers are certified to help mitigate and avoid risks and exploits to your business. You need to convey the risk management process down the supply chain, knowing that it is protected adequately.

As a merchant (or a Payment Service Provider - PSP) we know it is hard to make sure that your providers are holding your client’s information to the highest standard. That’s why we underwent this process that demonstrates we have international-grade robust infrastructure and protocols. An ISO27001 makes it easy to spot a best-in-class compliant provider. If your provider can't show proof of this, you might be exposing yourself, your clients, and your company. Hiring a provider with demonstrably rigorous security standards is your best and safest choice.

By achieving this certification, we are actively working towards becoming compliant to an upcoming Fintech Law in Chile, effectively acting before the law even requires us to do so. To comply this law PISPs will be required to obtain a certification from an international security standard comparable to ISO27001, a move that has already taken place in the rest of LatAm countries with Open Banking laws that recognize PISPs.

ISO27001 is the highest global standard for information security

How did we achieve ISO27001?

An ISO27001 certification requires a series of policies, mechanisms, and processes that are constantly guarding the confidentiality, integrity and controlled availability of data at every moment.

To obtain this certificate, we have been through a series of external security audits (led by Consilium) and internal security audits that confirm we comply with all all the requirements demanded by the ISO standard. This also ensures that we have proper security protocols in place for future operations and that these are diligently applied across the entire organization.

A million users, banks, financial institutions, and top fintechs in LatAm believe in us to handle their financial data to make account-to-account payments and their reconciliation. Achieving ISO certification only reinforces and bolsters our commitment to safety with the highest standard.
Cristóbal Griffero - Fintoc CEO.

¿Te gustaría recibir pagos por transferencia con la seguridad que merecen tus usuarios?

Si quieres conocer más sobre Iniciación de Pagos, entra acá.

Si quieres empezar a usar Iniciación de Pagos, puedes hablar con nuestro equipo comercial acá.