We are licensed, registered, and authorized by Bank Indonesia since 2018. This national standard defines the requirements for providing payment solutions as a payment gateway.
Midtrans registered as the electronic system provider at Indonesia Ministry of Communication and Informatics.
AES (Advanced Encryption Standard) is an encryption standard of electronic established by the U.S. National Institute of Standards and Technology.
Firstly adopted by the U.S. government and later used worldwide, AES uses an advanced algorithm to protect digital information.
The implementation of AES-256 encryption enables us to protect sensitive data from thefts and unauthorized access. We protect every single transaction with AES-256 encryption so you can transact with a peace of mind.
We hold a Payment Card Industry Data Security Standard (PCI-DSS) level 1 service provider license. Issued by PCI Security Standard Council, this license certifies that we maintain high data safety standards.
Payment security is essential, that's why we ensure that we follow the operational and technical requirements set by the council. We implement these standards to protect all transactions from data vulnerabilities.
We strictly follow security measures such as maintaining a secure network, encryption of cardholder data and strong access control measures. These are only some of the full standards. More information can be found at PCI Security Standard Council's website.
We are ISO/IEC 27001 certified. This international standard defines the requirements for establishing, executing, sustaining and continually improving an information security management system within an organization.
The certification also requires us to assess and process information security risks specific to our organization.
Fulfilling requirements of ISO 27001 enables us to protect your data and transactions both internally and externally with an international standard.