04.02.2015

Confirmation of the Conformity of the Sberbank’s Main Processing Center with the Requirements of the PCI DSS Standard

Project completion date:

December 2014

The Customer:

Sberbank of Russia is a Russian commercial bank and international financial group. It is one of the largest banks in Russia and Europe.

Sberbank is a universal bank offering a broad range of banking services. The number of its clients includes more than one million of enterprises. The Bank provides services for all types of corporate clients. The percentage of small and medium businesses in the Bank’s credit portfolio is 35%; other clients are large-scale and major corporate clients.

Business needs:

Being an issuer and acquirer for the VISA and MasterCard international payment systems as well as an American Express acquirer, Sberbank of Russia connects to their systems directly and must confirm its conformity with the requirements of the PCI DSS standard in the form of a certification audit conducted on an annual basis.

Solution:

As a part of the project, the coverage of the PCI DSS standard was revised, payment card data traffic was documented, and all audits required by the standard were conducted. As a result, the experts collected all necessary audit information and prepared reporting documents submitted to the payment systems and approved by them.

Several certified QSA auditors and a team of technical experts from Informzaschita took part in the project.

Result:

The Sberbank’s MainProcessingCenter passed the certification audit for the conformity with the requirements of the PCI DSS international standard in the payment card industry. Successful PCI certification provides Sberbank with extra opportunities to improve its image as a stable and reliable bank for its clients, partners and international payment systems.