NCBA Becomes Kenya’s First Bank to Attain PCI DSS Certification, Advancing Its Digital Security Journey
NCBA has announced the successful completion of its Payment Card Industry Data Security Standard (PCI DSS) certification, reinforcing its leadership in secure banking across Kenya and the region.
NCBA is the first financial institution in Kenya to achieve PCI DSS Version 4.0.1 certification on both NCBA Bank and Loop Cards, according to VISA’s registry. This milestone comes at a critical time as the Central Bank of Kenya (CBK) prepares to roll out e-money and digital wallet compensation guidelines to better protect consumers from fraud.
The Communications Authority of Kenya reports that over 400 million attempted cyberattacks targeted the country last year, with the financial services sector being among the hardest hit. Globally, cybercrime is projected to cost USD 10.5 trillion by 2025.
Against this backdrop, NCBA’s certification reinforces its role in safeguarding transactions and strengthening trust in Kenya’s digital economy.
“Banking is a business of trust, and we are aware that risk is continuously increasing. This certification strengthens our security framework, ensuring NCBA remains compliant with global standards and proactive in defending against threats,” said Isaac Owilla, NCBA Group Director, Technology and Operations. “Achieving PCI DSS certification affirms that our digital-first platform can scale securely, supporting the growth of digital payments and lifestyle services without compromising safety.”
The certification was awarded after a comprehensive assessment of NCBA’s systems, policies, and processes, confirming the bank’s compliance with international standards for protecting cardholder data. This achievement places NCBA among a select group of financial institutions in the region that meet these rigorous requirements.
Preston Odera, Country Representative for Afenoid Enterprise Limited, NCBA’s Qualified Assessor Company, said, “We are proud to celebrate this remarkable achievement with NCBA. It reflects their commitment to protecting customer trust and embedding security as part of their culture. NCBA has demonstrated that security is not an afterthought but a core part of how they operate.”
Through this certification, NCBA strengthens its ability to support the expanding digital economy while giving customers, regulators, and business partners greater confidence in its systems.
Basil Kithinji, Visa Director, Risk East Africa, added, “Visa East Africa is proud to partner with NCBA in delivering secure and seamless transactions. This milestone underscores NCBA’s commitment to security and trust in an ever-evolving digital world. Achieving PCI DSS certification not only meets global standards but also sets new benchmarks for the industry.”
Follow us on Twitter and Facebook for more updates.
