| Customers: Sberbank Moscow; Financial Services, Investments and Auditing Contractors: Deiteriy (Deuterius) Product: IT and Security External Audit Projects (PCI DSS and ISMS)Project date: 2016/10 - 2017/01
|
2017
On December 21, 2017, Sberbank reaffirmed the compliance of its Main Processing Center with the requirements of the PCI DSS payment card industry data security standard.
Following a thorough study of the bank's cybersecurity processes, the independent QSA auditor Deiteriy concluded that Sberbank fully complies with the requirements of the standard. The certification audit established Sberbank's compliance with the requirements of the standard for more than 1000 components of automated systems and network devices.
On February 15, 2017, the press service of the company Deiteriy announced the completion of an audit of the PJSC plastic card business Sberbank for compliance with international information security requirements, the standard. PCI DSS version 3.2
Sberbank's main processing center processes more than 40 million transactions per day.
 | The peculiarities of the certification QSA audit at Sberbank are mainly related to the size of its payment infrastructure and the impressive volume of issuance and acquiring of payment cards. Such a scale makes it non-trivial to fulfill the requirements, the implementation of which in other conditions does not cause any problems. Take, for example, encryption of stored data - with so many payment transactions per second, not every cryptographic system will cope with the load. Sergey Shustikov, CEO of Deiteriy |  |
{{quote 'author
= Sergei Lebed, Head of the Sberbank Cybersecurity Service' Sberbank, being the issuer and acquirer of international payment systems Visa and MasterCard, confirmed compliance with PCI DSS requirements in the form of certification audit. The bank's compliance reports were approved by payment systems, which confirms Sberbank's reputation as a stable and reliable bank that fulfills all its obligations to customers and partners, including international payment systems.
During the certification, a lot of work was carried out: the bank was established to comply with the requirements of the standard for more than 600 components of automated systems and network devices, with the involvement of more than a hundred specialists of Sberbank and Sber Tech JSC.
The result confirms that the used systems and processing technologies meet the security requirements, which forms a reliable platform for the confident development of the bank's business.}}
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |