XPP’s Vayapay and Ginger products are fully certified as Level 1 service providers under the Payment Card Industry Data Security Standard (PCI DSS) v4.0.1. To uphold this certification, we undergo an annual external audit by a Qualified Security Assessor (QSA), ensuring our payment processing environment meets the highest security standards. To request a copy of our Attestation of Compliance (AoC), please reach out to the security team:
security@xpp.nlXPP is
ISO 27001:2022 certified, an internationally recognised standard for
information security management. This certification affirms our dedication to identifying, implementing, maintaining, and continuously improving security measures to
effectively manage risks. Our
Information Security Management System (ISMS) covers the
development, support, and operations of our
Software-as-a-Service (SaaS) payment products, ensuring a secure foundation for our services.
Certificate_K-0221143-1_ISO 27001_2022 _RVA _EN-GB_Web_Ximedes Payment Products B.V..pdf
To align fully with ISO 27001 requirements, we implement a
comprehensive Statement of Applicability, outlining the security controls and risk management measures we have in place.
Statement of Applicability ISO-27001_2022.pdf
By adhering to these industry-leading standards, XPP demonstrates its unwavering commitment to
security, reliability, and regulatory compliance, ensuring the highest level of protection for our customers and partners.
