Unibank becomes Armenia’s first bank to comply with Swift security standards
Unibank, one of Armenia’s top banks, has become the country’s first to complete the certification process and become regarded as fully compliant with the required standards of security for the Swift payment infrastructure.
Unibank, which has been serving the people of Armenia for more than 15 years with branches across Armenia and the Nagorno Karabakh Republic, has revised its security standards in order to comply with the Swift international payment network, which is now one of the most significant financial messaging systems on the planet.
At the end of last month, Swift warned the global banking industry of the increasing danger of cybercriminals and hackers relating to sophisticated digital attacks against banks. The warning came fresh from the news that cybercriminals came within a whisker of snatching almost $1 billion from the account of the Central Bank of Bangladesh early last year. The digital thieves submitted fraudulent Swift transfer messages via the Central Bank of Bangladesh’s internal infrastructure. Eventually, the cyber hackers were only able to pinch $81 million, but it certainly served as a stark warning to banks and financial institutions that haven’t yet acknowledged the growing cyber threat to the worldwide financial sector.
The Yerevan-based Unibank has subsequently worked in alignment with the Customer Security Controls Framework 1.0, which outlines the recommended and compulsory control elements required in order to refine cyber security levels and protect sensitive information for financial institutions and their clients. To encourage banks around the world to implement these controls, the Swift payment system has set up a comprehensive review process which financial institutions must finalise before the end of this year.
To reach the highest standards of data security for their internal affairs and their clients, Unibank took the option to utilise advanced data security technologies some time ago. In recent months, Unibank has already adopted a data security management system in line with international standards ISO 27001: 2013.
It has also achieved a certification of compliance with the requirements of the PCI DSS (Payment Card Industry Data Security Standard), which was created in 2004 in a bid to protect debit and credit card transactions from data theft and fraudulent activity. PCI certification is not a legal requirement, but it is regarded as a leading method of safeguarding sensitive financial data, helping banks to develop trusted, long-term partnerships with their clients. PCI DSS certification also confirms that a financial institution is adopting best practice information security methods in terms of the implementation of firewalls, encryption of all data passed internally and the utilisation and continual refinement of anti-virus programmes. Data breaches can be extremely costly for banks, leading to financial penalties from payment card issuers, client lawsuits and a tarnished reputation.
Furthermore, Unibank has also recently finalised its compliance with the PCI PIN Security 2.0 standard and was awarded certification for adhering to this global standard. The certification regarding PCI PIN Security 2.0 confirms that the way in which debit and credit card PINs are distributed is conducted in strict accordance with the data security guidelines of the global Visa payment network. It also suggests strong levels of security and encryption of card transactions made both in person and online.
By Duncan Evans, freelance writer