SmartVista Passed PCI DSS Compliance Validation in Alfa-Bank
The processing center of Alfa-Bank,based on the BPC’s SmartVista software solutions,has successfully completed the assessment procedure to validate its compliance with PCI Data Security Standard (PCI DSS) which is a leading security standard developed by the major payment brands as a means to bolster the security posture of organisations that process card payments.
PCI DSS requirements apply to all entities that store, process or transmit customer payment card data to adhere to information security controls and processes that ensure data integrity. The standard is a list of 12 requirements which involve both processing solution security and physical security of the data through different measures: from cardholder data encrypting to network monitoring and limitation of user access to the private information. Such a multilateral approach becomes the only efficient means of preventing fraudulent operations in the payments industry. Today the adherence to PCI DSS is mandatory for banks, processing centers, financial organisations and merchants working with payment brands.
Alfa-Bank has been using SmartVista to supportits card business since 2001. At present the bank is a principal member of Visa andMasterCard payment schemes. Using cards-based business as a priority direction for its retail operations, Alfa-Bank’s strategy is to consistently raise the quality of its services and provide a broad spectre of modern products and services based on payment cards including different co-brand programmes, Internet-banking, e-commerce and m-commerce services, etc. Currently the Alfa-Bank processing center supports 1600 ATMs, 20 000 POS-terminals and 5M cards, processing over 500 000 TPD.
With its responsible approach to the customers’ security, Alfa-Bank has completed the process of PCI DSS compliance validation. Basing on the validation results the bank,with BPC team support, has developed a detailed plan for the future enhancement of the security technologies of the processing center.
«The assessment of Alfa-Bank processing center against PCI DSS is an important stage of the card business development», said Andrey Eramov, Head of Processing Center Systems Development Department, Alfa-Bank. «The recommendation of the payment schemes given in the process of the validation will allow us to considerably raise the security of our customers and will raise our card business to a new level of quality».
As a Participating Organization of the PCI Security Standards Council, BPC has access to all the latest payment card security standards from the Council. All the BPC solutions based upon its key offering – the family of software applications for financial industry SmartVista Suite – are fully compliant with PCI DSS requirements and are updated on a regular basis in accordance with the changes of this standard. Some SmartVista customers have already validated their processing solutions compliance with PCI DSS while the others are currently running the assessment process aiming at eliminating the standard discrepancies. SmartVista is also getting ready for the certification to PA DSS – data security standard specially developed by PCISSCfor processing solutions.