Más contenido relacionado PCIService Providers1. Visa’s Global Registry of Service Providers - PCI DSS Validated Entities
As Of 1/19/2011
The companies listed below were validated as being PCI DSS compliant by a QSA as of the "VALIDATION
DATE". Service providers are required to revalidate their compliance to Visa on an annual basis, with the next
annual Report on Compliance (ROC) due to Visa one year from the "VALIDATION DATE". ROCs that are from 1-
60 days late are noted in yellow and ROCs that are from 60-90 days late are noted in red. Entities with ROCs
over 90 days past due are removed from this list. Entities are listed in each Visa region where they have been
registered by at least one client, including: AP - Asia Pacific, CEMEA - Central Europe / Middle East / Africa,
LAC - Latin America / Caribbean, NA - North America - Canada / United States. Visa client's are responsible for
and are required to use compliant service providers and to follow up with service providers directly if there are any
questions about their compliance status.
List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
1ShoppingCart.com June 30, 2010 Other Security Metrics
Payment Gateway
1st Americard March 31, 2010 Other Fortrex Technologies
1stPayGateway, LLC May 31, 2010 Authorization Internet Security Systems (a
wholly owned IBM company)
Payment Gateway
3dCart March 31, 2010 Hosting Provider SecurityMetrics
Payment Gateway
3Delta Systems September 30, 2010 Authorization Fortrex Technologies
MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe
Transactions
Switching
800 Call KC May 31, 2010 MOTO Payment Processing Accudata Systems
Payment Gateway
A3 IT Solutions November 30, 2010 Hosting Provider Trustwave
AAFES July 31, 2010 IPSP (E-commerce) IBM Security Services
Payment Gateway
Process Magnetic-Stripe
Transactions
Switching
Abanco, LLC February 28, 2010 Payment Gateway Trustwave
Process Magnetic-Stripe
Transactions
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 1 of 65
2. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
ABC FINANCIAL May 31, 2010 Authorization Trustwave
SERVICES, INC
Clearing & Settlement
Hosting Provider
IPSP (E-commerce)
MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe
Transactions
ABC Virtual November 30, 2009 Hosting Provider Lighthouse Computer
Communications, Inc. Services
Payment Gateway
Accel Networks January 31, 2010 Other Trustwave
Accelerated Payment July 31, 2010 Authorization Trustwave
Technologies Inc
IPSP (E-commerce)
Loyalty Programs
MOTO Payment Processing
Other
Payment Gateway
Process Magnetic-Stripe
Transactions
ACCENT Marketing May 31, 2010 MOTO Payment Processing Crowe Horwath
Accertify February 28, 2010 Other Halock Security Labs
Accesso, LLC February 28, 2010 Clearing & Settlement Trustwave
Payment Gateway
AccountNow June 30, 2010 Other Trustwave
Acculynk February 28, 2010 Payment Gateway Trustwave
ACH Direct November 30, 2009 Payment Gateway RSM McGladrey
Achieve Financial Services, November 30, 2010 Issuing Processing INFORMATION
LLC EXCHANGE, INC
ACI Worldwide April 30, 2010 Other Solutionary, Inc
ACI Worldwide - Winn-Dixie September 30, 2010 Payment Gateway Solutionary
Environment
Process Magnetic-Stripe
Transactions
Switching
ACS Government and August 31, 2010 Hosting Provider SecurityMetrics
Community Solutions
Payment Gateway
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 2 of 65
3. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
ACS Government and August 31, 2010 Process Magnetic-Stripe SecurityMetrics
Community Solutions Transactions
Adeptra December 31, 2010 Other Protiviti
Advanced Network, Inc. October 31, 2009 Authorization Information Exchange Inc.
Clearing & Settlement
Payment Gateway
Advantex Dining Corporation March 31, 2010 Loyalty Programs Datassurant, Inc.
Adyen B.V. May 31, 2010 Internet Payment Processing Trustwave
Aegis Communications December 31, 2009 Other K3DES
AEGIS USA, INC. May 31, 2010 Other Verisign
Affiliated Acceptance October 31, 2010 MOTO Payment Processing Trustwave
Corporation
Payment Gateway
Affinion Loyalty Group February 28, 2011 Loyalty Programs Trustwave
(formerly Trilegiant)
Affinity Solutions November 30, 2009 Loyalty Programs Solutionary
Agilysys, Inc. July 31, 2010 Payment Gateway Trustwave
Airlines Reporting February 28, 2010 Clearing & Settlement AT&T Consulting Solutions,
Corporation Inc.
