KUALA LUMPUR, 24 JUNE 2010 -- To offer a safer online environment for consumers, Malaysian shared services and outsource provider FINEXUS International has been validated as compliant with the Payment Card Industry Data Security Standard (PCI DSS), it said.
"With credit cards transactions accounting for a big portion of daily commerce, the need to combat credit card fraud is extremely critical," said eProtea-FINEXUS Group managing director, Clement Loh.
"PCI DSS is a security measure designed to enhance a secure commerce space for the consumer, and also to curb the incidences of fraud," said Loh.
"An individual's personal information is a very valuable commodity to cyber criminals for the purpose of identity theft and online fraud," he said.
In order to provide our customers and ourselves peace of mind and to ensure we operate in a highly secure environment, PCI DSS compliance is extremely necessary," he said.
PCI DSS is a security requirement within the payment card industry for entities that store, process or transmit cardholder data. PCI DSS is endorsed by all the major card brands Visa, MasterCard Worldwide, Discover Network, American Express and JCB.
FINEXUS International is affiliated with the ePROTEA-FINEXUS Group of Companies. The group has two strategic businesses FINEXUS offers outsourcing services to the banking industry for the banking solutions and backroom operation services, while ePROTEA researches, develops and markets its own IP banking solution. The group has the strength of more than 150 staff and operates in 10 major cities in ASEAN.
First step to securing the corporate environment
Loh said the validation was performed by Trustwave, a provider of information security and compliance solutions. To ensure continued compliance, FINEXUS has enrolled in Trustwave's on-demand compliance management solution, TrustKeeper, to access the necessary tools to support on-going compliance such as quarterly network vulnerability scans."
"FINEXUS has invested more than US$$250,000 to create a secured infrastructure for its outsourcing business," he said. Trustwave's proprietary technology helped us achieve PCI DSS compliance while their technical expertise helped guide us through the process with ease in order for us to better understand how to maintain our compliance.
Trustware executive director, Europe, Middle East, Africa and Asia Pacific regions, Andrew Bokor, said validating compliance with the PCI DSS is really a first step in securing a corporate environment.
FINEXUS has established the proper security controls to help mitigate risk and protect their customers and organisation," said Bokor. "We look forward to working with FINEXUS to further implement additional controls that will help them better adhere to security best practices.
Sign up for Computerworld eNewsletters.