Secure payment transactions
Our experience for your security

Security of cashless payments

Security is the alpha and the omega of cashless payments – mobile or face-to-face, for e-commerce, in a shop or at a customer’s location. Security and trust are the basis for good customer relations.

For us, security is the central element of our business. We have integrated it firmly into all of our products and services. Security standards determine our processes; our terminals and our software applications work with the most modern audit and encryption technology available; and even the companies that work with us are certified in accordance with the security standards of the card organisations and the requirements of the Payment Card Industry Data Security Standard (PCI DSS). And you and your staff can also help prevent data hacking, card abuse and fraud. We will help you do this – with our security tips and our early-warning system. In addition, you can become certified in accordance with the PCI DSS so that you are secured in case something should happen. Trust us.


Enquire now

Certification in accordance with PCI DSS

Concardis is certified in accordance with the Payment Card Industry Data Security Standard (PCI DSS). The PCI DSS is a globally valid security standard used by the leading international credit card organisations.

The PCI DSS is a globally valid security standard used by the leading international credit card organisations. Basically, all companies that accept cards and/or save, process or transfer card data are obliged to comply with the PCI DSS and to provide evidence thereof. This applies both to Concardis and to you as an online merchant, shop owner, hotelier or restaurateur.

Anyone not in compliance with the standards opens themselves up to – in the worst cases of abuse or loss of card data – heavy fines, subrogation by cardholders and expensive lawsuits. Once your reputation has been damaged, it is extremely difficult to repair it and regain the customers you lost in the process.

In collaboration with our certification partner usd AG, we have developed a platform: Here you can check whether you meet the PCI requirements and get information on how you can become certified. You cannot be held liable in cases of card or data abuse if you are certified in accordance with the PCI DSS.

Protection and trust: advantages of PCI certification at a glance

Once certified in accordance with PCI DSS, there is nothing standing in your way to professional operation as a merchant.

As a part of this, you will benefit from the following:

    • Increased trust and willingness to buy: Increased data security and customer protection – for more trust from customers and an increased willingness to buy
    • Legal safety net: Improved protection against financial losses and claims for damages due to security breaches
    • Secure systems: Evaluation of the level of security of your systems to save, process and/or transmit cardholder data
    • Lean data: Reduced company risk through data minimisation and avoidance

    To the PCI platform

    Special features in the hotel industry –
    a best practices guide from Concardis

    The PCI DSS guidelines present a special challenge for hoteliers. In the past, the risk of fraud during card payments was much higher here than in many other industries. This is why compliance with the PCI DSS is especially important for hotels. Concardis will help you comply with the requirements. For this purpose, we have created a best practices guide that will show you – step by step – what is important. How do criminals operate? What must be observed when sending emails? How is the secure transfer of card data ensured? You will find the answers in our best practices guide – plain and simple.

    Download the guidelines for the hotelies

    EMV security standard

    By now, most credit cards are equipped with the additional EMV security standard. This means that they have a chip in addition to the magnetic strip. With credit cards that feature a chip, the cardholder can identify themself with a signature or by entering their PIN. The card-issuing bank decides how the cardholder is to be authenticated. This information is contained on the chip.

    All Concardis terminals have a reader for both magnetic strips and chip cards and process payments in accordance with the EMV security standard. The card reader always reads the chip first. The magnetic strip is only read if the card is not equipped with a chip.

    More security in a snap

    Quite often a brief but trained glance is enough to prevent fraud.

    Before you accept a card for payment, check it for peculiarities. This does not take much time and significantly reduces the risk of fraud. This is what you should look for:

      • Embossing and number: Card number, expiry date and name are embossed on VISA and MasterCard cards, but not on VISA Electron cards.
      • Validity: Is the card valid and not past the expiry date?
      • Number comparison: Make sure that the card number on the receipt matches the card number on the front and back sides of the card. For security reasons, the card number in the signature field and on the electronic terminal receipt has been shortened to only the last four digits of the card number.
      • Signature: Have the customer sign the receipt on the front; this validates the receipt. Compare the signature on the receipt with the signature on the card. MasterCard, VISA and VISA Electron cards are non-transferable.
      • Photo: If there is one, compare the photo with the customer. If you have doubts, request to see government-issued identification. If the information is different, or if you are still unsure, call our approval service.
      • Everything all right? Only at this point should the card and the copy of the receipt be returned to the customer.

      All security tips at a glance: Information sheet: Guidance for the acceptance of credit cards


      With the help of the security features of the various card organisations, you can quickly and easily differentiate between real and counterfeit credit cards. What you should look for with each of the credit cards can be found here:

      For orders with delivery addresses in foreign countries, it is important to take particular care. Carefully consider whether you can trust credit card payments from the following countries:

        • Africa: In particular Côte d’Ivoire, Nigeria, Ghana, Egypt
        • Asia: Indonesia, India, the Philippines, Malaysia, Singapore
        • Eastern Europe: Romania, Bulgaria, Lithuania, Kazakhstan, Ukraine, the Balkan countries, Hungary
        • Western Europe: Great Britain (especially the London area), the Netherlands (especially Amsterdam, Rotterdam and Hakfort)
        • The Americas: United States

        Please note: We expressly point out that, in accordance with our terms and conditions for card acceptance and the terms of settlement of our General Terms and Conditions, delivery is only permitted to certain countries.

        We make online and mail-order sales secure

        Security is an important topic – especially online. Together with the card organisations, we rely on certain measures that make secure sales in online and mail-order business possible for you:

        Card security code

        So that no one can use stolen credit card numbers for purchases, credit cards feature a card security code. This three- or four-digit number is usually located in the signature field on the back of the card; American Express cards have it on the front. The special thing about this number is that is cannot be found on the magnetic strip or payment receipts and can only be read by someone who is actually holding the card in their hand. For payments made without presentation of the physical card, the cardholder is therefore asked to provide the card security code – for their own security.

        3D Secure

        During the 3D Secure security procedure of MasterCard and VISA, the customer identifies themself as the rightful cardholder with an additional personal password. Another advantage of this procedure is that, if your customer’s card is not equipped with 3D Secure, any chargebacks due to abuse or fraud are at the expense of the card issuer. However, anonymous prepaid cards (VISA) in general and company cards (MasterCard) within the United States and Canada (cardholders and merchants in this region) are excluded from the reversal of liability.

        Take action before anything happens –
        the early-warning system from Concardis

        Especially with online sales, hotel reservations and mail-order sales, the customer is not in front of you to present their card, so you are not able to check certain security features.

        That is why you have Concardis. We run background analysis for peculiarities while the payment is being processed. Should anything peculiar pop up, we alert you immediately via email or fax – free of charge. Each and every day of the year. Round the clock. And what happens next? You can then check the order and shipment information or, for your security, get our security service involved. In this way, we can act in concert before any damage has even been done.