Google cloud now meets banking security standards.
Matthew O'Connor, Google Cloud Platform project manager, announced today that the search engine giant's own cloud platform is compatible with the Payment Card Industry Data Security Standard (PCI DSS). This standard is a list of 12 requirements governing the security of how data on cardholders are transmitted and processed on the Internet.
In fact, this means that applications on the Google Cloud Platform have received a kind of guarantee of market participants that they comply with high security standards. Certain operators such as Visa, MasterCard and American Express are behind the PCI DSS certification, therefore, for companies making payments without it, there is a strict system of fines in case of leakage of personal data of credit card holders. The level of requirements of the standard by its creators is recognized as very high, and many participants in the payments market often complain that compliance with PCI DSS will cost them too much - which is why Google found its achievement to be remarkable for publication.
Recently, the PCI Security Council regulator began to impose an additional requirement that any third party involved in the payment transaction also meet the standard, so it’s not possible to create a payment application for the Google cloud to the first developer that’s gotta have a PCI certificate.
But in general, from the point of view of retailers who have to keep a large amount of personal information on credit cards, they, in the face of Google, receive an alternative to Amazon and Microsoft, whose cloud platforms have already received PCI DSS certificates.
In fact, this means that applications on the Google Cloud Platform have received a kind of guarantee of market participants that they comply with high security standards. Certain operators such as Visa, MasterCard and American Express are behind the PCI DSS certification, therefore, for companies making payments without it, there is a strict system of fines in case of leakage of personal data of credit card holders. The level of requirements of the standard by its creators is recognized as very high, and many participants in the payments market often complain that compliance with PCI DSS will cost them too much - which is why Google found its achievement to be remarkable for publication.
Recently, the PCI Security Council regulator began to impose an additional requirement that any third party involved in the payment transaction also meet the standard, so it’s not possible to create a payment application for the Google cloud to the first developer that’s gotta have a PCI certificate.
But in general, from the point of view of retailers who have to keep a large amount of personal information on credit cards, they, in the face of Google, receive an alternative to Amazon and Microsoft, whose cloud platforms have already received PCI DSS certificates.
')
Source: https://habr.com/ru/post/363871/
All Articles