Akamai September 30, 2010 Other Neohapsis Inc.
AL BILAD BANK October 31, 2010 Authorization Trustwave
Clearing & Settlement
IPSP (E-commerce)
Issuing Processing
MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe
Transactions
Switching
Alacriti December 31, 2009 Payment Gateway IGX Global
Alaska Option Services April 30, 2010 Authorization K3DES
Clearing & Settlement
Issuing Processing
Switching
Alignet, S.A.C December 31, 2010 3-D Secure Access Control Xtrategies
Server
IPSP (E-commerce)
Other
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 3 of 65
4. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
Alignet, S.A.C December 31, 2010 Payment Gateway Xtrategies
Alliance Data - Remittance May 31, 2010 Other Verizon Business Network
Processing Services Inc.
Alliance Data - Retail January 31, 2010 Authorization Verizon Business
Services
Clearing & Settlement
Issuing Processing
Loyalty Programs
Alliance Entertainment August 31, 2010 Authorization Solutionary Inc.
IPSP (E-commerce)
Payment Gateway
AllianceOne Inc. May 31, 2010 Other Tevora Business Solutions
Alta Resources April 30, 2010 Other IBM Internet Security
Systems
Amazon.com October 31, 2010 Other IOActive, Inc.
AmegyBank December 31, 2009 Other Verizon Business
Payment Gateway
American Bancard June 30, 2010 Other Enterprise Risk
Management, Inc.
American Data Technology April 30, 2010 Hosting Provider Specialized Security
Services, Inc
Americaneagle.com November 30, 2010 Hosting Provider Fortrex Technologies
AOC Solutions, Inc October 31, 2009 Other Fortrex Technologies
AOL, Inc. September 30, 2010 Authorization IOActive
Clearing & Settlement
MOTO Payment Processing
Payment Gateway
Apriva, LLC July 31, 2010 Clearing & Settlement Trustwave
IPSP (E-commerce)
Loyalty Programs
Payment Gateway
Process Magnetic-Stripe
Transactions
Switching
Arab Financial Services July 31, 2010 Payment Processing SISA
Company
Arcot Systems December 31, 2009 3-D Secure Access Control Payment Software company
Server (PSC)
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 4 of 65
5. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
Argenbright – Skybridge August 31, 2010 Other Trustwave
Marketing Group -
Customer Service
Aria Systems December 31, 2010 Payment Gateway TrustWave
Ariba Inc May 31, 2010 Other Payment Software company
(PSC)
Arise Virtual Solutions May 31, 2010 Other AT&T Consulting Solutions
Armenian Card CJSC December 31, 2009 Authorization Informzaschita
Clearing & Settlement
Issuing Processing
Switching
Art Technology Group (ATG) November 30, 2010 Hosting Provider Trustwave
IPSP (E-commerce)
Artez Interactive Inc December 31, 2010 Payment Gateway IBM Security Services
Arvato Finance Services July 31, 2010 Clearing & Settlement Acertigo AG - An EXCELSIS
Limited Company
IPSP (E-commerce)
Payment Gateway
ASIAPAY (HONG KONG) November 30, 2009 IPSP (E-commerce) Trustwave
LTD
Payment Gateway
Asociacion Cibao de September 30, 2010 Authorization Trustwave
Ahorros y Prestamos
Issuing Processing
Assist July 31, 2010 Payment Gateway SRC Germany
ASUREPAY PTY LTD July 31, 2010 IPSP (E-commerce) Bridgepoint
AT&T Managed Hosting October 31, 2010 Hosting Provider Trustwave
and Application Services
AT&T Managed Services - October 31, 2010 Other Trustwave
AT&T Encryption Services
AT&T Managed Services - July 31, 2010 Other Trustwave
AT&T Enhanced VPN
Services, AT&T VPN
Services, AT&T Private
Network Transport Services
AT&T Managed Services - May 31, 2010 Other Trustwave
AT&T Network Based IP
VPN Remote Access
Service / AT&T VPN
Tunneling Service
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 5 of 65
6. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
AT&T Managed Services - July 31, 2010 Other Trustwave
Endpoint Security
AT&T Managed Services - July 31, 2010 Other Trustwave
Intrusion Detection
Services/Intrusion
Prevention Services
AT&T Managed Services - July 31, 2010 Other Trustwave
IP Telephony and LAN
Services
AT&T Managed Services - July 31, 2010 Other Trustwave
Managed Router Services
AT&T Managed Services - July 31, 2010 Other Trustwave
Network Based Firewall
AT&T Managed Services - July 31, 2010 Other Trustwave
Premise Based Firewall
AT&T Managed Services - July 31, 2010 Other Trustwave
Transaction Routing Service
AT&T Managed Services - July 31, 2010 Other Trustwave
VoiceTone
AT&T Synaptic Hosting October 31, 2010 Hosting Provider Trustwave
ATCO I-TEK INC. August 31, 2010 Other Control Gap
ATOS ORIGIN SERVICES April 30, 2010 Authorization TUV Rheinland
(M) SDN BHD
Clearing & Settlement
Hosting Provider
Issuing Processing
AudienceView Ticketing August 31, 2010 Other NCI (Net Cyclops Inc.)
