The OLB Group Announces Completion of PCI DSS 4.0 Certification for SecurePay Payment Gateway

Rhea-AI Summary

The OLB Group (NASDAQ:OLB) announced on December 3, 2025 that its SecurePay payment gateway achieved PCI DSS Version 4.0 certification, the latest payment‑security standard from the Payment Card Industry Security Standards Council.

The certification covers enhanced requirements including strengthened MFA, upgraded encryption, continuous security monitoring, entity‑specific risk analysis, and expanded e‑commerce protections, and aligns SecurePay with the compliance programs of Visa, Mastercard, American Express, Discover, and JCB.

OLB says the certification reinforces SecurePay's security posture, supports efforts to attract enterprise merchants, and advances its payment processing expansion strategy.

Positive

• PCI DSS 4.0 certification achieved for SecurePay (Dec 3, 2025)
• Full compliance with Visa, Mastercard, American Express, Discover, and JCB programs
• Upgraded controls: MFA, advanced encryption, continuous monitoring
• Stronger positioning to attract enterprise merchants requiring high security

Negative

• None.

News Market Reaction

+10.68% 2.0x vol

7 alerts

+10.68% News Effect

+4.3% Peak Tracked

-15.7% Trough Tracked

+$974K Valuation Impact

$10M Market Cap

2.0x Rel. Volume

On the day this news was published, OLB gained 10.68%, reflecting a significant positive market reaction. Argus tracked a peak move of +4.3% during that session. Argus tracked a trough of -15.7% from its starting point during tracking. Our momentum scanner triggered 7 alerts that day, indicating moderate trading interest and price volatility. This price movement added approximately $974K to the company's valuation, bringing the market cap to $10M at that time. Trading volume was elevated at 2.0x the daily average, suggesting notable buying interest.

Data tracked by StockTitan Argus on the day of publication.

Market Reality Check

Price: $0.5881 Vol: Volume 23,003 is below th...

low vol

$0.5881 Last Close

Volume Volume 23,003 is below the 20-day average of 49,950 (relative volume 0.46x) ahead of this news. low

Technical Shares trade below the 200-day MA of $1.37, with the latest price at $1.03 and well under the $2.50 52-week high.

Peers on Argus

Peers show mixed moves: FAAS down 8.3%, BNAI down 2.07%, RVYL down 1.39%, while ...

1 Down

Peers show mixed moves: FAAS down 8.3%, BNAI down 2.07%, RVYL down 1.39%, while NEHC and DTSS are up 11.46% and 12.8% respectively. With OLB flat and only DTSS flagged in momentum (down 4.26% intraday), trading appears stock-specific rather than a sector-wide reaction.

Historical Context

2 past events · Latest: Dec 03 (Positive)

Pattern 2 events

Date	Event	Sentiment	Move	Catalyst
Dec 03	Security certification	Positive	+10.7%	SecurePay payment gateway achieved PCI DSS Version 4.0 certification.
Aug 14	Listing/refile update	Positive	-8.1%	DMint S-1 refiling and planned Nasdaq listing with pro rata share distribution.

Pattern Detected

Limited history shows one positive security/listing-related update that aligned with a price gain and one spin-off/Nasdaq process update that coincided with a selloff.

Recent Company History

Over the last few months, OLB’s key disclosures focused on strategic positioning. On Aug 14, 2025, subsidiary DMint announced plans to refile its Form S-1 with updated financials and outlined a potential Nasdaq listing and pro rata share distribution; the stock fell 8.07% over 24 hours. On Dec 03, 2025, OLB highlighted SecurePay’s PCI DSS 4.0 certification, emphasizing enhanced security and enterprise ambitions, and shares rose 10.68% in the following day.

Market Pulse Summary

The stock surged +10.7% in the session following this news. A strong positive reaction aligns with p...

Analysis

The stock surged +10.7% in the session following this news. A strong positive reaction aligns with prior trading around security milestones, such as the earlier 10.68% move after the PCI DSS 4.0 news. However, filings show revenue declines and ongoing net losses, and the company highlighted substantial doubt about its ability to continue as a going concern without new capital. Traders considering sustainability would have weighed these fundamentals and prior volatility around strategic announcements.

Key Terms

pci dss, pci ssc, multi-factor authentication, mfa, +4 more

8 terms

pci dss regulatory

"achieved Payment Card Industry Data Security Standard (PCI DSS) Version 4.0 certification"

A set of security rules created by major payment card companies to protect credit and debit card data when businesses store, process, or transmit it. It matters to investors because compliance is like a strong lock on a store: businesses that follow these standards reduce the risk of costly data breaches, fines, legal trouble and customer loss, while noncompliance can lead to direct financial penalties and damage to reputation and revenue.

pci ssc regulatory

"standard established by the Payment Card Industry Security Standards Council (PCI SSC)"

