Bank of Moscow Payment Systems Meets PCI DSS Standards
OREANDA-NEWS. The Bank of Moscow and Infosystems Jet Company finished re-certification of payment systems and related bank processes according to the requirements of the international standard PCI DSS 2.0. Certification process involved all systems that ensure secure holding, processing and communication of payment cards data.
In 2014, the Bank of Moscow's own processing centre executed more than 170 million of financial transactions with the total value of 1.5 trillion roubles. The Bank's card portfolio includes 6.4 million of active cards. The Bank's own ATM network has more than 2100 machines and its point-of-sale terminal network - more than 9000 machines. In addition, the Bank services 45 agent banks owning 1000 ATMs. Conformity with the PCI DSS standard in this context is another proof of the reliability of the Bank and the security of card operations. Recertification audit was performed by Infosystems Jet Company that possesses Qualified Security Assessor (QSA) and Approved Scanning Vendor (ASV) statuses.
Experts from Infosystems Jet Company examined the Bank's IT-infrastructure that is used in payment cards processing. The audit included payment applications, processing system, data protection arrangements that ensure safety of payment cards information environment, network infrastructure, processes and procedures of information security (IS), terminal servers networks including communication channels, infrastructure services. Following its results a number of information security processes was improved, some settings of the data protection arrangements were optimized and normative-regulatory documentation was updated.
"After completing in 2013 the project for bringing the Bank in line with the requirements of PCI DSS 2.0 which was finished with a successful certification audit the project team actively continued to maintain the infrastructure and processes conforming to PCI DSS standard. We see the completion of another certification audit as an additional confirmation of the status of the Bank of Moscow as a reliable financial institution that cares about the security of its clients data," says Alexander Kuryatnikov, Director of the Department of the Processing Services of the Bank of Moscow.
Following the results of certification audit a statement of full conformity of the IS of the Bank of Moscow to the requirements of PCI DSS was issued. The audit results were accepted by the international payment systems Visa and MasterCard, and the Bank received the corresponding certificate.
Комментарии