RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2
Project

AK BARS Bank updated system security audit on PCI DSS

Customers: AK BARS Bank

Kazan; Financial Services, Investments and Auditing

Product: External IT and Security Audit Projects (PCI DSS and SIS)

Project date: 2015/05  - 2017/04

Content

AK Bars Bank, with the participation of ICL-KPO Sun, confirmed the compliance of its services with the international standard of security of the PCI DSS (Payment Card Industry Data Security Standard) payment card industry version 2.0.

2017

The emergence of new services - mobile wallet, Apple Pay, Android Pay, Samsung Pay, made banking services for AK BARS Bank customers even faster and more convenient. However, the more interactive services the bank introduces, the more reliable its infrastructure should be. AK BARS Bank, with the support of specialists of ICL System Technologies, has again confirmed compliance with international security requirements following the results of the annual PCI DSS audit.

In 2017, the AK BARS Bank audit procedure was held according to the new version of the standard, which entered into force in the fall of 2016. The international PCI DSS standard defines security requirements for bank payment cards. New, more stringent requirements were taken into account during the recertification, ensuring optimized security of storage, processing and transfer of payment card data.

2015

On November 1, 2015, ICL-KPO VS announced that AK BARS Bank had conducted an annual audit on the compliance of bank services with the international security standard of the PCI DSS payment card industry .

Bank Office (2013)

The certification audit was conducted in partnership with the QSA auditor - Digital Compliance. The preparation of the ATM network for audit was carried out by SafenSoft.

The audit procedure was conducted by Digital Compliance. The certificate of conformity issued by the audit testifies to the full compliance of the Bank's infrastructure with the world requirements of information security of payment cards.

Rafael Valeev, Head of the Processing Center Department of Information Technology PJSC AK BARS Bank, noted:

- For the fifth year in a row AK BARS Bank successfully passes the audit procedure with the participation of ICL-KPO VS specialists. During our collaboration, we have been able to develop an efficient and labor-efficient continuous PCI DSS compliance technology. At the same time, this approach does not just formally allow us to meet the necessary requirements, but implies a well-thought-out systematic activity aimed at ensuring the maximum level of security and security of our customers' data.

Aydar Guzairov, Deputy General Director for Business Development of ICL-KPO SC, said:

- With "AK BARS" Bank we are connected with many years of fruitful cooperation, including in the field of implementation of projects on information security. Since recently there has been an active increase in the number of attacks that threaten the stability of banking services, it is always necessary to "keep your hand on the pulse." Obtaining a PCI DSS certificate indicates that the data of the bank's payment card holders is securely protected. I am confident that our joint work in this direction will continue and we will soon begin preparations for the next certification audit.

2014

On July 1, 2014, ICL-KPO Sun announced the completion of the recertification for compliance with the international security standard of the PCI DSS payment card industry by AK Bars Bank. The audit was conducted in partnership with Digital Security.

"Once
again, employees of the AK BARS Bank Processing Center Office successfully proved that careful and continuous compliance with the PCI DSS standard is possible even in a large bank with a heterogeneous processing center environment and an extensive ATM network," said Pavel Fedorov, head of the audit department of banks and payment systems of Digital Security.

In a particular project, special attention was paid to protecting POS terminals from unauthorized changes. Preparation for the audit of the ATM network was carried out in cooperation with SafenSoft.

"SafenSoft develops and updates the product, taking into account the PCI DSS standards and the requirements of the Central Bank of Russia for ensuring the security of banking systems," said Stanislav Shevchenko, technical director of SafenSoft. - The high professionalism of all participating companies made it possible to ensure the implementation of the project in the minimum time frame for the given task. The bank's approach does not formally meet the requirements, but requires conscious care about the security of its data, and therefore the data of its customers. "
"The current audit showed that we are ready to quickly solve problems within the framework of expanding the requirements of the standard. Together with our partners from ICL-KPO of the Armed Forces, we managed to build an ATM network protection system in a short time, taking into account the new requirements of the PCI DSS standard, "said Arthur Khabibrahmanov, head of the processing center of AK BARS BANK
.
"We can confidently say that now, through the joint efforts of the bank and ICL-KPO Sun, an optimal technology for continuous compliance with the PCI DSS standard has been developed in terms of efficiency and labor costs. And another successful certification is confirmation of this, "said Dinar Vildanov, project manager on the part of ICL-KPO VS. "Already, we are beginning preparations for the next certification audit, which will be carried out according to the new, third version of the standard."

2012

In June 2012, AK Bars confirmed compliance with the standard. During the year, ICL-KPO SC supported the processing center of AK Bars Bank in terms of ensuring compliance with the PCI DSS standard. The company's specialists also carried out consulting work regarding the implementation of regulatory procedures.

The audit results, according to a statement by bank employees, confirmed: AK Bars provides a high degree of security and practically eliminates the risk of theft and damage to the data of its customers using payment cards.

"You need to understand that the next confirmation of PCI DSS compliance status is not just the result of work carried out once a year. This is the result and confirmation of our daily work to ensure the information security of our services. During the year, we launched new information systems that provide the bank's services. Our partners from ICL-KPO Sun worked to ensure their security taking into account the requirements of the PCI DSS standard, said Arthur Khabibrahmanov, head of the Processing Center of AK Bars Bank. "The result of the joint efforts was the bank's re-successful confirmation of the PCI DSS version 2.0 certificate in June 2012
."
"Continuous compliance with the PCI DSS standard of such a complex and multilevel structure is not an easy task, and I am very glad that the specialists of the AK Bars Processing Center of the bank are coping with it, and, less often, do this with an understanding of the need and importance of compliance with the standard," said Pavel Fedorov, head of the audit department of banks and payment systems of Digital Security. "At the same time, the methods used to ensure compliance prove their effectiveness in practice."