Privacy and security
Ensuring the privacy and security of you and your customers mobility and transaction data is paramount. At XXImo, as a regulated Electronic Money Institution and Visa Principal Member, we adhere to stringent laws and regulations that govern our services and platform. Our up-to-date certifications guarantee that your data is securely managed and protected within our systems.
Our platform operates on the Visa network, renowned for its security, offering several advantages while adhering to rigorous data security standards. We are proud to hold PCI-DSS certification, which sets even stricter requirements than typical ISO standards. Regular audits verify our ongoing compliance with the highest standards for secure payment transactions.
We are one of the first EU Visa card issuers to process payments entirely through the AWS Cloud. Processing payments through AWS Payment Cryptography and Visa Cloud Connect enables us to optimise and scale operations, making flexible mobility payments easily accessible to companies across Europe.
For protection against money-laundering and payment fraud, we work with HawkAI, the award-winning AML & CFT technology powered by explainable AI. Hawk's mission is to help financial institutions such as XXImo to fight financial crime more effectively and efficiently using AI to detect more suspicious activity and reduce unnecessary alerts. Hawk increases the risk coverage, helps identify more crime, and reduces false positives.
Our platform, data centres, and organisational processes meet the highest industry standards. We maintain a robust suite of certifications and are always ready to discuss these credentials. Complying with PCI-DSS—an international security standard devised by payment card companies—ensures that not only our operations but also those of our suppliers and partners meet high security expectations.
To ensure precise and secure access to our platform, we implement detailed roles and authorisations. This system allows us to tailor access and functionality to specific needs, ensuring that users only see what they need to. Each user’s access is safeguarded with individual login details and thorough logging, set up to align perfectly with your organisational preferences.