On December 18, 2018, CMC delivered the international certificate of PCI DSS security to Ban Viet Commercial Joint Stock Bank. The certificate is assessed and issued by CMC Information Security Joint Stock Company (CMC Infosec) according to the world standard of the Card Data Security Council (PCI SSC). The whole project was consulted by CMC Saigon System Integration Company Limited (CMC SISG).
Ban Viet Capital Commercial Joint Stock Bank (Viet Capital Bank) was established in 1992 and is gradually asserting its position in the financial and banking sector. With the goal of increasing flexibility to meet the diverse needs of customers’ products and services, Ban Viet Bank has accompanied with CMC Corporation as a pioneer in resolving successful technology issues, creating competitive advantages for many banks in Vietnam, especially confidentiality and information security are always a strength of CMC. In 2018, CMC was selected by Ban Viet Bank to consult, evaluate and issue PCI DSS international card data security certificate.
PCI DSS (Payment Card Industry Data Security Standard) is a mandatory information security standard for business to store, transmit and process payment cards managed by 05 international payment organizations such as Visa, MasterCard, American Express, Discover and JCB. PCI DSS is a standard accredited by the above-mentioned international payment organizations to the Payment Card Industry Security Standard Council (PCI SSC), developed for the purpose of increasing control cardholder data and limit fraud. The certificate will be valid for one year, and business must perform periodic reevaluation. PCI DSS has 12 mandatory requirements, including: building and maintaining a firewall system to protect payment card data, protecting payment card data when stored on the system, using and updating regular anti-virus software, build – maintain systems and applications to ensure network security, regularly evaluate and retest system security processes … In Vietnam, about 10 banks have met this PCI DSS card data security standard.
In the past, Ban Viet Bank has cooperated with CMC SISG on many projects such as consulting, building and transferring two DC, DR data centers; network systems, servers for data centers and card core; consulting security systems to ensure the safety of banks … For information security, CMC SISG together with CMC Infosec has coordinated, evaluated and reviewed the information security processes and systems of the Bank. During the appraisal and evaluation process, CMC SISG has coordinated advice and compliance verification of Ban Viet Bank in accordance with the PCI DSS standard of CMC Infosec. Two parties have mutual technical support to ensure the quality implementation of the project. Based on the results and evaluation of the project, CMC Infosec has officially granted an international certificate of PCI DSS security to Ban Viet Bank. Currently, CMC Infosec is the second enterprise authorized to assess and issue card security certificates according to the world standard PCI DSS. The Card Data Security Council (PCI SSC) has recognized CMC Infosec as a QSA company and has been licensed by the PCI SSC to conduct compliance certification assessments.
Ms. Tran Thi Phuong Hong, Vice General Director of CMC SISG evaluated the implementation process: “The advantage of the long-term cooperation between CMC and Ban Viet Bank has helped CMC able to analyze the overall security of infrastructure, helping projects deploy successfully. The integration of additional security solutions is a strength of CMC that helps customers complete security diagrams for infrastructure, easily achieve PCI DSS certification”.
Talking about the success of the project, Mr. Phan Viet Hai, Director of IT Division of Ban Viet Bank said: “From the beginning, Ban Viet Bank has determined the importance of being granted an international certificate on. To ensure that, our technical team cooperated with CMC to ensure that we meet the rigorous standards of the PCI organization. With this certificate, Ban Viet Bank has affirmed its prestige and quality, and met the highest standards of the PCI DSS organization in providing card products in Vietnam and abroad”.
Being granted the PCI DSS certificate will allow Ban Viet Bank to open up to 6 million Visa cards per year, making customers more confident when using card or online payment services, helping to increase the number of customers. stimulate business growth according to Ban Viet Bank’s strategy. To CM, evaluation and award of PCI DSS certificate is a premise for customers to be more confident in using solutions and services on information security and information security from CMC, helping CMC to be more confident in introducing new security services such as Fraud Detection (fraud prevention system), GRC Achievements (Administration, risk and compliance) … for domestic banks as well as international ones.