Assist underwent certification of PCI DSS 3.2.1 in the remote mode

2020: Certification of PCI DSS 3.2.1 in the remote mode

The developer company and integrator of payment solutions Assist reported on July 6, 2020 that it once again confirmed compliance to requirements of the standard of security of PCI DSS 3.2.1. Payment infrastructure and Assist services underwent audit by the rules adopted in 2018. The audit passing online format as because of a difficult epidemiological situation in March all Assist command switched over to a remote operation mode became feature of 2020.

Certifications of PCI DSS without fail are subject the companies conducting activities for acceptance and payment processing. Since 2007 Assist regularly passes the most complete version of audit (Level 1) including QSA audit, the independent test for search of vulnerabilities of a payment gateway and quarterly scanning on vulnerability of web resources.

According to the results of check Compliance Control Ltd company. issued the conclusion that infrastructure and services of a payment gateway Assist completely meet the requirements to information security set by the PCI DSS 3.2.1 standard.

Assist since 1998 provides acceptance of electronic payments for the Russian and the foreign online companies. Using Assist it is possible to accept payments according to cards Visa MasterCard American Express Diners Club, JCB and "World" and also by means of the systems of mobile payments Apple Pay Google Pay, Samsung Pay and e-wallets Yandex.Money QIWI WebMoney.

2018

Certification of NSCP on the Mir Accept 2.0 standard

On September 27, 2018 the Assist Group reported that it underwent certification of NSCP on the Mir Accept 2.0 standard

The Assist group which is engaged in development and integration of payment solutions underwent certification of NSCP (the operator of national payment system "Mir") and was connected to the Mir Accept 2.0 protocol. It gives the chance to make faster and safe process of purchase for holders of the World cards purchasing on the Internet goods and services at clients of Assist.

The platform of safe e-commerce Mir Accept 2.0 is developed and implemented by the National Payment Card System based on 3D-Secure EMVCo protocol 2.1.0. Its basic feature is that in addition to a traditional authentication mechanism of users using codes from Sms and push-notifications the principle of the analysis of set of the factors helping to identify the user is added (payment behavior, parameters of devices, a geolocation and so forth). Unlike two-factor authentication using the SMS code, such method of authentication of the payer is more reliable, allows to accelerate payment process and to increase the number of successful payments.

According to the experts, use of Mir Accept 2.0 will help the online companies to reduce operating expenses and the number of losses on fraudulent transactions, to increase conversion of online stores and trust of buyers to them.

{{the quote|author = Diana Polekhina, head of customer relations department of Assist group |"[[Mir" it is possible to pay off with cards of the payment service provider on the websites of all our clients. By our estimates, in the first half of 2018 the number of the online payments made on the World cards grew by 3.6 times in comparison with the second half of the year 2017. Implementation of the Mir Accept 2.0 protocol will allow Mir payment system to increase even more the share in the market.}}

More and more online payments are made by users from mobile devices, and a task of all participants – banks, developers and online stores – it is not simple to accelerate online payment process, but also to make it simpler and safe. The Mir Accept 2.0 platform allows to solve these problems successfully. Maria Tochilova, development director of products, digital and technology services of Mir payment system

Compliance to the standard of security of PCI DSS 3.2

The developer company and integrator of payment solutions Assist announced on July 31, 2018 that it confirmed compliance to requirements of the standard of security of PCI DSS 3.2. Payment infrastructure and Assist services successfully underwent audit in Russia and Republic of Belarus by the toughened rules which began to work in 2018.

Certifications of PCI DSS without fail are subject the companies conducting activities for acceptance and payment processing. Since 2007 Assist regularly passes the most complete version of audit (Level 1) including internal check by the QSA auditor, the independent test for search of vulnerabilities of a payment gateway and quarterly scanning on vulnerability of web resources.

According to the results of check in July, 2018 the permanent partner of Assist on audit the Security Research & Consulting GmbH company issued the conclusion that infrastructure and services of a payment gateway Assist completely meet the requirements to information security set by the PCI DSS 3.2 standard.

2017

The Assist group underwent in the spring of 2017 the annual procedure of certification of PCI DSS, having confirmed compliance of the new version of the standard which will take effect since February 1, 2018. A number of the changes toughening requirements to information security support of the companies performing activities for acceptance of electronic payments was entered to PCI DSS 3.2. Based on audit the German company Security Research & Consulting GmbH once again issued the conclusion that infrastructure and services of a payment gateway of Assist completely meet the requirements of the standard.

Assist processes more than 15 million electronic transactions a year and passes the complete version of certification of PCI DSS (Level 1) that assumes increased requirements to security at all levels of payment infrastructure. The procedure includes annual QSA audit and independent penetration-test and also quarterly ASV scanning.

2016

The Assist group underwent the procedure of certification of PCI DSS of version 3.1. at the beginning of 2016, having confirmed compliance of the payment service to the standard of security which is obligatory for work with international payment systems. In June, 2016 based on audit of the German company Security Research & Consulting GmbH

Annual passing of certification on compliance to requirements of data protection of PCI DSS – a necessary condition of implementation of activity of a payment gateway. Assist undergoes audit since 2007, confirming thereby reliability of data protection of holders of bank cards.

Kirill Ivanov, director of operation of Assist group: "As a payment gateway which performs a large number of transactions we annually pass the most complete version of certification of PCI DSS (Level 1) including three steps: internal audit, quarterly scanning on vulnerability of web resources, penetration-test there is a search of vulnerabilities of a payment gateway at all levels of infrastructure. Such check means that the security level provided to clients of services and services meets the most strict requirements of Visa, MasterCard, American Express, Diners Club and JCB".