Bayad obtains PCI DSS Certification scaling up its cybersecurity standards


Bayad and PCI

Bayad continues to trailblaze the fintech industry being the trusted brand in the outsourced payment collection service in the Philippines. Having aggregated a multitude of billers that are now being used by more than 100,000 physical touchpoints and leading digital and mobile platforms across the country, the company has enhanced and intensified its cybersecurity initiatives to maintain its robust system.

Last February 23, 2022, Bayad was able to obtain its Payment Card Industry Data Security Standard

(PCI DSS) Certification. PCI DSS is an information security standard for all business entities that handles card information. The said security standard certification was thoroughly assessed by SISA, a forensics-driven cybersecurity company specializing in risk assessment, security compliance & validation, monitoring & threat hunting, as well as training for various payment security certifications. With SISA’s impeccable credibility, the assessment has proven that Bayad provides reliable service solutions. Bayad has deployed multi-factor authentication, key management system, data at rest encryption, secure wipe solutions, and web application firewall that are critical features in passing for the said data security standard certification.

According to Bayad Chief Information Security Officer, Mel Migriño, “This milestone is a validation of Bayad’s upgraded cybersecurity posture. Bayad has undertaken unprecedented efforts to address the growing cyber risks in the financial services industry. Hence, this feat is imperative in providing assurance to our customers that digital trust is paramount for Bayad.”

Bayad President and CEO, Lawrence Y. Ferrer also shared. “The cybersecurity measures we implement enables us to confidently innovate and co-create projects with various stakeholders centered on our goal of maintaining a frictionless customer experience. We value the trust that our customers and our partners give us, that is why we want to make sure that we follow a holistic approach to system design that incorporates technical safeguards.”