Payment Card Industry Security Standards Council (PCI SSC) is the industry body that creates and maintains rules for protecting payment card data, like a rulebook that banks, retailers and service providers follow to keep cardholder information safe. Investors care because companies that handle payments must follow these standards to avoid data breaches, fines and loss of customer trust, which can materially affect revenue and reputation.

multi-factor authentication technical

"Enhanced Authentication Controls - Implementation of strengthened multi-factor authentication (MFA)"

A security method that requires users to prove their identity in two or more different ways before accessing accounts or systems, such as combining a password with a one-time code sent to a phone or a fingerprint. For investors, it reduces the risk of unauthorized access to sensitive accounts, lowers chances of fraud or data breaches, and helps protect a company’s financials and reputation—similar to needing both a key and a fingerprint to open a safe.

mfa technical

"multi-factor authentication (MFA) requirements for all access to the cardholder data"

Multi-factor authentication (MFA) is a security method that requires users to provide two or more different proofs of identity—something they know (like a password), something they have (like a phone or hardware token), or something they are (like a fingerprint)—before gaining access to an account or system. For investors, MFA acts like a second and third lock on an online brokerage or corporate portal, greatly reducing the risk of unauthorized trades, stolen personal data, account takeovers, and resulting financial loss or reputational damage.

cryptographic protocols technical

"Advanced Encryption Standards - Deployment of upgraded cryptographic protocols to protect cardholder data"

Cryptographic protocols are sets of mathematical rules and procedures that protect digital information and verify identities or transactions, like locking messages in a tamper‑proof envelope and attaching a verifiable signature. They matter to investors because they determine how securely a platform or digital asset operates, influencing user trust, regulatory risk, potential losses from hacks, operational costs, and competitive advantage — all of which can affect a company’s value and growth prospects.

cardholder data environment technical

"MFA requirements for all access to the cardholder data environment, reflecting updated mandates"

The cardholder data environment is the set of computer systems, networks and applications that store, process or transmit customers’ payment card information — like a locked room in a building where sensitive records are kept. It matters to investors because the size and security of that environment determine regulatory obligations, the cost of protecting data, and the financial and reputational risk from breaches or noncompliance with payment-security rules.

continuous security monitoring technical

"Continuous Security Monitoring - Integration of automated security monitoring and threat detection"

Continuous security monitoring is the ongoing process of watching a company’s digital systems, networks, and devices for signs of threats, weaknesses, or unusual activity so problems are spotted and fixed quickly. For investors, it matters because steady monitoring reduces the chance of costly data breaches or outages that can hurt revenue, reputation, or regulatory compliance—similar to a 24/7 alarm system that alerts owners before small issues become disasters.

card-not-present transactions technical

"addressing emerging threats in card-not-present transactions as prioritized by all participating card brands"

Card-not-present transactions occur when a payment card is used without the buyer physically handing the card to a merchant—for example, purchases made online, by phone, or by mail—where the card details are entered remotely. Investors care because these payments tend to carry higher fraud, dispute, and processing costs and often require more investment in security and fraud prevention; trends in card-not-present volume affect revenue growth, margins, and risk exposure for payment processors and retailers.

AI-generated analysis. Not financial advice.

NEW YORK, NY / ACCESS Newswire / December 3, 2025 / (NASDAQ:OLB) - The OLB Group, Inc. ("OLB" or the "Company"), a diversified FinTech company, today announced that its SecurePay payment gateway has successfully achieved Payment Card Industry Data Security Standard (PCI DSS) Version 4.0 certification, the latest and most comprehensive security standard established by the Payment Card Industry Security Standards Council (PCI SSC).

A New Era in Payment Security
PCI DSS 4.0 represents the most significant update to payment security standards in over a decade, introducing enhanced requirements designed to address evolving cyber threats and strengthen the protection of cardholder data across the global payments ecosystem. SecurePay's achievement of this certification demonstrates OLB's commitment to maintaining the highest levels of security for its merchant partners and their customers.

"Achieving PCI DSS 4.0 certification for SecurePay is a significant milestone that reinforces our position as a trusted leader in payment processing," said Ronny Yakov, Chief Executive Officer of The OLB Group. "This certification validates our ongoing investment in security infrastructure and our dedication to providing merchants with a payment gateway that meets the most stringent industry standards."

Key Enhancements Under PCI DSS 4.0
The updated certification encompasses critical security enhancements mandated by the major card brands, including Visa, Mastercard, American Express, Discover, and JCB International. Notable requirements addressed in PCI DSS 4.0 include:

Enhanced Authentication Controls - Implementation of strengthened multi-factor authentication (MFA) requirements for all access to the cardholder data environment, reflecting updated mandates from Visa and Mastercard for payment service providers.

Advanced Encryption Standards - Deployment of upgraded cryptographic protocols to protect cardholder data both in transit and at rest, meeting heightened requirements established by all major card networks.

Continuous Security Monitoring - Integration of automated security monitoring and threat detection capabilities, aligning with American Express and Discover's enhanced requirements for real-time vulnerability management.

