Home Credit and Finance Bank completed the procedure of certification on compliance to the international standard of security of PCI

The Home Credit bank and Jet Infosystems company completed the complex project on reduction of the systems and processes of Bank ensuring safety of storage, processing and data transmission of payment cards in compliance to requirements of the PCI DSS 2.0 standard.

Start

"Our global purpose – to become one of the best retail banks in Russia. It concerns all parties of our work – products, the speed of work, convenience. And the important part in it is assigned to information security. Certification on the PCI DSS standards is a confirmation of reliability of bank, its special relation to questions of protection and safety of data", – Martin Shaffer, the vice chairman of the board of Home Credit Bank notes.

The contractor of project works selects Jet Infosystems company.

Job

At the first stage of the project experts of the system integrator conducted examination of IT infrastructure and assessment of the existing processes of Bank on compliance to requirements of the PCI DSS standard. Following the results the plan of reduction of infrastructure in compliance to the standard and increases in the overall level of cybersecurity was developed. It considered such requirements as preserving of performance of information systems of Bank and justification, including economic, proposed solutions.

"The second large segment of works included development of normative and administrative documentation, segmentation of network, completion of the existing system components, implementation of additional resources of protection and setup of security policies of network equipment, OS, DBMS and applications, – the associate director of Information Security Center of Jet Infosystems company Evgeny Akimov reported. – At the same time the means of protecting which are available in Bank were involved as much as possible, and the reliable and approved earlier solutions allowing to provide, on the one hand, compliance to the standard are recommended for implementation, and – effectively to solve a problem of providing Information Security with another in general".

Carrying out audit of the systems and processes ensuring safety of storage, processing and data transmission of payment cards became the final stage of the project. Audit is booked by the group of experts of Jet Infosystems company, not taking part in project works. Results of audit were accepted by international payment systems of Visa and MasterCard. Obtaining the certificate confirming compliance of information systems of Home Credit Bank to the high international standards of security became a result.

"We set an ambitious goal – to create really working information security system which would conform to requirements of the most difficult standard in the world for data protection. And we managed to make it in only one year! I would like to thank all participants of this project and also to note professionalism and experience of our partner – Jet Infosystems company", – Yury Lysenko, the head of department of information security of Bank added.