Playtika Achieves PCI DSS Level 1 Compliance with GRSee Consulting

When a global gaming leader like Playtika needed to achieve PCI DSS Level 1 under extreme deadlines, they turned to GRSee Consulting.

By Tom Rozen

Updated November 5, 2025

Playtika is a leading global mobile gaming company known for its engaging, free-to-play titles with in-app purchases that enhance players’ experiences. With millions of active users worldwide, Playtika operates at scale across multiple platforms, including Google Play, Apple’s App Store, and its own proprietary web-based platform for VIP players.

As the company expanded its in-house payment processing platform to serve a growing segment of web-based players, maintaining the highest standards of payment security became a business-critical priority.

Playtika needed to achieve PCI DSS Level 1 compliance to meet the requirements of its payment processors and stakeholders, ensuring secure transactions while preserving its competitive edge.

Recognizing the complexity of this challenge, Playtika selected GRSee Consulting, an accredited Qualified Security Assessor (QSA) company, to lead the effort. Known for its deep cybersecurity expertise, white-glove service, and proven track record, GRSee Consulting was the strategic partner Playtika needed to navigate PCI DSS compliance with confidence and speed.

The Need / Business Drivers

Playtika has developed its own payment-processing infrastructure to support its evolving business model and growth across platforms. As the platform’s transaction volume grew, so did the compliance stakes.

Payment processors required Playtika to demonstrate PCI DSS compliance at Level 1, the most rigorous level of assessment.

“Achieving PCI DSS Level 1 was a top business priority for Playtika. It’s essential for our growth strategy and for maintaining trust with our players, partners, and processors.” - Igor Rutman, Security Risk Lead, Playtika

This milestone was not only a regulatory requirement but also a strategic enabler, helping Playtika strengthen customer trust, reduce risk, and support expansion outside third-party app ecosystems.

The Partnership & Solution

GRSee Consulting engaged with Playtika at a critical moment. With a tight timeline and transitioning to the new PCI DSS standard, Playtika and GRSee Consulting collaborated to meet the requirements promptly.

Leveraging The GRSee Way, a six-step high-touch methodology, GRSee Consulting mobilized a dedicated team of experts and project managers to guide Playtika through every stage of the PCI DSS Level 1 assessment.

Services Included:

Gap analysis and readiness review
Hands-on guidance to align Playtika’s unique business model with PCI requirements
Evidence preparation and interviews across departments
Comprehensive PCI DSS Level 1 QSA audit and assessment

“GRSee Consulting wasn’t just an auditor. They were a true partner. They helped us bridge the gap between PCI requirements and our operational reality, adapting the process to fit our business.” -Igor Rutman, Security Risk Lead, Playtika

Challenges & How They Were Addressed

The project presented multiple challenges:

Tight deadlines: Playtika had only a few weeks to complete the transition to a new QSA and finalize compliance.
PCI DSS Version 4.0.1 controls: Most of the controls had already shifted to the new standard.
Process complexity: Previous audits had felt disorganized and time-consuming.

GRSee Overcame These Challenges Through:

Responsive, white-glove service: Quick turnaround times, proactive communication, and direct access to GRSee Consulting’s executive team provided peace of mind.
Collaborative approach: Acting as an extension of Playtika’s team, GRSee Consulting helped design controls, align stakeholders, and streamline evidence collection.
Structured methodology: Clear, repeatable processes made it easy to track progress year-over-year.

Outcomes & Impact

With GRSee Consulting’s support, Playtika successfully achieved PCI DSS Level 1 compliance on time, meeting its payment processor’s requirements without disruption to operations.

“The process was smoother, more transparent, and felt faster compared to previous audits". -Igor Rutman, Security Risk Lead, Playtika

Key outcomes:

Deadline met despite an urgent QSA transition
Greater organizational clarity and repeatable compliance processes
Peace of mind for leadership with proactive project management and expert guidance
Long-term, Playtika is positioned to sustain PCI DSS compliance efficiently, support continued growth on its internal payment platform, and strengthen trust with both players and partners.

Conclusion

Playtika’s commitment to security and compliance reflects its customer-centric values and growth strategy.

By partnering with GRSee Consulting, the company transformed PCI DSS compliance from a high-stakes challenge into a strategic asset, reducing costs, maintaining processor trust, and ensuring a secure experience for its players.

GRSee Consulting’s blend of deep cybersecurity expertise, structured methodology, and white-glove service positioned Playtika for long-term success in regulated markets. Together, the two companies set a new standard for how compliance can drive, not hinder, innovation and growth.