Covid-19 Notice

Semafone is closely monitoring the global impact of the coronavirus and is taking all precautionary measures to protect our staff and to maintain operations. Read More

There is currently no impact on our business, and we have robust contingency plans in place to ensure the safety of our employees and continuity of our operations for all our customers should the virus spread at an increased rate. If you have any questions, please contact us at [email protected].

We have issued country specific guidance on travel to all employees and are monitoring threat levels and reissuing guidance accordingly. Our employees are fully equipped to work from home in all of our geographical locations and we will be keeping home working as the norm until risk levels have significantly declined.



We’re proud to lead the secure payments industry and have a robust set of credentials to back it up. As a testament to our commitment to security,  we comply with many of the world’s most stringent and respected security frameworks.

Learn more about them below.



The Payment Application Data Security Standard or PA-DSS is a software certification framework maintained by the PCI Security Standards Council (PCI SSC) to assess the security of payment software and ensure its compliance with the PCI DSS.  The certification process includes stringent penetration testing and procedures, controls, and more – ensuring Semafone solutions provide the highest level of customer data protection.



PCI DSS Level 1 Service Provider

Semafone has been a PCI DSS Level 1 Service Provider for over seven years. Our powerful PCI DSS compliant payment platform is audited and certificated by Qualified Security Assessors (QSAs), and trusted by many of the world’s leading brands and organizations, located in more than 25 countries, across five continents.


The international standard for information security certification that customers look to for assurance that a vendor can be trusted with customer data. ISO27001 takes a best practice approach to information security by addressing people, processes and technology. Having held the ISO27001 certification for more than six years, Semafone has consistently maintained this industry seal of approval.

Visa Global Registry of Service Providers

Visa maintains a global registry of approved, PCI DSS compliant service providers and recommend that merchants only use service providers that are listed on the Registry for outsourcing their payment-related services. Semafone has maintained Level 1 Visa Merchant Agent status for many years, which requires submitting a report on compliance (RoC) to Visa, who then conduct a vigilant audit to ensure continuous service provider compliance.


Mastercard SDP Compliant Service Provider

To become a recognized Mastercard SDP Compliant Service Provider, Semafone has met a rigorous set of criteria, including demonstrating PCI DSS compliance by working with QSAs to pass the PCI DSS RoC assessment and submitting a signed Attestation of Compliance (AOC).

UK Cyber Essentials

Cyber Essentials is a cybersecurity scheme backed by the UK Government to helps organizations guard against the most common types of cyber threats. This self-assessment certification provides protection against a wide variety of the most common cyber-attacks.