Viva Payments Greece

VIVA PAYMENTS SERVICE

About Viva Payments Services
The company Viva Payments Services S.A. was established in December 2010. As a Payment Institution, it operates under an official license from the Bank of Greece. It is 100% owned by Realize S.A.  a company active in the Internet sector since 2000, specializing in the design and development of banking applications.

Viva offers a range of innovative payment services to businesses and professionals, providing top-notch security, flexibility, and continuous support.

Security

Recognizing the importance of electronic transaction security, Viva has taken all necessary measures to offer payment services with the highest possible security.

PCI-DSS

In today’s environment, transaction security is of critical importance for businesses and organizations. As a Payment Institution, Viva follows all PCI DSS procedures to:

  • Protect customers' personal data.
  • Enhance customer trust with a higher level of data security.
  • Shield customers from financial losses and "remedial" costs.
  • Maintain trust and protect the reputation of its customers' names.

To meet these requirements, Viva has received PCI-DSS certification and implements the prescribed security policies, which are continuously evaluated by certified security auditors.

Viva does not store customers' credit card data in its systems. All data is transmitted encrypted to partner banks. Customers’ personal and confidential data are stored only in encrypted form in Viva’s systems, without direct Internet access.

Data Confidentiality Assurance

To ensure data transfer confidentiality, Viva uses EV SSL-128bit encryption protocol. This system was implemented in collaboration with Thawte, a company specializing in transaction security.

Controlled Access

Access to Viva's systems is controlled by firewalls, which allow specific services for customers/visitors while prohibiting access to confidential systems and databases. For maximum data protection, as required by PCI-DSS standards, Viva uses advanced systems to detect malicious attacks (Intrusion Detection and Denial of Service Protection Systems).

Viva hosts its infrastructure in a certified PCI-DSS data center managed by Rackspace (Level 1 Certified Services Provider) in the UK. The data center is monitored 24/7, and only authorized personnel have access to server storage areas. Obrela Security Industries monitors Viva's hosting infrastructure and external threats 24/7. Security patches are applied immediately upon detecting potential threats. All systems follow a strict hardening process in compliance with PCI-DSS standards.

Encryption

From the beginning to the end of your online session, all information and personal details are encrypted using 128-bit encryption protocol (Secure Sockets Layer - SSL).

Encryption encodes information until it reaches the designated recipient, who can decode it using the appropriate key.

When you pay through Viva, all communication between your computer and Viva’s systems is encrypted using a 128-bit EV key from Thawte, the most recognized provider of cryptographic keys for banking services.

Your browser encrypts all information with the 128-bit key before sending it to Viva’s system. Viva’s system decrypts the information received using the same key (established at the start of the session) before processing it. The same encryption process is followed when Viva’s systems send information back to you.

Transaction Confidentiality

Viva Payments Services is a Payment Institution licensed by the Bank of Greece. The same principles governing traditional banking transactions apply to Viva. All information transmitted by cardholders to Viva is confidential.

In compliance with PCI-DSS certification, Viva has implemented all necessary measures to ensure this information is used only to the extent required for providing its services.

Personal Data

Respecting personal data, Viva keeps your personal information on a secure central server. According to Law 2472/1997 on "Protection of individuals with regard to the processing of personal data," all personal data of Viva employees, associates, customers, and suppliers, obtained through professional or transactional relationships, is recorded in a data file. This data may be transmitted within Greece or abroad, provided that its storage and transmission comply with the company's business purposes and the Law:

ChViva Payments Services S.A. was established in December 2010. As a licensed Payment Institution authorized by the Bank of Greece, the company is committed to providing reliable, innovative payment solutions. Viva Payments is a subsidiary of Realize S.A. (

Security Standards

Viva Payments places the highest priority on the security of its electronic transactions, adopting the latest technologies and procedures to guarantee customer data protection and service reliability.

PCI-DSS Compliance

Viva Payments complies with the Payment Card Industry Data Security Standard (PCI-DSS) to provide the following benefits:

  • Customer Data Protection: Ensures the confidentiality and integrity of customer information.
  • Increased Trust: Builds confidence among customers by adhering to advanced data protection standards.
  • Risk Mitigation: Reduces the risk of financial losses and potential remediation expenses.
  • Reputation Protection: Maintains and enhances the trustworthiness of customers’ brands and businesses.

As a PCI-DSS-certified company, Viva implements strict security policies audited regularly by accredited security professionals.

Confidentiality and Data Security

Encryption

To ensure secure data transfer, Viva Payments employs 128-bit EV SSL encryption protocols. This technology guarantees that all personal and payment information is securely encrypted from the moment a customer connects to the system until the transaction is completed. Viva collaborates with Thawte, a trusted authority in cryptographic key solutions, to maintain this high standard.

Controlled Access

Access to Viva’s systems is tightly controlled through advanced firewalls that limit system exposure to only the necessary services for customers. Unauthorized access to sensitive data and systems is strictly prohibited.
Key security measures include:

  • Use of Intrusion Detection Systems (IDS) to monitor unauthorized access attempts.
  • Deployment of Denial of Service (DoS) Protection Systems to prevent attacks.
  • Hosting infrastructure at a certified PCI-DSS data center by Rackspace, ensuring robust physical and virtual security protocols.

Physical Security

The data center, located in the UK, operates under 24/7 surveillance. Only authorized personnel can access the server areas, and all systems are protected against malicious threats, with real-time monitoring by Obrela Security Industries. Security patches are applied promptly to safeguard data integrity and continuity.

Data Confidentiality

Viva adheres to strict confidentiality principles, similar to those governing traditional banking systems. Customer data is handled with utmost care, ensuring it is only accessed or processed for legitimate business purposes.

  • Viva does not store customers' credit card data on its systems. Instead, all information is securely transmitted to partner banks in encrypted form.
  • Personal customer data is stored in encrypted format within Viva’s systems, with no direct internet connectivity to these records.

Encryption Technology

All data exchanged between the customer and Viva Payments systems undergoes encryption using 128-bit EV SSL encryption keys, ensuring secure communication. This process encodes sensitive information during transmission and decodes it only at the recipient's end using a predefined cryptographic key.

For every online session, the customer’s browser encrypts data before transmitting it, and Viva’s systems decrypt and process the data securely. This bidirectional encryption ensures complete confidentiality and data integrity throughout the transaction.

Compliance with Greek Law on Personal Data

In accordance with Greek Law 2472/1997, Viva Payments respects and protects personal data. All personal data collected from employees, partners, customers, and suppliers is securely stored and processed only for legitimate business purposes. Viva ensures compliance with national and international data protection regulations, both for domestic and cross-border data transfers.

Viva Payments continues to set the standard in secure, innovative, and user-friendly payment solutions, prioritizing the safety and satisfaction of its clients.

Product added to wishlist