RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2
Project

Intervale confirmed certification of the processing center on the PCI DSS 3.0 standard

Customers: Intervale (Interveyl) Smartkardlink

Moscow; Financial services, investments and audit

Contractors: Informzashita
Product: Projects of external audit of IT and security (in tch PCI DSS and SUIB)

Project date: 2013/04  - 2014/06

The Informzashita company completed the project on check of compliance of the environment of processing of payment information of Intervale company to the international standard PCI DSS, the press service of the company reported on August 8, 2013

Project Results

Payment services of Intervale underwent certification on compliance to requirements of the international standard of security of the industry of the PCI DSS 2.0 payment cards. Certification audit is booked by Informzashita company.

"The subject of security of payment transactions purchases more and more critical value in the conditions of growth of volumes of cashless payments and development of remote payment methods of goods and services. Success audit of our services clearly demonstrates their high reliability that provides uninterrupted obligation fulfillment before partners and their clients. Professionalism and efficiency of specialists of Informzashita allowed us to complete the project on certification in the planned terms", - Alexey Shamayko, the CEO of Interveyl Ltd noted.
"It should be noted responsibility and pedantry, in good sense of this word with which the staff of Intervale company approaches questions of information security support, - Lev Fisenko, the director of the department of work with financial institutions of Informzashita company reported. – Successful passing of certified audits on compliance to the PCI DSS standard – the best evidence of reliability of the company for her clients and partners".

2013. September: Stress testing

The Andek company held stress testing of a system of Internet payments in Intervale company, the press service of integrator reported on September 4, 2013.

Project Background

Need of check of system performance is caused by the forthcoming choice of a system of counteraction to fraud. Specialists of Intervale needed to define load characteristics of the solution of Oracle Adaptive Access Manager (OAAM) in different usage modes at high requirements to system performance. The solution OAAM includes the server of management, the SOAP server and offline server. The possibility of use of a system and a configuration of the necessary server hardware depended on results of check.

Project Progress

Specialists of Andek company suggested to hold testing of OAAM in an operation mode about offline data (i.e. on historical logs of financial transactions) and also in a compatibility mode of a flow of transactions using a specialized software.

The project is executed in two stages. As a part of the first - deployment of the virtual Oracle Adaptive Access Manager stand in own laboratory of Andek company, writing offline loader under data of transactions of Intervale, implementation of monitoring of the OAAM components during stress testing.

The next step - setup test the politician of OAAM and testing in compliance with Intervale technique.

Final stage - the report on stress testing on final results.

Project Results

Load characteristics of a system, possibility of its use are defined. Specialists of the contractor prepared recommendations about an optimal configuration of the server hardware.

Pavel Lozhkin, the deputy CEO of Andek company, noted: "This project was interesting that it allowed to determine suitability of a system by performance criterions, to develop unique techniques of measurement and performance improvement. Ready techniques which would allow to perform similar measurements do not exist".

2014: Intervale confirmed certification of the processing center on the PCI DSS 3.0 standard

Smartkardlink Ltd completed the works on recertification of Wednesday of data processing of payment cards, including, own processing center, according to the PCI DSS standard. Audit was booked by the QSA auditor Informzashita with the assistance of department of information security, specialists of a processing center and technical department of the company.

The decision on construction of a processing center was made in 2012 within strategy implementation of development of Interveyl group. At design of the center the priority value was given to protection of its information systems, and in creation the modern software and means of protecting from world leading manufacturers were used. In the fall of 2013 the processing center was given the status MSP TPP (Member Service Provider Third Party Processor) in MasterCard payment system. The project on obtaining the similar status in Visa payment system is open.

The environment for processing of payment information to which services MTS-Pay, MyPay.kz, MasterCard Mobile, show-windows of card payments, money transfers and remote banking and also the payment platform of PayGuide Acquirer providing service of Internet acquiring are connected underwent recertification audit.

  • MTS-Pay ("Easy payment") is a payment service of services to numerous suppliers using the mobile phone and the bank card
  • MyPay.kz is the first Kazakhstan application of mobile payments for subscribers of any Kazakhstan operator of GSM communication for payment of services and goods in real time using the cell phone and the bank card
  • MasterCard Mobile is the service on the White-label model allowing to pay services, to make purchases and to execute money transfers with the help of bank cards of MasterCard®, Maestro® and Visa through mobile (iOS, Android, WinPhone) and web interfaces
  • The interfaces of remote client service (for credit institutions and the non-financial sector) allowing to make card payments in a supplier address of services, P2P transfers, purchase of prepaid (virtual) cards through mobile (iOS, Android, WinPhone) and web interfaces (White-label model).