PCI DSS requirements apply to all entities that store, process or transmit customer payment card data to adhere to information security controls and processes that ensure data integrity. The standard is a list of 12 requirements which involve both processing solution security and physical security of the data through different measures: from cardholder data encrypting to network monitoring and limitation of user access to the private information. Such a multilateral approach becomes the only efficient means of preventing fraudulent operations in the payments industry. Today the adherence to PCI DSS is mandatory for banks, processing centers, financial organisations and merchants working with payment brands.
Alfa-Bank has been using SmartVista to support its card business since 2001. At present the bank is a principal member of Visa and MasterCard payment schemes. Using cards-based business as a priority direction for its retail operations, Alfa-Bankâs strategy is to consistently raise the quality of its services and provide a broad spectre of modern products and services based on payment cards including different co-brand programmes, Internet-banking, e-commerce and m-commerce services, etc. Currently the Alfa-bank processing center supports 1600 ATMs, 20 000 POS-terminals and 5M cards, processing over 500 000 TPD.
With its responsible approach to the customersâ security, Alfa-Bank has completed the process of PCI DSS compliance validation. Basing on the validation results the bank, with BPC team support, has developed a detailed plan for the future enhancement of the security technologies of the processing center.
âThe assessment of Alfa-Bank processing center against PCI DSS is an important stage of the card business developmentâ, said Andrey Eramov, Head of Processing Center Systems Development Department, Alfa-Bank. âThe recommendation of the payment schemes given in the process of the validation will allow us to considerably raise the security of our customers and will raise our card business to a new level of qualityâ.
âBPC provides its customers with high-end solutions meeting all todayâs requirements of the card businessâ, underlined Vitaly Timoshenko, COO, BPC. âThe PCI Security Standards Council allows all the participants of the payment chain to use more effective mechanisms for their customersâ confidential data protection and significant reduction of fraudulent risks. Thatâs why our company takes active part in the development of e-payment security and considers the task to protect personal data of the clients one of the key requirements for all the participants of the cashless payments marketâ.
As a Participating Organization of the PCI Security Standards Council, BPC has access to all the latest payment card security standards from the Council. All the BPC solutions based upon its key offering â the family of software applications for financial industry SmartVista Suite â are fully compliant with PCI DSS requirements and are updated on a regular basis in accordance with the changes of this standard. Some SmartVista customers have already validated their processing solutions compliance with PCI DSS while the others are currently running the assessment process aiming at eliminating the standard discrepancies. SmartVista is also getting ready for the certification to PA DSS â data security standard specially developed by PCI SSC for processing solutions.