With more than 12 years' experience in the payment systems sector, PayMet's tools are a simple, flexible and secure way to add significant value to the payment and loyalty processes.

What we can do for your company

Our Expertise

  • Create payment and loyalty profiles securely.
  • Manage recurring, differed and partial payments or payments from various cards held by one person.
  • Create and manage wallets.
  • Create managers with user information offering significant added value for companies (CRM, consumption statistics) in real time.
  • Manage and send push payment notifications and reports straight to the user's devices.

We also manage loyalty programmes on behalf of third party brands enabling users to earn and redeem points in any business or system.

Our platform works with programmes like Cespa's Porque Tu Vuelves, Carrefour, Movistar, LĂ­nea Directa's Suma, etc.

  • Security

    We are experts in financial security. We protect our clients' data in the most secure way possible.

  • OnePass

    Your customers will be able to make transactions quickly and easily from any device with a single click.

  • PCI - DSS

    To store your clients' card data so they can make payments at a click you must comply with the PCI-DSS. PayMet complies with the standard for your company.

  • Not middleman

    We are not financial middlemen, the funds from transactions never go through our accounts. We never hold any third party funds.


Give your customers the highest possible levels of security without worrying about how difficult it is to manage.

PayMet fulfils all of the industry standard practices to protect your clients, your data and your business.

PayMet's network and servers are located in a secure facility and are monitored by our security personnel at all times.

PayMet's Software has been developed using industry standards and the best security practices.

PayMet uses various data centres at geographically separate locations.

PayMet's employees always act in accordance with the company's control policies, which have been designed to protect data security.

Physical and network security

Sensitive data are encrypted using industry standard methods when stored on hard disc or transmitted over public networks.

Data transfers are only made if the standard and all of the cryptographic and message format protocols are fulfilled (such as SSL and PGP).

At least 256 bits of longitude are required for the symmetric encryption keys. The asymmetric keys must feature at least 2048 bits of longitude.

All security updates and patches are efficiently installed on servers and equipment by daily updates.

The full security configuration of applications and devices is adjusted to guarantee the highest levels of protection.

The PayMet website and API are accessible via 256-bits, with SSL extended validation certificates issued by prestigious international CAs.

Security of the web and client applications

No card numbers or security codes are stored on PayMet clients' devices. In fact, they are never sent in the communications between mobile devices and the payments processing centre.

All applications developed 'In Home' are subject to strict quality controls and security reviews.

The industry's standard web development follows secure codification guidelines, such as those recommended by OWASP.

The PCI Data Security Standard (PCI-DSS), Level 1 is applied to all card processing on the PayMet application. Organisation security

Data encryption

All card details are stored using one of the most advanced encryption methods available.

We use multiple encryption keys which are stored on different physical servers. No data thief would be able to use any information stolen from a database without also getting hold of the key.

It is impossible to connect via the internet to the location where clients' card details are kept

All communication between companies and PayMet is carried out securely using SSL.

Security of the facility

Access to sensitive data, including application data and cryptographic keys, is on a strict need-to-know basis.

Multiple factors are applied for authentication in PayMet, including login, biometrics, keys, etc.

The full range of authentication controls are required to access our clients' manager administrative systems.

All of the security systems and processes are checked regularly by qualified personnel, in-house teams and external auditors.

All access to secure services and data is strictly controlled and the audit records are reviewed regularly.

Our security policies and procedures are carefully documented and reviewed regularly.

PayMet has detailed plans to respond to potential incidents thus guaranteeing data is protected appropriately in an emergency.

Research and dissemination

PayMet recognises and appreciates the significant contributions that our users and the security community can make to research.

We wish to support responsible reporting and whistle blowing If you think you have discovered a problem with our services, please contact us through support@paymet.com.

This does not constitute an invitation to test the security of our service without authorisation. If you have any questions in this regard or doubts regarding the suitability of tests, please contact us through support@paymet.com before proceeding.

OnePass Payments

It couldn't be easier for your customers to make payments, whether in your physical or online store.

If the purchasing process is easy and intuitive, the consumer will come back time and again.

PayMet's service features a debit and credit card tokenisation system allowing users' card details to be stored securely once they have registered with your business and given their consent.

After they make their first purchase, users are offered the chance to save the data keyed in during payment as part of their customer record. The card details are only authenticated once, during the initial purchase and, if the user accepts PayMet's terms and conditions, they can then make purchases with just one click. All they need is their email and PassCode.

This system, which can be used for any debit or credit card on the market, is compatible with the 3DSecure banking security standards, which eliminates fraud from card transactions.

The OnePass payment is one of the market's most in demand functions. It significantly simplifies the purchase process, increasing sales in your online business.

If users view the purchase process as easy and intuitive, whether in a shop or on a website, they are more likely to come back in the future. Users make significant time savings with this new method.

You can rest assured that OnePass payments by PayMet are highly secure and well-received by users.


Meeting the requirements of the PCI-DSS is no easy task. PayMet already complies with this standard for you.

It is essential to have a service provider that meets PCI-DSS procedures

PayMet is a PCI-DSS provider validated for Levels of Service 1 and 2.

We comply fully with the PCI-Security Standards Council regulation ensuring that the card payment and tokenisation procedures are 100% secure.

This tool, which can be used for any debit or credit card on the market, is compatible with the 3DSecure banking security standard, which eliminates fraud from card transactions.

The PCI Security Standards Council offers robust and comprehensive standards and support materials to improve the data security for payment cards. These materials include a framework for specifications, tools, support measures and resources to help organisations ensure they handle cardholders' data securely every step of the way. The cornerstone of the system is the PCI Data Security Standard (PCI-DSS). It puts in place a framework of specific actions to institute a robust card data security process - including prevention, detection and appropriate responses to security incidents.

Not middleman

We are not financial middlemen. We never hold any third party funds.

Transactions always go directly from the user's card to the business's account.

Our key value lies in being the bridge between businesses and customers. We never hold third party funds. Our role in transactions is to enable highly secure contact between the customer's card and the business's account so the requested payments can be made efficiently.