Global Security Standards
Safeguarding Every Payment

MyCard is certified to ISO/IEC 27001:2022, the international standard for Information Security Management Systems. Our certification covers the development, testing, operation, and maintenance of our digital content top-up platform — protecting every transaction through a systematic, audited approach.

Explore Our Certification Scope
CERTIFIED
ISO
27001
SECURITY MGMT
2026 · VALID
01 · About the Certification

MyCardISO 27001:2022 How MyCard ImplementsISO 27001

ISO/IEC 27001 is the globally recognized international standard for Information Security Management Systems (ISMS), published by the International Organization for Standardization. It requires organizations to identify, assess, and continuously manage information security risks in a systematic way — safeguarding the confidentiality, integrity, and availability of data.

Transaction Data Protection
END-TO-END ENCRYPTION
Player top-ups and transaction data encrypted at every stage.
Always-On Service
SYSTEM RESILIENCE
Continuous operations engineered to keep service uninterrupted.
Independently Audited
AUDIT TRANSPARENCY
Regular third-party audits verify that our controls are working.
02 · Certification Scope

Digital Content Service Platform Our digital content top-up platform and the critical security infrastructure behind it

Cloud Services & Network Security
01
Digital Content Top-Up Platform
The core platform powering player top-ups and in-game point transactions.
02
Platform Development & Testing
Software development, version control, testing, and quality assurance across the platform.
03
System Operations & Maintenance
Day-to-day operations, monitoring, incident response, and ongoing maintenance of live services.
04
Cloud Service Applications
Cloud infrastructure deployment, access management, and data protection controls.
05
Network Security Management
Network hardening, intrusion detection, firewalls, and access control policies.
06
Physical Data Centers
Facility environment management, access control, power redundancy, and disaster recovery.
03 · End-to-End Transaction Security

Four Security Services Aligned with ISO 27001 Technical Controls Four Security Services
Aligned with ISO 27001 Technical Controls

From transaction monitoring to identity verification, from dispute handling to risk strategy — end-to-end protection for every payment.

01
24/7 Intelligent Monitoring
Continuous transaction monitoring detects fraud, unauthorized charges, and suspicious activity in real time — with immediate response built in.
02
FIDO Passwordless Authentication
As Taiwan's first gaming operator to adopt the FIDO standard, we bring next-generation authentication to player accounts.
03
Member Protection Framework
Our Member Terms and Personal Data & Privacy Protection Policy clearly govern how data is collected and used, and protect every member's right to access, correct, and delete their information.
04
Anti-Fraud Education & Systems
Seven dedicated anti-fraud monitoring systems combine automated alerts, human review, and real-time response — backed by ongoing user education to help members recognize and avoid scams.