Showing results for 
Search instead for 
Did you mean: 

Is the Sinch Authentication 365 solution PCI DSS Compliant?


PCI DSS applies to protecting a financial institution’s cardholder data. 

  • Our solution for the generation of tokens does not access nor maintain ANY cardholder data.
  • Authentication 365 PIN generation uses industry standard algorithms to generate PINs (for example, tokens) that can be transmitted via Push or SMS (or even voice or email).
  • Our servers are highly secured behind firewalls and not readily accessible from the Internet.
  • Tokens expire after a short time and end-users must quickly authenticate. Furthermore tokens will need to be resent to end-users should the end-user get the token wrong after a number of tries.

For more information, refer to:


PCI DSS 2.jpg


Steven Garcia, Chief Architect, Head of Product and Infrastructure Engineering