SmartVista has successfully passed the PCI DSS compliance validation in Alfa-Bank

12 January 2009

The processing center of Alfa-Bank, based on the BPC’s SmartVista software solutions, has successfully completed the assessment procedure to validate its compliance with PCI Data Security Standard (PCI DSS) which is a leading security standard developed by the major payment brands as a means to bolster the security posture of organisations that process card payments.

PCI DSS requirements apply to all entities that store, process or transmit customer payment card data to adhere to information security controls and processes that ensure data integrity. The standard is a list of 12 requirements which involve both processing solution security and physical security of the data through different measures: from cardholder data encrypting to network monitoring and limitation of user access to the private information. Such a multilateral approach becomes the only efficient means of preventing fraudulent operations in the payments industry. Today the adherence to PCI DSS is mandatory for banks, processing centers, financial organisations and merchants working with payment brands.

Alfa-Bank has been using SmartVista to support its card business since 2001. At present the bank is a principal member of Visa and MasterCard payment schemes. Using cards-based business as a priority direction for its retail operations, Alfa-Bank’s strategy is to consistently raise the quality of its services and provide a broad spectre of modern products and services based on payment cards including different co-brand programmes, Internet-banking, e-commerce and m-commerce services, etc. Currently the Alfa-bank processing center supports 1600 ATMs, 20 000 POS-terminals and 5M cards, processing over 500 000 TPD.

With its responsible approach to the customers’ security, Alfa-Bank has completed the process of PCI DSS compliance validation. Basing on the validation results the bank, with BPC team support, has developed a detailed plan for the future enhancement of the security technologies of the processing center.

“The assessment of Alfa-Bank processing center against PCI DSS is an important stage of the card business development”, said Andrey Eramov, Head of Processing Center Systems Development Department, Alfa-Bank. “The recommendation of the payment schemes given in the process of the validation will allow us to considerably raise the security of our customers and will raise our card business to a new level of quality”.
“BPC provides its customers with high-end solutions meeting all today’s requirements of the card business”, underlined Vitaly Timoshenko, COO, BPC. “The PCI Security Standards Council allows all the participants of the payment chain to use more effective mechanisms for their customers’ confidential data protection and significant reduction of fraudulent risks. That’s why our company takes active part in the development of e-payment security and considers the task to protect personal data of the clients one of the key requirements for all the participants of the cashless payments market”.

As a Participating Organization of the PCI Security Standards Council, BPC has access to all the latest payment card security standards from the Council. All the BPC solutions based upon its key offering – the family of software applications for financial industry SmartVista Suite – are fully compliant with PCI DSS requirements and are updated on a regular basis in accordance with the changes of this standard. Some SmartVista customers have already validated their processing solutions compliance with PCI DSS while the others are currently running the assessment process aiming at eliminating the standard discrepancies. SmartVista is also getting ready for the certification to PA DSS – data security standard specially developed by PCI SSC for processing solutions.

Become a bobsguide member to access the following

1. Unrestricted access to bobsguide
2. Send a proposal request
3. Insights delivered daily to your inbox
4. Career development