Crowncity Technologies secures ISO/IEC 27001: 2013 & PCI DSS certifications


CrownCity Technologies (CCT), a fast-rising Fintech company, has secured certifications for ISO/IEC 27001:2013 and Payment Card Industry Standard (PCI DSS). The certifications further consolidate the company’s position as a market leader in providing platforms for licensed financial institutions to lend.

The ISO 27001 and PCI DSS certifications were issued by the MSECB and Digital Jewel Africa respectively.

MSECB is an accredited Management System Certification Body by the International Accreditation Service (IAS), and a leading provider of audit and certification services in the
field of information, security and privacy in the world.

Digital Jewel Africa is a qualified security assessor by the PCI DSS Security Standard

“As the risk associated with cyber-attacks and data breaches continue to increase, information security has become a critical issue for every business to help defend itself against external and internal attacks,” CrownCity Technologies’ Risk and Compliance Manager, Emmanuel Anku, said.

He added that the certifications will go a long way to provide confidence in our current and potential business partners about the security of the company’s infrastructure and operational environment.

CrownCity Technologies’ recent certifications further show the company’s commitment to harness on technology to build financial service platforms to ensure that everyone, regardless of background or economic standing, has access to affordable, seamless convenient and secured products and services to take control of their financial lives.

Mr. Anku disclosed that the company is already certified with the Ghana Data Protection Commission; and the two international certifications recently acquired will, among other things, enhance the company’s compliance to a host of laws – including the high profile general data protection regulation, commonly referred to as GDP, and the Network Information System (NIS) regulations.

The lead Software Engineer, Mohammed Bashiru, listed some of the security systems implemented in order to be ISO/IEC 27001:2013 and PCI DSS compliant. They include, but are not limited to the following: Firewalls Installations, Dedicated Antivirus, Fire Integrity Management Systems, Intrusion Detection and Prevention Systems, and Access Control Measures.

With the above, CrownCity Technologies is assuring the business community and potential investors of maximum returns on their investments and partnerships.

CCT’s products

‘NSS Exxtra’ is one of CrownCity Technologies’ products for young graduates in public institutions, where they are connected to licensed financial institutions to access loans through our lending platform.

The product allows these graduates to request loans for rent advance, business start-ups or related needs during their national service period.

In partnership with other licensed financial institutions, CrownCity Technologies is also in the process of piloting a lending product dubbed: ‘Exxtra Business’ for small and medium-sized enterprises (SMEs).

ISO/IEC 27001:2013

ISO 27001 is the leading international standard focused on information security. It sets out the specification for the adoption of an effective Information Security Management System. The certification is based on a business risk approach to established, implement, operate, monitor, review, maintain and improve information security in the company infrastructure and operational environment.


PCI DSS is a widely accepted set of policies and procedures intended to optimise the security of credit, debit and cash card transactions, and protect cardholders against misuse of their personal information.

Leave a Reply