Corporation
Auric Systems International October 31, 2010 Other PSC
Authorize.NET November 30, 2010 Payment Gateway Trustwave
Autoscribe Corporation June 30, 2010 Other Fortrex Technologies
Payment Gateway
AVF Consulting, Inc. July 31, 2010 Payment Gateway igxglobal
B3 Corp February 28, 2010 Payment Gateway Digital Resources Group
(DRG)
Bank of America Merchant March 31, 2010 Clearing & Settlement Trustwave
Services
Payment Gateway
Switching
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 6 of 65
7. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
Bank Zenit November 30, 2010 Authorization Jet Infosystems
Clearing & Settlement
IPSP (E-commerce)
Issuing Processing
MOTO Payment Processing
Process Magnetic-Stripe
Transactions
Switching
BankCard USA November 30, 2010 Other 403 Labs
Bankserv September 30, 2010 Payment Gateway RSM McGladrey Inc.
Bankserv Credit Card October 31, 2010 Payment Gateway Trustwave
Services, Inc.
Banque Misr July 31, 2010 Authorization ControlCase LLC
Clearing & Settlement
IPSP (E-commerce)
Issuing Processing
MOTO Payment Processing
Payment Gateway
Switching
Beanstream Internet September 30, 2010 IPSP (E-commerce) SPIGuard Security Solutions
Commerce Inc. Inc
MOTO Payment Processing
Payment Gateway
Benson Records November 30, 2009 Other FishNet Security
Management Center
Bill 1st, LLC July 31, 2010 Other Chief Security Officers, LLC
BillMatrix February 28, 2010 Payment Gateway Trustwave
Billtrust October 31, 2010 Payment Gateway Chief Security Officers, LLC
Blackbaud - eTapestry September 30, 2010 Other Trustwave
Blackbaud - Internet September 30, 2010 Other Trustwave
Services
Blackbaud Payment February 28, 2010 Payment Gateway Trustwave
Services
Blackhawk Network May 31, 2011 Authorization Verizon Business
Clearing & Settlement
Hosting Provider
Issuing Processing
Payment Gateway
Switching
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 7 of 65
8. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
Blue Bamboo, Inc October 31, 2009 Authorization Digital Resources Group
(DRG)
Payment Gateway
Bluefin Payment Systems October 31, 2009 Payment Gateway 403 Labs
BluePay May 31, 2010 Other Trustwave
Payment Gateway
Braintree Payment Solutions February 28, 2010 Other Trustwave
Brinkman Financial January 31, 2010 Authorization K3DES
MOTO Payment Processing
BSG Payments (formerly November 30, 2009 Payment Gateway Trustwave
Billing Concepts)
Business Data Record November 30, 2009 Other RSM McGladrey
Services
Cale Access AB (Cale November 30, 2010 Other Trustwave
Systems)
Payment Gateway
Process Magnetic-Stripe
Transactions
Caledon Card Services May 31, 2010 Authorization SPIguard Security Solutions
Inc.
Clearing & Settlement
MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe
Transactions
Calypso Canada January 31, 2011 Switching Trustwave
Camis, Inc. October 31, 2010 IPSP (E-commerce) SPIguard Security Solutions
Inc.
