UCS booked the next audit of information systems

On October 11, 2013 to JSC United Card Service (UCS) and Jet Infosystems were announced a successful completion of UCS of the next certification on compliance to requirements of the international standard of data security of the industry of the PCI DSS 2.0 payment cards.

Project Tasks

"Being one of key players in the market of processing of transactions with payment cards, we are directly interested in providing to our clients – to banks and trade and service companies – reliable and high-quality service on service of payments. Therefore compliance to modern standards of security for us is an integral part of a system of rendering high-quality services", – Tatyana Anokhina, the director of internal control of "United Card Service" company (UCS) noted.

The partner of the project on ensuring compliance "United Card Service" (UCS) to the PCI DSS standard became Jet Infosystems company.

Project Progress

Experts of the company inspected the IT infrastructure segment responsible for data processing of payment cards, in particular - the payment applications participating in processes of storage, transfer and data processing of payment cards, the information security tools ensuring safety of the environment of these payment cards, network infrastructure, processes and procedures of information security.

Key feature of the project - the difficult, multicomponent IT infrastructure of processing including about one hundred servers. Besides, it is necessary to consider specifics of audit of the processing system which is own development of "United Card Service" company (UCS).

"At recertification special attention is paid as the continuity of processes of cybersecurity (for example, to incident management, vulnerabilities), and efficiency of protection gears in the conditions of change of area of applicability of requirements of the standard. "United Card Service" showed (UCS) strict observance of all these requirements", – Ivan Tverdokhlebov, the head PCI DSS of Jet Infosystems company emphasized.

2014: Completion of recertification

On June 19, 2014 UCS and Jet Infosystems announced completion of recertification of UCS on compliance to requirements of the international standard of data security of the industry of the PCI DSS 2.0 payment cards.

Certified process affected all main systems and processes ensuring safety of storage, processing and data transmission of payment cards. Results of audit are accepted by international payment systems of Visa and MasterCard, UCS issues the certificate on compliance to the standard.

"Being one of the leading processors of transactions with payment cards in Russia, UCS pays much attention to questions of security of payments and providing high-quality service to our clients. Focus on questions of information security is also connected with need of compliance to strict internal standards for this area of global international corporation Global Payments which part we are. Confirmation of conformity to requirements of international payment systems serves as one more proof of reliability of a processing center of UCS for our clients and partners", – Alexander Kuznetsov, the head of the Risks and Security block of UCS company noted.

"UCS became the first company in the Russian market in the credit and financial and processing sphere which underwent certification at the beginning of 2009 of PCI DSS and continues to confirm it annually for six years", − Marina Nikulina, the director of internal control of UCS company emphasized.

"Specialists of UCS maintain relevance of the cybersecurity system taking into account upgrade of an IT component of business, first of all, being guided by providing real information system protection, – Elena Kozlova, the head Security Compliance of Information Security Center of Jet Infosystems company told. – Such approach guarantees success of annual recertifications according to requirements of the PCI DSS standard that is the additional evidence of reliability of all card transactions which are carried out by the processing company".