Compass Plus Online has passed the next certification for PCI DSS compliance

2023: PCI DSS 4.0 Certification

On October 28, 2023, the processing center Compass Plus Online completed the next certification for compliance with data the payment cards Payment Card Industry Data Security Standard (). PCI DSS The certification audit was carried out by the company, Compliance Control which announced this on November 11, 2023.

In the context of the digitalization of payment processes and the growth of fraudulent attacks, the security issue is especially acute for industry players. In the first half of 2023, attackers stole a total of 4.5 billion rubles from bank accounts and cards of Russians, which is 30% higher than in 2022, said Vadim Uvarov, head of the information security department of the Central Bank of the Russian Federation. He also noted that banks in the first three months of 2023 repelled 2.7 million fraud attacks on customer accounts, which prevented the theft of more than 700 billion rubles. In existing realities, Compass Plus Online uses best practices in the field of security and guarantees cardholders maximum protection when paying for goods and services and transferring funds.

During the audit of the processing center, Compliance Control specialists together with representatives of Compass Plus Online:

• determine the scope of the PCI DSS standard;
• collected information about processing systems and information infrastructure;
• collected information on information security processes, applied measures and means of information protection;
• based on the information received, the compliance with the Compass Plus Online requirements of the PCI DSS 3.2.1 standard was analyzed (including preliminary assessment of compliance with the requirements of the latest version of the standard - PCI DSS 4.0);
• developed the necessary reporting documents and prepared recommendations for eliminating the identified inconsistencies and aligning the infrastructure with the PCI DSS 4.0 standard.

Every year, our processing center processes 700 million transactions, and it is more important than ever for us to ensure a high level of reliability of our services. Compass Plus Online regularly undergoes security audits, scans information infrastructure for vulnerabilities and penetration tests, so that our customers can be confident in protecting the data of payment card holders and minimizing associated risks. Cooperation with Compliance Control allowed us to quickly pass PCI DSS certification, so we plan to further implement several more joint projects to ensure the security of information infrastructure, "said Mikhail Yurchenko, Director of Sales and Business Development, Compass Plus Online.

Compass Plus Online is an example of a company that not only formally meets the requirements of the PCI DSS standard, but also systematically builds information security processes and also systematically increases their maturity. During our work, we were pleasantly surprised by the professionalism of the team, the efficiency of interaction and provision of the necessary information, as well as the importance of awareness of the problem of ensuring information security at the highest level. I am convinced that the clients of Compass Plus Online made the right choice - said Stanislav Starikov, head of expert consulting and audit at Compliance Control.