MOTO Payment Processing
Cantaloupe Systems, Inc. September 30, 2010 Authorization 403 Labs, LLC
Clearing & Settlement
Payment Gateway
Process Magnetic-Stripe
Transactions
Capital Bankcard October 31, 2009 MOTO Payment Processing Trustwave
Payment Gateway
Capital Card Services April 30, 2010 MOTO Payment Processing Trustwave
Other
Card Management Corp. August 31, 2010 Other Crowe Chizek
CardCana Corporation November 30, 2009 Authorization IGX Global
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 8 of 65
9. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
CardCana Corporation November 30, 2009 Payment Gateway IGX Global
CARDFLEX INC. September 30, 2010 Authorization K3DES LLC
MOTO Payment Processing
Other
Payment Gateway
Cardinal Commerce Corp. December 31, 2010 3-D Secure Access Control Payment Software Company
Server (PSC)
Payment Gateway
CARDLINK SERVICES June 30, 2010 Clearing & Settlement Vectra
LIMITED
MOTO Payment Processing
Payment Gateway
CardStandard April 30, 2010 Authorization IBM Internet Security
Systems
Clearing & Settlement
Issuing Processing
MOTO Payment Processing
Process Magnetic-Stripe
Transactions
Cardtronics EFT May 31, 2010 Other K3DES
Process Magnetic-Stripe
Transactions
Switching
Cardworks Processing August 31, 2010 Authorization Trustwave
Clearing & Settlement
IPSP (E-commerce)
MOTO Payment Processing
Payment Gateway
Cardworks Servicing LLC February 28, 2010 Other Trustwave
Carlson Marketing March 31, 2010 Loyalty Programs Trustwave
Worldwide (Visa Data Track)
Carlson Marketing June 30, 2010 Loyalty Programs Trustwave
Worldwide (Visa Extras)
Cart 32 August 31, 2010 Hosting Provider Accuvant
IPSP (E-commerce)
Payment Gateway
Process Magnetic-Stripe
Transactions
CartManager February 10, 2010 IPSP (E-commerce) Trustwave
Payment Gateway
Process Magnetic-Stripe
Transactions
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 9 of 65
10. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
CashLINQ Group, LLC August 31, 2010 MOTO Payment Processing SecurityMetrics
Payment Gateway
Process Magnetic-Stripe
Transactions
Cash'N Go May 31, 2010 Payment Gateway Trustwave
Process Magnetic-Stripe
Transactions
CASHNet December 31, 2010 IPSP (E-commerce) 403 Labs, LLC
MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe
Transactions
CB AGROPROMCREDIT November 30, 2010 Authorization EVRAAS.I.T
Clearing & Settlement
Issuing Processing
Payment Gateway
Process Magnetic-Stripe
Transactions
CBC Companies, Inc April 30, 2010 Other Verizon Business, Inc
CBCInnovis, Inc. April 30, 2010 Other Verizon
CBORD Group February 28, 2010 Payment Gateway Trustwave
Cboss November 30, 2010 Payment Gateway SecurityMetrics
CCBill January 31, 2010 Authorization Chief Security Officers
Clearing & Settlement
IPSP (E-commerce)
CDMS MERCHANT December 31, 2010 Other Enterprise Risk Management
SERVICES, INC.
CDW Hosting and Managed October 31, 2010 Hosting Provider Trustwave
Services
CenPos January 31, 2010 Payment Gateway Enterprise Risk Management
Center Partners October 31, 2010 Other IDEA Information Security
Centershift October 31, 2010 Hosting Provider Security Metrics
Payment Gateway
Central States Indemnity October 31, 2010 Other Continuum Worldwide
Corporation
Centrix Bank – LockBox May 31, 2010 MOTO Payment Processing SecurityMetrics
Service
Payment Gateway
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 10 of 65
11. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
Century Bankcard Services May 31, 2010 Clearing & Settlement Information Exchange
Other
Certain Software October 31, 2010 Payment Gateway Coalfire Systems
CHARGE Anywhere April 30, 2010 Payment Gateway Trustwave
Chargeback Guardian November 30, 2010 Other SecurityMetrics
Payment Gateway
Chase Loyalty Solutions December 31, 2010 Authorization Trustwave
Clearing & Settlement
Loyalty Programs
Payment Gateway
Switching
Chase Paymentech January 31, 2010 Authorization Trustwave
Solutions, LLC.
Clearing & Settlement
Loyalty Programs
Check21.com LLC May 31, 2010 Payment Gateway Enterprise Risk Management
Chip Card Ad Beograd April 30, 2010 Authorization VOC - Consultancy
Clearing & Settlement
Switching
Cintas Document June 30, 2010 Other SecureState Consulting
Management Shredding
Cintas Document June 30, 2010 Other SecureState Consulting
Management Storage
Clearent April 30, 2010 Authorization Coalfire
Clearing & Settlement
Payment Gateway
Switching
ClearTran January 31, 2010 Payment Gateway SecurityMetrics
Client Services January 31, 2010 Other Insight
Cobre Bem June 30, 2010 IPSP (E-commerce) ecipher
MOTO Payment Processing
Payment Gateway
Collections Marketing December 31, 2009 Other 403 Labs
Center, Inc.
