The requirements of PCI DSS are becoming more complex - and with them the effort involved in day-to-day business. In order to ensure security, governance and certification according to PCI DSS 4.0.1, Micropayment is once again relying on a collaboration with usd AG.
As usd AG, we have been supporting the provider of secure online payments with the annual PCI DSS certification since 2010. With the transition to version 4.0 of the standard, however, it was evident early on that the usual effort would not only increase, but also result in new standards for coordination, technical evaluation and documentation.
New Version of the Standard – New Workload
PCI DSS v4.0.1 introduced a number of additional requirements, including targeted risk analyses, an extended obligation for multi-factor authentication, automated log evaluations and stricter requirements for the protection of web applications. Micropayment therefore not only faced technical questions in the audit, but also the challenge of how to implement these changes efficiently and comprehensibly without overwhelming internal processes.
Structured Support Instead of Increased Workload
In order to meet these increasing requirements in a structured manner, Micropayment decided to extend its existing collaboration with usd AG. In 2024, we took on the role of external PCI Officer - with a clear role allocation and close links to the specialist departments. The decision was based on many years of experience, well-established collaboration and the need for a permanently reliable contact person for ensuring PCI Compliance.
As an external PCI Officer, we support Micropayment with internal monitoring, verification and the coordination of security-related changes. The close integration with the processes on site noticeably relieves the team - without additional coordination effort. This reduces findings and stabilizes internal structures in the long term.
Hendrik Diederich, Senior Security Consultant, usd AG
"An Experienced Partner at Our Side"
It is particularly helpful for us to have an experienced partner at our side in usd AG, especially when it comes to the PCI DSS requirements, which are increasing every year. usd AG has a profound experience and helps us to implement the relevant requirements securely and efficiently.
Thomas Knoth, CEO, Micropayment GmbH
Next Steps: Preparation for This Year’s Certification
Following the successful support in 2024, the role of the PCI Officer will be continued. The focus is now on implementing the future-dated requirements, which have been mandatory since March 2025. The next certification is approaching and will be prepared again shortly in collaboration - with the aim of anchoring the new requirements in day-to-day operations in a structured manner.
About Micropayment GmbH
Micropayment GmbH is a full-service technical provider for online payments based in Berlin. As a PCI DSS Level 1 certified company, Micropayment primarily serves customers from the fundraising, digital products and fitness & health sectors and offers a comprehensive range of services, including the secure technical implementation, processing and analysis of various payment methods, such as credit card payments. The services are aimed at companies with high requirements in terms of security, transparency and efficiency.
