Halyk Savings Bank Card Business Complies with PCI DSS Requirements
OREANDA-NEWS. February 22, 2011. Halyk Bank has become the first among Kazakhstan's banks to obtain a certificate of compliance with PCI DSS (Payment Card Industry Data Security Standard). Thus, Halyk Bank has confirmed that it meets the high level of security of card processing environment, as well as procedures and regulations of information security, reported the press-centre of KASE.
Halyk Bank issues payment cards of systems like VISA International, MasterCard Worldwide, China UnionPay and remains the permanent leader on payment cards market in Kazakhstan. PCI DSS is an international security standard set by PCI SSC (Payment Card Industry Security Standards Council). This standard has been created for institutions in the payment cards industry and serves for prevention of fraud by improved control over storage, processing and transmission of personal data of cardholders.
"Compliance with PCI DSS standard means that the bank ensures safety and minimizes risk of fraud for holders of Halyk Bank cards, as well for clients using wire transactions at trading enterprises with the Bank's terminals involved", says Umit Shayakhmetova, Chairman of Halyk Savings Bank of Kazakhstan.
Project aimed at harmonizing the Banks' infrastructure with PCI DSS requirements and preparation for auditing included several stages: preliminary evaluation of compliance with the standard, removal of discrepancies detected and fulfillment of the standard's requirements, the final auditing of compliance with PCI DSS requirements.
Since, according to the criteria set by Payment Card Industry Security Standards Council, Halyk Bank is a major institution in the payment cards industry, the procedure of evaluation of compliance with PCI DSS standard was conducted by an independent QSA (Qualified Security Assessor).
Based on the evaluation's results, Halyk Savings Bank of Kazakhstan received a report on compliance with PCI DSS standard with regard to categories ATM Processing, Authorization, Clearing & Settlement, POS Payment Processing, Process Magnetic-Stripe Transactions and was entered into a register of payment systems' participants meeting PCI DSS requirements.
Комментарии