Payment Gateway
Columbus Data January 31, 2010 Authorization Information Exchange
Clearing & Settlement
Other
Payment Gateway
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 11 of 65
12. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
CommerceV3 November 30, 2010 Hosting Provider Fortrex Technologies
Payment Gateway
Compass Plus Ltd. November 30, 2010 Authorization Trustwave
Clearing & Settlement
Issuing Processing
Payment Gateway
Process Magnetic-Stripe
Transactions
Switching
Complianthost.com, a GSI May 31, 2010 Hosting Provider SAS 70 Solutions
Service Offering
Computer Services, Inc. September 30, 2010 Authorization Crowe Horwath
Clearing & Settlement
Issuing Processing
Payment Gateway
Process Magnetic-Stripe
Transactions
Switching
Concur - Gelco August 31, 2010 Other Verizon Business
Concur - Redmond June 30, 2010 Other Verizon Business
Consumer Benefit Services March 31, 2010 Loyalty Programs Trustwave
Contact Solutions April 30, 2010 MOTO Payment Processing SecurityMetrics, Inc.
Payment Gateway
Convergys CCMS April 30, 2010 Other Fortrex Technologies
Convergys Encore March 31, 2010 Payment Gateway Fortrex Technologies
Convergys Home Agent July 31, 2010 Payment Transmission Fortrex Technologies
Service
Convergys Intervoice July 31, 2010 Other Fortrex Technologies
Convio, Inc. January 31, 2010 Payment Gateway Trustwave
CO-OP Financial Services April 30, 2010 Authorization Tevora Business Solutions
Inc
Clearing & Settlement
Loyalty Programs
Other
Payment Gateway
Switching
CORE Business July 31, 2010 Authorization Trustwave
Technologies
Hosting Provider
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 12 of 65
13. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
CORE Business July 31, 2010 IPSP (E-commerce) Trustwave
Technologies
MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe
Transactions
CoreCommerce December 31, 2009 Payment Gateway Chief Security Officers
CRE Secure July 31, 2010 Payment Gateway Coalfire Systems, Inc.
Credibanco Visa Colombia April 30, 2010 Authorization Xtrategies
Clearing & Settlement
IPSP (E-commerce)
Issuing Processing
MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe
Transactions
Switching
Credit Discovery December 31, 2009 Clearing & Settlement Information Exchange
Other
CreditCall Communications January 31, 2010 Authorization Foregenix
Ltd.
Clearing & Settlement
MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe
Transactions
Crescent Processing October 31, 2010 Other SecurityMetrics
Company
Payment Gateway
Croem, Inc. October 31, 2010 MOTO Payment Processing Trustwave
CSG Content Direct March 31, 2010 Authorization Solutionary
IPSP (E-commerce)
Payment Gateway
CSG Systems - Data Prose May 31, 2010 IPSP (E-commerce) Solutionary
Other
CSG Systems, Inc. - April 30, 2010 Payment Gateway Solutionary
Interactive Messaging
CSG Systems, Inc. – April 30, 2010 Authorization Solutionary
Statement and Account
Billing Services
IPSP (E-commerce)
Payment Gateway
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 13 of 65
14. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
CSI Software October 31, 2010 Hosting Provider Trustwave
Payment Gateway
CSU CardSystem S.A. September 30, 2010 Authorization Trustwave
Clearing & Settlement
Hosting Provider
Issuing Processing
MOTO Payment Processing
Other
Payment Gateway
Process Magnetic-Stripe
Transactions
Switching
Cvent August 31, 2010 Other FishNet Security
Cybera April 30, 2010 Switching FishNet Security
CyberSource (a Visa August 31, 2010 Payment Gateway Trustwave
company)
Cynergy Data August 31, 2010 IPSP (E-commerce) Coalfire Systems. Inc.
MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe
Transactions
D.M.inSite July 31, 2010 Payment Gateway SecurityMetrics
Data Delivery Services July 31, 2010 Other Coalfire
Data Paradigm July 31, 2010 Other Crowe Horwath LLP
Data Stream February 28, 2010 Authorization Information Exchange
Clearing & Settlement
Other
Payment Gateway
Dataline Systems December 31, 2009 Other Trustwave
Datapak Services May 31, 2010 Authorization Trustwave
Corporation
Hosting Provider
Payment Gateway
DataTrax Technologies January 31, 2011 Payment Gateway SecurityMetrics, Inc.
