Every payment you take with Yoco runs on infrastructure built to meet the strictest security standards in the industry. Here's how we approach card payment security, transaction monitoring, and the protection of your personal data.
Card payment security standards
PCI Compliance
The Payment Card Industry Data Security Standard (PCI DSS) sets the security rules for any business that handles branded credit cards, including Visa, Mastercard, American Express, Discover, and JCB. Find out more at the PCI Security Standards Council.
EMV Certification
EMVCo manages and evolves the global standards that keep card payments secure. This covers contact chip, contactless, common payment application (CPA), card personalisation, and tokenisation, as well as card and terminal evaluation, security evaluation, and interoperability.
EMVCo is overseen by six member organisations: American Express, Discover, JCB, Mastercard, UnionPay, and Visa. It's also supported by banks, merchants, processors, vendors, and other industry stakeholders. Find out more at EMVCo.
✨ How these standards apply to Yoco
All Yoco card machines are PCI compliant and EMV certified.
All data is encrypted in the card machine.
Yoco card machines are tamper proof. If someone tries to tamper with one, the chipboard fries and the machine stops working.
Financial security measures
Transaction monitoring at Yoco
Transaction monitoring is a legal requirement for financial institutions like Yoco. It's a key part of the regulated Anti-Money Laundering (AML) process, which refers to the steps financial institutions take to detect, monitor, and report suspicious activity. As a regulated financial institution, we're required to monitor the flow of money through our platform.
Why transaction monitoring matters
Money laundering is the process of disguising criminal proceeds to make them look legitimate. It often goes hand in hand with smuggling, illegal arms sales, embezzlement, insider trading, bribery, computer fraud, and organised crime including human, arms, and drug trafficking. It's also closely linked to the financing of terrorism.
Data protection
We take your privacy seriously
When you use the Yoco App, we follow the Protection of Personal Information Act 4 of 2013 (POPIA) and all other relevant legislation. That's not a box we tick once. It shapes how we collect, store, and use your information every day.
What we collect
We collect and store your first name, surname, address, phone number, and email address. We also collect technical information such as your IP address, device identifiers, operating system version, and browser data. Where relevant, we may collect location information, demographic information including your age and gender, and health-related information. When you take payments or use our services, we also record your transaction details.
Why we collect it
Your information lets us do the following:
Enter into and fulfil our agreement with you, including letting you accept payments securely and in line with applicable regulations
Run your POS set-up
Respond to your requests for information, products, or services
Personalise the content you see
Tell you about relevant offers
Report internally and improve our products
Any other purpose you give your permission for, or where the law requires or allows it
How long we keep it
We keep your information for as long as the law requires, or for as long as we have a legitimate business reason to hold it. We only hold your information for the purposes set out in this policy. In some cases, we may keep anonymised, de-identified data indefinitely for statistical purposes. This policy applies to that data too.
Keeping your information accurate
Your information should be correct and up to date. If anything looks wrong, email us at [email protected] and we'll sort it out.
Need more help?
Start a conversation with a Yoco Support consultant via our in-app chat.

