NCBA has become the first financial institution in Kenya to achieve Payment Card Industry Data Security Standard (PCI DSS) Version 4.0.1 certification, covering both NCBA Bank and Loop Cards. The milestone, confirmed on Visa’s registry, underscores the bank’s leadership in digital security at a time of rising cyber threats.
The Central Bank of Kenya is preparing new e-money and digital wallet compensation guidelines as the nation battles increasing cybercrime.
The Communications Authority of Kenya reports that the nation witnessed a record 400 million attempted cyber-attacks in the last year alone, targeting the financial services sector. Cybercrime is estimated to cost the world USD 10.5 trillion by the year 2025, worldwide. Against this backdrop, NCBA’s certification reinforces its leadership in securing transactions and strengthening trust in the digital economy.
“Banking is a business of trust, and risk is continuously increasing. This certification strengthens our security framework, ensuring NCBA remains compliant with global standards and proactive in defending against threats,” said Isaac Owilla, NCBA Group Director of Technology and Operations.
The certification followed a rigorous assessment of NCBA’s systems, policies, and processes, confirming compliance with international standards for safeguarding cardholder data.
Afenoid Enterprise Limited, NCBA’s Qualified Assessor Company, lauded the bank for embedding security into its culture. “NCBA has demonstrated leadership in putting trust and security of its customers first,” said Afenoid’s Country Representative, Preston Odera.
Visa East Africa also hailed the achievement, with Regional Risk Director Basil Kithinji noting that the certification highlights NCBA’s “unwavering commitment to security and trust in an ever-evolving digital world.”
By attaining PCI DSS certification, NCBA strengthens its ability to support the digital economy while providing customers, regulators, and partners with greater confidence in its systems.