DAXKO April 30, 2010 IPSP (E-commerce) IBM Security Services
Debit Plus Technologies, February 28, 2010 Other Specialized Security Services
LLC
Debit Technologies, Inc May 31, 2010 Clearing & Settlement Information Exchange
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 14 of 65
15. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
Debit Technologies, Inc May 31, 2010 Other Information Exchange
Delphis Software November 30, 2009 Authorization Digital Resources Group
(DRG)
Payment Gateway
Demandware June 30, 2010 Hosting Provider SecurityMetrics
IPSP (E-commerce)
Payment Gateway
Denarii Systems January 31, 2010 Authorization Security Works
Clearing & Settlement
IPSP (E-commerce)
Issuing Processing
Loyalty Programs
MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe
Transactions
Switching
DHD Media June 30, 2010 Clearing & Settlement Trustwave
Payment Gateway
Diamond Marketing September 30, 2010 Other Halock Security Labs
Solutions
Diebold, Inc. December 31, 2010 Authorization Verizon Business Network
Services Inc.
Switching
Digital Network Solutions April 30, 2010 Authorization Information Exchange
(DNS) DBA Moneytree ATM
Clearing & Settlement
Payment Gateway
Digital Payment May 31, 2010 Payment Gateway Payment Software company
Technologies (PSC)
Digital River July 31, 2010 IPSP (E-commerce) NetSPI
Payment Gateway
Direct Alliance Corp November 30, 2009 MOTO Payment Processing AT&T Consulting Solutions,
Inc.
Other
Direct Mail Processors January 31, 2010 Payment Gateway Fortrex Technologies
Donor.com June 30, 2010 Authorization Coalfire
Hosting Provider
IPSP (E-commerce)
MOTO Payment Processing
Other
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 15 of 65
16. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
DST Output, LLC. - November 30, 2010 Payment Gateway FishNet Security, Inc.
Payment
Duncan Professional October 31, 2010 Payment Gateway SecurityMetrics, Inc.
Account Management
(PAM)
Duncan Technologies June 30, 2010 Payment Gateway SecurityMetrics
Dydacomp Complete May 31, 2010 IPSP (E-commerce) Coalfire Systems, Inc.
Commerce
Ebocom, LLC April 30, 2010 Clearing & Settlement CyberTrust
EchoSat Communications September 30, 2010 Other ComplyGuard Networks Inc.
eCommLink November 30, 2009 Authorization RSM McGladrey
Hosting Provider
IPSP (E-commerce)
Issuing Processing
Loyalty Programs
Edhance Inc. July 31, 2010 Loyalty Programs PSC LLC
EFX March 31, 2010 Authorization T3i
Clearing & Settlement
Issuing Processing
Payment Gateway
Switching
eGate Payment August 31, 2010 IPSP (E-commerce) Sysnet
Technologies Ltd
MOTO Payment Processing
Payment Gateway
Elan Financial Services April 30, 2010 Authorization TrustWave
Clearing & Settlement
Issuing Processing
Switching
Elan Financial Services December 31, 2009 Issuing Processing Trustwave
Credit Card Issuing
Elavon (formerly NOVA) May 31, 2010 Authorization TrustWave
Clearing & Settlement
Other
Payment Gateway
Process Magnetic-Stripe
Transactions
Elavon (formerly Southern September 30, 2010 Authorization Trustwave
Datacomm)
IPSP (E-commerce)
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 16 of 65
17. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
Elavon (formerly Southern September 30, 2010 Process Magnetic-Stripe Trustwave
Datacomm) Transactions
Switching
Elavon Canada (formerly July 31, 2010 Payment Gateway Trustwave
Internet Secure)
Elavon Fusebox November 30, 2010 Authorization Trustwave
Clearing & Settlement
Other
Payment Gateway
Process Magnetic-Stripe
Transactions
ELECTRA CARD May 31, 2010 Authorization ControlCase
SERVICES PVT. LTD.
