MTS confirmed compliance to requirements of the PCI DSS standard

Announced Jet Infosystems a successful completion of recertification of MTS on compliance to requirements of the international standard for data protection in the industry of the PCI DSS 3.2 payment cards.

The project on recertification mentioned all systems and processes of the telecom operator ensuring safety of storage, processing and data transmission of payment cards. The partner in the project selected the Jet Infosystems company having the statuses Qualified Security Assessor (QSA) and Approved Scanning Vendor (ASV) and being the licensed auditor on certification on compliance to all requirements of the international standard.

The MTS company provides to subscribers services of payment acceptance using payment cards since 2008 Besides, it renders services of a data processing center, including for placement of the equipment responsible for data processing of payment cards. It requires annual passing of the procedure of audit and certification IT infrastrukutry on sootvestiye to requirements of the PCI DSS standard.

Within preparation for certification experts of Jet Infosystems company carried out the preliminary analysis of architecture of the infrastructure solutions implemented by the operator for ensuring data processing of payment cards and created recommendations about their correct embedding in the existing IT infrastructure. Then the analysis of the final solution was carried out and recommendations about setup of security aids taking into account changes in the customer's infrastructure are made. For check of compliance to security requirements scanning regarding vulnerabilities and a series of penetration tests is performed. After that certification audit is booked.

Results of audit were approved by international payment systems of Visa and Mastercard, and MTS companies the certificate on a full compliance to the standard is issued.