Invia PCI DSS Core-Team: „IT Infrastructure“ & Software Development “Invia Payment”
The Invia Group is a pan-European market leader in online travel distribution with 1300 employees in 16 offices across 7 countries. In 2019 more than 3 million customers travelled with Invia. The total transaction value was 1.5 billion EUR. The Invia Group operates major travel portals in Germany such as ab-in-den-urlaub.de and fluege.de.
The internal payment service provider Invia SSC Germany GmbH was successfully re-certified according to PCI DSS for the fourth time through an on-site audit performed by usd AG in close cooperation with the Invia PCI DSS Core Team.
Security as a Customer-Oriented Service
For Invia, certification according to PCI DSS goes beyond mere duty. As a customer-oriented service provider, Invia sees compliance with the strict security requirements for handling credit card data primarily as an important service for its customers.
Matthias Zobel, Information Security Officer at Invia:
“We are glad that we have a security partner at the highest level in usd AG. Year after year, this enables us to implement complex PCI DSS requirements in a pragmatic manner and at the same time to continuously increase our security level. For years, our customers have benefited from the world’s highest security standard for credit card data on all our platforms.”
Security that Exceeds Compliance
Even beyond its own certification project, Invia makes efforts to maintain the credit card security of its customers at the highest possible level. At the end of 2018, for example, Invia developed various approaches for compliance solutions for call center agents. Even during the development phase, Invia was in close contact with the PCI experts at usd AG, so that the compliance solutions could be quickly concretized and successfully audited.
Alexander Bienzeisler,Head of IT Infrastructure & Cloud Solutions at Invia:
“The continuous cooperation with usd AG allows us, as a service provider, to always offer the performance that our customers expect from us. The valuable exchange even beyond the audit ensures that our environments meet the highest compliance requirements within the framework of the PCI-DSS regulations at all times.”
Vinzent Ratermann of usd AG, who conducted the project as lead assessor:
“Due to Invia’s infrastructure, which is mainly based on open source technologies, the certification project is always a special experience even for us. Despite the aggravating circumstances caused by Covid-19, which meant that a large part of the appointments had to be held remotely, the joint project work went smoothly again this year. We would like to thank the Invia PCI DSS Core Team for the great cooperation and look forward to next year.”