Clearing & Settlement
Issuing Processing
Loyalty Programs
Process Magnetic-Stripe
Transactions
Electronic Merchant April 30, 2010 Other Trustwave
Systems
Electronic Payment April 30, 2010 Authorization Payment Software Company
Exchange (EPX) (PSC)
Clearing & Settlement
IPSP (E-commerce)
MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe
Transactions
Switching
Electronic Payments Inc July 31, 2010 Authorization Information Exchange
Clearing & Settlement
Loyalty Programs
Other
Electronic Processing January 31, 2010 Clearing & Settlement Information Exchange
Services
Other
Element Payment Services November 30, 2010 Clearing & Settlement Information Exchange
Other
Payment Gateway
Emdeon March 31, 2010 IPSP (E-commerce) Lattimore Black Morgan and
Cain
Process Magnetic-Stripe
Transactions
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 17 of 65
18. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
EMN8 POS Managed November 30, 2010 Other Tevora Business Solutions
Services
Payment Gateway
Enacomm, Inc. March 31, 2010 Hosting Provider True Digital Security
Encircle December 31, 2009 Other Enterprise Risk Management
ENETS PTE LTD November 30, 2009 Payment Gateway Vectra
enStage Software Pvt Ltd December 31, 2010 3-D Secure Access Control Control Case
Server
ePayData October 31, 2010 Clearing & Settlement Information Exchange
Payment Gateway
Epicor March 31, 2010 Authorization Trustwave
Payment Gateway
Epoch November 30, 2010 IPSP (E-commerce) Protiviti
eProcessing Network April 30, 2010 Payment Gateway Trustwave
Epsilon Data Management August 31, 2010 Loyalty Programs Verizon Business
Equiant Financial Services, November 30, 2010 IPSP (E-commerce) Chief Security Officers, LLC
LLC
MOTO Payment Processing
Escalate Retail Incorporated October 31, 2009 E-Commerce Trustwave
Order Fulfillment
EURONET SERVICES April 30, 2010 Issuing Processing ControlCase
INDIA PVT. LTD.
Process Magnetic-Stripe
Transactions
EuroPlanet April 30, 2010 Authorization Trustwave
MOTO Payment Processing
Process Magnetic-Stripe
Transactions
EVERTEC Latinoamerica / December 29, 2010 Authorization Xtrategies
ATH Costa Rica
Clearing & Settlement
Issuing Processing
Loyalty Programs
MOTO Payment Processing
Process Magnetic-Stripe
Transactions
Switching
EVO Merchant Services October 31, 2010 Clearing & Settlement Trustwave
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 18 of 65
19. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
Evolution Benefits December 31, 2009 Other Lighthouse Computer
Services
E-xact Transactions May 31, 2010 Payment Gateway Trustwave
Excellence in Motivation November 30, 2010 Authorization Information Exchange
Clearing & Settlement
Issuing Processing
Payment Gateway
Experian September 30, 2010 IPSP (E-commerce) Verizon Business
Other
ExtraMeasures May 31, 2010 Other Coalfire
EZFacility.com August 31, 2010 Payment Gateway Trustwave
Ezic, Inc. July 31, 2010 Authorization Information Exchange
Clearing & Settlement
MOTO Payment Processing
Other
Payment Gateway
Process Magnetic-Stripe
Transactions
ezRez Software October 31, 2010 Hosting Provider Payment Software company
(PSC)
Faith Direct July 31, 2010 Other CrimsonSecurity
Fédération des caisses August 31, 2010 Authorization Trustwave
Desjardins du Québec
Issuing Processing
Process Magnetic-Stripe
Transactions
Fidelity Information November 30, 2009 Authorization IBM – Internet Security
Services - Australasia Systems (ISS
Clearing & Settlement
Payment Gateway
Switching
Fidelity Information December 31, 2009 Authorization IBM Internet Security
Services - Chicago Authnet Systems
Clearing & Settlement
Issuing Processing
Payment Gateway
Switching
Fidelity Information May 31, 2010 Payment Gateway IBM Internet Security
Services - Clear Commerce Systems
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 19 of 65
20. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
Fidelity Information April 30, 2010 Issuing Processing Trustwave
Services - eFunds Prepaid
Solutions
Loyalty Programs
MOTO Payment Processing
Process Magnetic-Stripe
Transactions
Fidelity Information March 31, 2010 Other IBM Internet Security
Services - eZCard Charlotte Systems
Fidelity Information January 31, 2010 Other IBM Internet Security
Services - Lisle Remittance Systems
Processing
Fidelity Information June 30, 2010 Loyalty Programs Trustwave
Services - Loyalty Card
Processing
Fidelity Information April 30, 2010 Authorization Trustwave
Services - Norcross Debit
Card Processing
Clearing & Settlement
Process Magnetic-Stripe
Transactions
Fidelity Information February 28, 2010 Other IBM Internet Security
Services - Output Solutions Systems
San Antonio
Fidelity Information May 31, 2010 MOTO Payment Processing Trustwave
Services - Payment
Processing and Data
Center Little Rock, AR
Process Magnetic-Stripe
Transactions
Fidelity Information September 30, 2010 Other IBM Internet Security
Services - Plainview Systems
