Certain features of this site make use of javascript. For maximum benefit it is strongly advised that you switch on javascript before continuing.

PublicTechnology.net

Written by Rebecca Hill on 3 August 2016 in News

News

The government has announced that its payment system GOV.UK Pay is compliant with the Payment Card Industry Data Security Standard.

if(typeof _gaq!='undefined')_gaq.push(['_trackEvent','Image','Impression','A picture of a ticked box',1,true]);

Ticking the right boxes: GOV.UK has been approved by the PCI - Photo credit: Flickr, Oliver Tacke

The approval means that the system can be used to process credit and debit card payments on behalf of other government departments and other public sector bodies, with no limit on the number of payments that can be processed.

Detailing the approval, GOV.UK Pay product managers Till Wirth and Rory Smith said that many of the processes required in the standard are already part of the work done in the Government Digital Service.

“In some cases we’ve gone further than PCI requirements,” they wrote in a blogpost. “For example, we’ve encrypted all data within our networks and environments, not just data we send or receive from other parties.”

Related content

GDS seeks £100k a year Government-as-a-Platform chief
The Commercial Imperative

The post also said that the team had worked with the information security arm of GCHQ, CESG, to ensure that its security was right – this goes beyond the standard security requirement, it said.

The team release a new code to GOV.UK Pay – one of the GDS’ flagship Government as a Platform programmes – a couple of times a day, which is small enough to allow those working on it to understand the impact and security implications of the new release.

“Making frequent changes also means we have the experience and tools available to fix any newly identified security vulnerabilities quickly,” the post said.

The GOV.UK Pay systems also logs everything that happens on the platform, which alerts the team of any unexpected events to detect attacks and help develop new features.

However, Wirth and Smith add that having more processes doesn’t necessarily lead to a more secure system, saying that the team is working to ensure there is “just enough process” involved.

The post said that it would like to hear from people in government that want to use GOV.UK Pay.

Tags

Share this page

if(typeof _gaq!='undefined')_gaq.push(['_trackEvent','Image','Impression','Printer-friendly version',1,true]);

Printer-friendly version

Tags

CONTRIBUTIONS FROM READERS

Please login to post a comment or register for a free account.

Related Articles

if(typeof _gaq!='undefined')_gaq.push(['_trackEvent','Image','Impression','Digital fingerprint identity concept',1,true]);

Digital-identity policy function shifted from GDS to DCMS

13 June 2018

Move follows the earlier transfer of data policymakers

if(typeof _gaq!='undefined')_gaq.push(['_trackEvent','Image','Impression','Mario and Luigi',1,true]);

MHCLG digital chief: ‘I want us to be proud plumbers’

24 May 2018

Paul Maltby claims councils must first renew ageing infrastructure before realising the benefits of machine learning and automation

if(typeof _gaq!='undefined')_gaq.push(['_trackEvent','Image','Impression','Home Office logo',1,true]);

Home Office to revamp communications infrastructure

14 May 2018

Department issues contract notice seeking external supplier for two-year contract to install unified communications environment

if(typeof _gaq!='undefined')_gaq.push(['_trackEvent','Image','Impression','The Royal Courts of Justice, London',1,true]);

High court gives government six months to amend data-retention law

27 April 2018

Both the government and human rights group Liberty claim victory after judges agree that the so-called snoopers' charter is incompatible with EU legislation

Related Sponsored Articles

if(typeof _gaq!='undefined')_gaq.push(['_trackEvent','Image','Impression','Struggling to sleep article image',1,true]);

Struggling to sleep? This app will read out GDPR legislation to aid your slumber

12 June 2018

Calm has turned a section of the 57,509-word EU document into a sleep-inducing audio book

if(typeof _gaq!='undefined')_gaq.push(['_trackEvent','Image','Impression','A picture of 5 minutes with an ethical hacker',1,true]);

5 minutes with an ethical hacker

4 June 2018

BT's Konstantinos Karagiannis explains ethical hacking and why it's important to exploit vulnerabilities

if(typeof _gaq!='undefined')_gaq.push(['_trackEvent','Image','Impression','Small firms still unprepared as GDPR comes into force',1,true]);

Small firms still unprepared as GDPR comes into force, business group warns

29 May 2018

The Federation for Small Businesses has urged regulators be patient as firms try to comply with the General Data Protection Regulation

if(typeof _gaq!='undefined')_gaq.push(['_trackEvent','Image','Impression','What changes will GDPR bring? Your questions answered',1,true]);

What changes will GDPR bring? Your questions answered

22 May 2018

BT answers some common questions on the new data privacy laws that come into force on Friday

Daily news bulletins

Sign up for our free daily news bulletin, and get the all biggest news stories – as well as features, analysis, and in-depth interviews – sent direct to your inbox every lunchtime: Sign up now

Latest articles

if(typeof _gaq!='undefined')_gaq.push(['_trackEvent','Image','Impression','Liam Maxwell',1,true]);

Liam Maxwell: ‘Transformation is nothing to do with tech – it is about a change of business model’

Government's national technology adviser discusses why getting digital reforms through the machinery of government may require some help from Jason Bourne

if(typeof _gaq!='undefined')_gaq.push(['_trackEvent','Image','Impression','Job centre',1,true]);

No way of determining value or efficacy of Universal Credit – but DWP has ‘no practical alternative’ but to press on, NAO concludes

Auditors acknowledge some progress has been made in the last five years and department insists programme is providing value

if(typeof _gaq!='undefined')_gaq.push(['_trackEvent','Image','Impression',' HP workstation old computer',1,true]);

Online legal aid eligibility checker still runs only on Internet Explorer

No current plans to update service that only works consistently on long-retired browser that cannot be downloaded onto Android and Apple products

if(typeof _gaq!='undefined')_gaq.push(['_trackEvent','Image','Impression','Underground sign',1,true]);

Transport for London BYOD scheme accredits more than 3,500 staff devices

Report from Parliament Street think tank shows explosion in number of smartphones and tablets registered as part of programme

if(typeof _gaq!='undefined')_gaq.push(['_trackEvent','Image','Impression',' Electronic tag fitted to someone's ankle',1,true]);

Government to implement £70m satellite tracking system for immigration offenders

Home Office seeks software and hardware platform for monitoring those being prosecuted for immigration offences

if(typeof _gaq!='undefined')_gaq.push(['_trackEvent','Image','Impression',' Map of British Isles from an old globe',1,true]);

Ordnance Survey opens up MasterMap data to boost UK tech sector

More data likely to be made available under government licence in due course

Latest Sponsored Content

if(typeof _gaq!='undefined')_gaq.push(['_trackEvent','Image','Impression','A clutch of cables connected to a piece of computer equipment',1,true]);

Sophos webinar - Connecting endpoint and network for better protection

White Papers

if(typeof _gaq!='undefined')_gaq.push(['_trackEvent','Image','Impression','The commercial imperative',1,true]);

The Commercial Imperative

14 July 2016

This Civica report looks closely at how reduced central government funding has driven local government senior management teams to adopt commercial strategies and to identify alternative...

Find out more in our Partner Zones

if(typeof _gaq!='undefined')_gaq.push(['_trackEvent','Image','Impression','BT logo',1,true]);

Read more in the BluePrint for the Future Partner Zone

Follow Us On Twitter

Tweets by @PublicTech