Interview with the director of the department of IT of NSCP Vladimir Troyanovsky
Vladimir Troyanovsky, the director of the department of IT of NSCP, in an interview of TAdviser told how the Mir payment system develops.
Troyanovsky
Vladimir, tell what current indicators of use of Mir payment system? How many cards are already issued? What number of operations with the World cards is performed daily?
Vladimir Troyanovsky The Mir payment system develops in high gear therefore indicators change every day. By the end of December, 2016 about 1.8 million payment cards are issued.
In 2016 the main emphasis was put on development of acquiring network that card holders could use it in all usual places - ATMs, shops, etc. By the end of 2016 we covered actually 100% of ATM network on all in the territory of Russia, all largest retailers already accept the World card for payment - it is about 85% of POS terminals. Daily on the World cards there take place more than 100,000 transactions.
Today more than 1 million 280 thousand POS terminals in trade and service companies through the whole country are already connected to acceptance of cards. On the website mironline.ru only the largest TSP accepting for payment national payment cards are specified. Besides, already thousands of online stores working with payment cards using services "Yandeks. Kassa", "Rambler. Kassa", PayU, PayOnline, WalletOne and others accept for payment the World cards.
JSC NSCP (the operator of Mir payment system) also acts as the processor for international payment systems: we service all traffic in the territory of the Russian Federation. Where you paid purchases or services with any card, all transactions go through us. The daily number of transactions on cards of all payment systems which are processed in the National Payment Card System approaches 20 million transactions.
This process was organized about one and a half years ago, and now we work on additional services from the point of view of Mir payment system and its promotion.
Whether there are large companies or state structures which transfered the salary projects to cards with this payment system?
Vladimir Troyanovsky It is a question rather to banks since they keep salary projects of different departments and organizations. I know that our partner banks already discuss the translation of different salary projects on World cards of the payment service provider, but the final decision is all the same made by the organization employer depending on set of a set of factors: a covering and a scope of ATM networks, convenience of use of payment cards, existence of additional services and applications on cards, etc.
On what services of Mir payment system do you work now?
Vladimir Troyanovsky At the end of last year we tested technologies of contactless payments. And already three banks are ready to release of the first payment cards with a possibility of contactless payment. This year we transfer to banks technology, and they will issue payment cards with a possibility of contactless payment.
In the middle of 2017 we start the loyalty program of Mir payment system which will consider the interests of all participants of the program - card holders, banks and retailers.
Also we work on the project of safe e-commerce based on 3D Secure technology 2.0. Mir payment system – first-ever of payment systems which implemented this technology and in 2016.
We have also less large-scale projects on automation. Also we pass to methodologies of development of Agile, DevOps. In some of our projects we see efficiency from this approach and we grope intuitively right direction.
Whether some experience of the organization of work of foreign payment systems from the point of view of IT during creation was borrowed World?
Vladimir Troyanovsky International payment systems exist already long time, and all of us made in two years therefore in general not really we will apply others experience to us. As for operational and payment clearing center (OPKTs), we created it based on own practices, but in close contact with international payment systems since we act for them as the third processor.
How much did creation of IT infrastructure for functioning of PS "World" and how much its technical support annually costs cost?
Vladimir Troyanovsky Before arrival to JSC NSCP (the operator of Mir payment system) I participated in creation of retail bank, and I can tell that the cost of IT solutions for creation of national payment system is comparable with digits on creation of retail bank.
What now scales of IT infrastructure which ensures functioning of payment system? Earlier in the company told that there were three DPCs, about 500 network devices, etc. Something changed or planned?
Vladimir Troyanovsky Construction of several more DPCs is planned for 2017. They are necessary more likely to carry the existing functionality. In DPCs which are already used there is no Internet. It was made for the purpose of information security not to put the National Payment Card System at any additional risks. However life does not stand still, and services which we are going to start now require interaction with the end user and existence of the Internet. Therefore we decided to build separate DPCs for the similar systems. It will allow to avoid negative impact on basic function – transaction processing.
We significantly did not change scales of already existing infrastructure. As of the middle of last year it is about 400 physical servers and more than 700 virtual, six arrays of data storage and 500 units of the telecom equipment.
The payment system was created from scratch therefore we have no obsolete systems requiring upgrade. All our infrastructure is constructed on standard computing architecture of x86 - it gives independence of manufacturing companies.
Now in Russia the vector on import substitution is designated. How the situation using domestic solutions is at you?
Vladimir Troyanovsky Originally main software part of a system – processing - was developed by the Russian company. Under the terms of the contract with it, we acquired all rights and patents for development, and now software which is called "a NSCP 1.0", completely belongs to NSCP. We finish it.
The second main component, security applet on the card, is completely development of NSCP.
Whether it is used in the system of the Open source software?
Vladimir Troyanovsky Yes, we use it. For example, a frontal part "the National Payment Card System 1.0" - does not use the database that does it steady against falling, in it there is no uniform point of failure. This our know-how. We do not use Oracle absolutely, instead of it – the open source software.
Also all monitoring of payment system works at the open source freely distributed software. It does not mean that it does not cost money – we pay for support since examination from the market is necessary for us. Further we are going to increase presence of the open source software.
In what proportion do you use own and custom developments?
Vladimir Troyanovsky As for business systems, we write them, or the companies write them under us, and then transfer us the source code. Thus all custom developments become our, unique and in one copy.
How often there are failures in a system?
Vladimir Troyanovsky Serious failure for all the time of functioning of payment system was only one, spring of 2015. It was connected with problems behind perimeter of the NSCP – failure happened at our partner on communication channels. Once again I will emphasize that the NSCP is very steady against failures, and failure even does not lead the whole DPC to the fact that it becomes impossible to use payment cards.
In the summer the Central Bank warned that holders of cards of national payment system "Mir" can suffer from the hacker attacks. Experts said that for money withdrawal from the World card it is necessary to know only the card number and the PIN code. Who is responsible for the solution of this problem and what works are conducted?
Vladimir Troyanovsky Technically the NSCP is ready to similar situations and has sufficient monitors and prevention of threats. Besides, the National Payment Card System is in permanent interaction with FinCERT of the Bank of Russia of FINTSERT, law-enforcement and security agencies and also with banks. For holders of cards it is additional measures of authentication, implementation of 3D Secure technology.
Today the World payment cards conform to all standards of security both Russian, and international.
Often the card is compromised because of violation by the holder of rules of information security – issue PIN codes and protective codes, including under the influence of swindlers.
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |