Four days before summer, May 17, 2010, Commercial Bank Transinvestbank has received Certificate of Compliance with PCI DSS from Sysnet Eurasia Company Limited.

In spite of heat, that came in Russia, July was the most productive month of this summer.

In July Informzaschita has presented Certificate of Compliance with PCI DSS to Petrocart CJSC, as result of completed consulting and certification project.

On July 9 the Certificate of Compliance with PCI DSS has deservedly settled at the office of Uniteller processing center. Digital Security has performed this successful consulting and compliance assessment.

At the end of July PayOnline System has confirmed its PCI DSS compliant status by taking assessment project, where Digital Security took part of QSA auditor.

Summer trend shows the perceptiveness of security strengthening strategy, taken by Russian members of payment card industry.

PCI DSS standard defines that all service providers, which have access to cardholder data or can affect it’s security, have to be compliant with PCI DSS. Hosting providers are among them. According to requirement 12.8, to achieve PCI Compliance an organization have to verify that all of their service providers are compliant with PCI DSS.

So let’s take a look at European market and find offers available here. Herewith we are looking for collocation (server owned by customer) and rental service of physical or virtual server. Read the rest of this entry »

Uploaded my presentation from Cardexpo meeting. Firstly it is about importance of application security in a PCI Security area and of cause about a PA-DSS standard and advantages for application vendors and merchants for getting PA-DSS compliance.

Here it is:

Yesterday on Cardexpo meeting I gave a talk on how to organize cooperation between client, QSA and systems integrator while building PCI DSS compliant payment infrastructure. Here is my presentation:

On March 17, 2010 there was one pretty good performance in Moscow City Centre – PCI DSS Russia 2010 conference, which is held annually. The hall has collected there more than 150 guys from Russian and Ukrainian banks, merchants and service providers. The main feature of the party was, of course, the presence of Visa and MasterCard.

I gave there a talk about some concerns on the way to PCI Compliance, here is my presentation:

Hi, Everybody!

My name is Sergey Shustikov and I’m ready to present you this new blog about PCI DSS, PA-DSS and other aspects of payment card industry security.

We are researchers, every day we wake up full of thoughts about how to find out something interesting in our field of knowledge and give it to the world. We are lucky to have a community PCIDSS.RU, which unites us – security professionals of the Eastern Europe. Today we are twice lucky – now we have this international blog PCIDSSRU.COM to increase effectiveness of the process of knowledge accumulation and distribution!

Hope, you’ll find it helpful! Good Luck! ;)