The Yoco Card Machines are PCI compliant and adhere to EMV certification.

The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organisations that handle branded credit cards from the major card schemes including Visa, MasterCard, American Express, Discover, and JCB.

Find out more here.

EMVCo exists to facilitate worldwide interoperability and acceptance of secure payment transactions. It accomplishes this by managing and evolving the EMV® Specifications and related testing processes. This includes, but is not limited to, card and terminal evaluation, security evaluation, and management of interoperability issues. Today there are EMV Specifications based on contact chip, contactless chip, common payment application (CPA), card personalisation, and tokenisation.

This work is overseen by EMVCo’s six-member organisations—American Express, Discover, JCB, MasterCard, UnionPay, and Visa—and supported by dozens of banks, merchants, processors, vendors and other industry stakeholders who participate as EMVCo Associates.
​
Find out more here.

For Yoco, transaction monitoring is a key part of the regulated AML (Anti-Money Laundering) process. It’s a legal requirement that forces financial institutions to monitor the flow of money.

Money laundering involves taking criminal proceeds and disguising their origins to appear legitimate. Anti-money laundering (AML) refers to the measures financial institutions (like Yoco) take to comply with regulations, and to actively monitor for and report suspicious activities.

Money laundering often accompanies activities like smuggling, illegal arms sales, embezzlement, insider trading, bribery and computer fraud schemes. It’s also common with organised crime including human, arms or drug trafficking. Anti-money laundering is also closely related to counter-financing of terrorism (CFT).

We are committed to taking steps to protect your privacy when you use our App and implementing business practices that comply with all relevant legislation, including the Protection of Personal Information Act 4 of 2013 "POPIA".

We generally collect, store and use the following information: your first name(s), surname, address, phone numbers, e-mail address, IP address or cookie information, location information, demographic information including your age and gender, health-related information, information from your browser including your hardware model, operating system version, unique device identifiers and any other information which we reasonably need to perform our obligations in terms of the agreement with you when you purchase or use our services. When you use our services, we also record the details of your transactions.

We retain information in accordance with the required retention periods by law or for legitimate business purposes. We will only retain your information for the purposes explicitly set out in this policy. We may keep information indefinitely in a de-identified format for statistical purposes. Our privacy policy also applies when we retain your information.

We want to ensure that your information is accurate and up to date. You may ask us to correct or remove any information that you think is inaccurate, by sending an email to [email protected]