Gulf Bank announced on 22 July that it has officially obtained the Payment Card Industry (PCI)-Data Security Standards (DSS) 3.1 certification, making it the first Bank in Kuwait to be certified with this version, and one of the few certified banks across the region. PCI-DSS is the global industry standard for compliance and security for personal payment card data, to which vendors and businesses must conform to in order to protect cardholders’ personal data and prevention from credit card fraud.
The Bank’s PCI-DSS 3.0 compliance was validated on 20 May, 2014, after an extensive audit conducted by SISA, a qualified security assessor from PCI Security Standards Council. Gulf Bank was the first bank in Kuwait to take that step, further solidifying its position in the forefront.
Commenting on this announcement, May Dashti, Head of ISS at Gulf Bank, said: "The Bank's accomplishment reinforces its commitment to internationally recognized security standards that enhance the protection of customers' card information. Gulf Bank’s attainment of PCI - DSS 3.1 compliance is in line with its client centric approach. For Gulf Bank getting PCI DSS certification is more than checking a box on an annual audit, it reflects the bank’s values to constantly operate with its clients’ best interest at heart, and protect and avoid misuse of customer data".
Gulf Bank met the six different security pillars required to achieve the PCI-DSS 3.1 compliance. These requirements are namely; building and maintaining a secure network, protecting cardholder data, maintaining a vulnerability management program, implementing strong access control measures, regularly monitoring and testing of networks and last but not least, maintaining an information security policy.
Dharshan Shanthamurthy CEO of SISA said: “Congratulations to the Gulf Bank team on achieving PCI-DSS Compliance for the third time in a row. The PCI Data Security Standard, with its 200+ requirements is one of the most stringent security standards and the only global standard dedicated to secure cardholder’s data. During our partnership for the last 3 years, we were delighted to work with Gulf Bank for their pledge for maximum security and achieving PCI Compliance. This year is also very important as Gulf Bank joins the elite group of Banks in the Middle East region to be compliant with the latest version of PCI-DSS standard (version 3.1) and is also the first bank in Kuwait. We appreciate the commitment and dedication from Gulf Bank to secure their customer’s data and going through the stringent audit process of SISA” .
This achievement is a direct result of Gulf Bank’s strategy and commitment to offering its customers the best services possible, underlined by safety and security and delivered by the Bank’s team that spares no efforts in managing and improving its information security systems.