Minna's services are based on a Platform-as-a-solution (PaaS) from Google which is certified by independent third party auditors and assessors to various security standards including ISO27001, ISO27017, ISO27018, PCI DSS v 3.2.1 and SSAE18 - SOC 3 AICPA Trust Service Criteria. Additional information can be found at Google's compliance report manager.
Minna holds an Account Information Service Provider (AISP) and a Payment Initiation Service Provider (PISP) license from Swedish FSA applied for the EU. We also maintain a PCI DSS service provider level 1 certification with yearly assessments.
Our products and platform are tested and reviewed for security, through e.g. third-party penetration testing, multiple times yearly.
All our personnel have periodic training covering information security awareness, cyber-security awareness, data privacy and regulatory requirements related to our licenses.
Our development and release process include industry standard security controls and our developers complete periodic training for secure coding practices.
Updated 10 months ago