Last week, Heritage Bank Limited received the Payment Card Industry Data Security Standard, PCI DSS certification, in addition to the ISO/IEC 27001:2013 award. The PCI DSS is a proprietary information security standard for organizations that handle branded credit cards from the major card schemes including Visa, MasterCard, American Express and Discover.
The PCIDSS, administered by the Security Standards Council, offers robust and comprehensive standards and supporting materials to enhance payment card data security. These materials include a framework of specifications, tools, measurements and support resources to help organizations ensure the safe handling of cardholder information at every step. The keystone is the PCI Data Security Standard (PCI DSS), which provides an actionable framework for developing a robust payment card data security process — including prevention, detection and appropriate reaction to security incidents.
The standard was created to increase controls around cardholder data to reduce credit card fraud via its exposure. Validation of compliance is performed annually, either by an external Qualified Security Assessor (QSA) that creates a Report on Compliance (ROC) for organizations handling large volumes of transactions.
The certification is said to be in recognition of the bank’s commitment to effective and secured financial system which ha conferred internationally-recognized standard on its operations. This will also enable Heritage Bank to protect the funds of its customers and frustrate efforts by fraudsters to access their information and assets.
Mr. Ray Kyles, British Deputy High Commissioner presented the PCI DSS and ISO certification award on behalf of the British government. The Managing Director of the bank, Mr. Ifie Sekibo, noted that banking is a business of risks management, from assets to data, adding that it is fundamental that whatever a customer keeps in a bank is in safe custody. According to Sekibo, “We are a service company providing banking service; and we are the best in the class of security of our information systems. It means funds kept with us are safe. This award is a validation of our mission to promote high ethical standards, integrity, and good business practices” .