We work on the HTTPS protocol, which encrypts payment data, and every year we pass security checks according to the Visa and Mastercard (PCI DSS) standards.
The connection between the store and Yandex.Case is based on the HTTPS security protocol: the data of your store and customers are transmitted to our server in encrypted form. Information that goes back is also protected by a cipher.
To use the HTTPS protocol, your site needs an SSL security certificate. Any suitable: self-signed or issued by a certification authority.
PCI DSS standard
To work with the cards, you need to get a certificate of compliance PCI DSS. This is an international security standard for card payments: it includes 12 requirements that are developed by Visa, Mastercard and other payment systems. The PCI DSS certificate is issued on the basis of an audit: Yandex.Money gets it every year.
If you accept payments through Yandex.Cash, you do not need a certificate: everything is already protected.