Fidelity Information April 30, 2010 Authorization Trustwave
Services - Processadora e
Servicos S.A. Brazil
Issuing Processing
MOTO Payment Processing
Process Magnetic-Stripe
Transactions
Fidelity Information January 31, 2011 Clearing & Settlement Trustwave
Services - PSS India
Issuing Processing
Switching
Fidelity Information September 30, 2010 MOTO Payment Processing Trustwave
Services - St. Petersburg
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 20 of 65
21. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
Fidelity Information March 31, 2010 Authorization IBM Internet Security
Services - St. Petersburg Systems (ISS)
Check
Clearing & Settlement
Fidelity Information January 31, 2010 Other IBM Internet Security
Services - Web Vault Systems (ISS)
Fidelity Information September 30, 2010 Authorization Trustwave
Services (FIS) Electronic
Payments, New Berlin WI
Clearing & Settlement
Payment Gateway
Switching
Fidelity Information September 30, 2010 Other Trustwave
Services Global Business
Solutions India Private
Limited (FIS GBS)
Fifth Gear August 31, 2010 IPSP (E-commerce) Trustwave
Payment Gateway
Fifth Third Processing June 30, 2010 3-D Secure Access Control Trustwave
Solutions - Issuing and Server
Switch-Providing Systems
Authorization
Clearing & Settlement
Issuing Processing
Process Magnetic-Stripe
Transactions
Switching
Fifth Third Processing June 30, 2010 Authorization Trustwave
Solutions-Acquiring Systems
Clearing & Settlement
Process Magnetic-Stripe
Transactions
Financial Transmission January 31, 2010 Payment Gateway Trustwave
Network Inc
Finexus International Sdn July 31, 2010 Authorization Truswave
Bhd
Clearing & Settlement
Hosting Provider
Issuing Processing
MOTO Payment Processing
Process Magnetic-Stripe
Transactions
Switching
First American Payment June 30, 2010 Clearing & Settlement IBM Internet Security
Systems Systems
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 21 of 65
22. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
First American Payment June 30, 2010 Payment Gateway IBM Internet Security
Systems Systems
First Atlantic Commerce, March 31, 2010 Clearing & Settlement Coalfire
LTD.
MOTO Payment Processing
Payment Gateway
Switching
First Data - Cono Sur S.R.L. March 31, 2010 Authorization Trustwave
Clearing & Settlement
IPSP (E-commerce)
Issuing Processing
Loyalty Programs
MOTO Payment Processing
Other
Payment Gateway
Process Magnetic-Stripe
Transactions
Switching
First Data - Merchant September 30, 2010 Authorization Trustwave
Services
Clearing & Settlement
IPSP (E-commerce)
MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe
Transactions
Switching
First Data Buypass (First September 30, 2010 Authorization Trustwave
Data Concord Payment
Services)
Clearing & Settlement
IPSP (E-commerce)
Issuing Processing
MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe
Transactions
Switching
First Data CAC (Processing March 31, 2010 Authorization TrustWave
Center, S.A.)
Clearing & Settlement
IPSP (E-commerce)
Issuing Processing
MOTO Payment Processing
Payment Gateway
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 22 of 65
23. List of Compliant Service Providers - All
VALIDATION SERVICES
SERVICE PROVIDER DATE COVERED BY REVIEW (1) ASSESSOR AP CEMEA LAC NA
First Data CAC (Processing March 31, 2010 Process Magnetic-Stripe TrustWave
Center, S.A.) Transactions
Switching
First Data Card Services September 30, 2010 Authorization Trustwave
International
Clearing & Settlement
IPSP (E-commerce)
Issuing Processing
MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe
Transactions
Switching
First Data Clientline September 30, 2010 Clearing & Settlement Trustwave
Reporting (First Data
Concord Electronic
Financial Systems)
First Data EFS September 30, 2010 Authorization Trustwave
Transportation Services
Clearing & Settlement
IPSP (E-commerce)
Issuing Processing
MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe
Transactions
Switching
First Data Global Gateway September 30, 2010 Authorization Trustwave
(First Data LinkPoint/First
Data YourPay)
Clearing & Settlement
IPSP (E-commerce)
Issuing Processing
MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe
Transactions
Switching
First Data Government September 30, 2010 IPSP (E-commerce) Trustwave
Solutions
Payment Gateway
First Data Integrated September 30, 2010 Other Trustwave
Payment Systems
First Data International - September 30, 2010 Authorization Trustwave
ANZSA
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those
security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used
or sold by these service providers.
* Current PCI DSS status is under review.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to
submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this
list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent
Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa
has sole discretion to include or exclude entities on this list.
© 2011 Visa Inc. 23 of 65