Targeted Risk Analysis - Implementation of customized security controls based on entity-specific risk assessments, a new flexible approach under PCI DSS 4.0 that allows organizations to tailor security measures to their unique operating environment.

Expanded Scope for E-Commerce - Enhanced protections for payment page scripts and third-party integrations, addressing emerging threats in card-not-present transactions as prioritized by all participating card brands.

Card Brand Compliance
SecurePay's PCI DSS 4.0 certification ensures full compliance with the security programs of all major card networks:

• Visa Global Registry of Service Providers

• Mastercard Site Data Protection (SDP) Program

• American Express Data Security Operating Policy (DSOP)

• Discover Information Security Compliance (DISC) Program

• JCB Data Security Program

"The transition to PCI DSS 4.0 represents a fundamental shift in how the payment industry approaches security, Our successful certification demonstrates that SecurePay is positioned to meet not only today's security challenges but also the evolving requirements that the card brands will continue to implement through 2025 and beyond."

Strategic Implications
The PCI DSS 4.0 certification strengthens SecurePay's competitive positioning in the payment gateway market and provides OLB's merchant partners with assurance that their transactions are processed through a platform meeting the highest available security standards. This achievement supports the Company's strategic initiatives to expand its payment processing capabilities and attract enterprise-level merchants requiring best-in-class security compliance.

About PCI DSS 4.0
PCI DSS 4.0, released by the PCI Security Standards Council in March 2022, became mandatory for all entities processing, storing, or transmitting cardholder data as of March 31, 2024, with additional future-dated requirements taking effect through March 31, 2025. The standard introduces 64 new requirements focused on emerging threats, enhanced authentication, improved encryption, and greater flexibility in how organizations achieve security objectives.

About OLB Group, Inc.
The OLB Group, Inc. is a diversified Fintech eCommerce merchant services provider and Bitcoin mining enterprise. The Company's eCommerce platform delivers cloud-based merchant services for a comprehensive digital commerce solution to merchants in all 50 states. In addition, through its ownership of the MOOLA Cloud and Black 011 platform, OLB Group can provide its services to an additional network of 31,600 convenient stores and bodegas in the United States.

Forward-Looking Statements
This press release includes information that constitutes forward-looking statements within the meaning of Section 27A of the Securities Act of 1933, as amended, and Section 21E of the Securities Exchange Act of 1934, as amended. These forward-looking statements are based on the Company's current beliefs, assumptions, and expectations regarding future events, which in turn are based on information currently available to the Company. Such forward-looking statements include statements regarding the proposed spinoff of DMint described herein and are characterized by future or conditional words such as "may," "will," "expect," "intend," "anticipate," "believe," "estimate" and "continue" or similar words. You should read statements that contain these words carefully because they discuss future expectations and plans, which contain projections of future results of operations or financial condition or state other forward-looking information.

By their nature, forward-looking statements address matters that are subject to risks and uncertainties. A variety of factors could cause actual events and results to differ materially from those expressed in or contemplated by the forward-looking statements, including the risk that the licensee understands and complies with various banking laws and regulations that may impact the licensee's ability to process transactions. For example, federal money laundering statutes and Bank Secrecy Act regulations discourage financial institutions from working with operators of certain industries - particularly industries with heightened cash reporting obligations and restrictions - as a result of which, banks may refuse to process certain payments and/or require onerous reporting obligations by payment processors to avoid compliance risk. These and other risk factors affecting the Company are discussed in detail in the Company's periodic filings with the SEC. The Company undertakes no obligation to publicly update or revise any forward-looking statement, whether because of the latest information, future events or otherwise, except to the extent required by applicable laws

Investor Relations Contact:
The OLB Group, Inc.
IR@olb.com
(212) 278-0900 Ext 333

SOURCE: The OLB Group, Inc.

View the original press release on ACCESS Newswire

FAQ

What did OLB announce about SecurePay on December 3, 2025?

OLB announced that SecurePay achieved PCI DSS Version 4.0 certification on December 3, 2025.

How does PCI DSS 4.0 certification affect OLB (NASDAQ:OLB) merchant compliance?

The certification means SecurePay meets enhanced MFA, encryption, monitoring, and other controls required by major card brands for merchant transactions.

Which card brands' programs does SecurePay's PCI DSS 4.0 certification cover?

SecurePay's certification aligns with Visa, Mastercard, American Express, Discover, and JCB security programs.

Will SecurePay PCI DSS 4.0 certification help OLB win enterprise merchants?

OLB states the certification strengthens competitive positioning and supports efforts to attract enterprise-level merchants requiring high security.

What specific security enhancements did SecurePay implement for PCI DSS 4.0?

SecurePay implemented strengthened MFA, upgraded cryptographic protocols, automated security monitoring, and entity-specific risk analysis as described in PCI DSS 4.0.

Does SecurePay's PCI DSS 4.0 certification cover e-commerce and card-not-present risks?

Yes; the certification addresses expanded e-commerce protections for payment page scripts and third-party integrations to mitigate card-not-present threats.