PINswift confirmed out of the PCI DSS scope

Dublin, May 8th 2016.

Formal opinion on PCI DSS requirements applicability showed, PCI DSS requirements do not apply to PINswift solution. According to expert opinion issued by the Irish PCI DSS qualified security assessor company Five Security, Electronic PIN Vault which is key component of the PINswift solution does not contain any critical information which would make it subject to PCI DSS requirements.

Independent PCI DSS applicability review has been requested by the Ostendo Consulting – a security advisor company deeply involved in designing PINswift security from the beginning of the development. Ostendo is also major PINswift’s investor.

Keeping the solution easy to implement and maintain, while ensuring cutting edge security and 100% compliance were key challenges PINswift development team faced during the architecture design. Knowing how complex is going through endless audits, PINswift architects gathered with security, compliance, PCI DSS and telecommunication technology experts to find the way for PINswit to fulfill all applicable requirements while still being easy to implement and maintain. Based on the innovative approach, PINswift architecture enables type of implementation makes sure PINswift will stay out of the PSI DSS scope.
Based on this innovative approach, PINswift is the only PCI compliant solution enabling full integration with customer facing solutions such as mobile banking applications without the need to include all those systems into PCI DSS scope.
Being out of PCI DSS scope significantly simplifies PINswift implementation as well as required cost, time and resources.