Visa’s Global Registry of Service Providers - PCI DSS ...allegiancemerchantservices.com/wp-content/uploads/2011/12/global...Visa’s Global Registry of Service Providers - PCI DSS
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Visa’s Global Registry of Service Providers - PCI DSS Validated Entities
The companies listed below were validated as being PCI DSS compliant by a QSA as of the "VALIDATION DATE". Service providers are required to revalidate their compliance to Visa on an annual basis, with the next annual Report on Compliance (ROC) due to Visa one year from the "VALIDATION DATE". ROCs that are from 1-60 days late are noted in yellow and ROCs that are from 60-90 days late are noted in red. Entities with ROCs over 90 days past due are removed from this list. Entities are listed in each Visa region where they have been registered by at least one client, including: AP - Asia Pacific, CEMEA - Central Europe / Middle East / Africa, LAC - Latin America / Caribbean, NA - North America - Canada / United States. Visa client's are responsible for and are required to use compliant service providers and to follow up with service providers directly if there are anyquestions about their compliance status.
3Delta Systems AuthorizationSeptember 30, 2011 Fortrex Technologies
MOTO Payment ProcessingPayment Gateway
Process Magnetic-Stripe TransactionsSwitching
800 Call KC Payment Processing - Internet
May 31, 2011 Accudata Systems
Payment Processing - MOTO
1 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
A3 IT Solutions Hosting ProviderNovember 30, 2010 Trustwave
ABC FINANCIAL SERVICES, INC
AuthorizationMay 31, 2011 Trustwave
Clearing & SettlementHosting Provider
IPSP (E-commerce)
MOTO Payment ProcessingOtherPayment Gateway
Process Magnetic-Stripe Transactions
ABC Virtual Communications, Inc.
Hosting Provider - WebNovember 30, 2010 Compass IT Compliance, LLC
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
AEGIS USA, INC. OtherDecember 31, 2010 AT&T Consulting Solutions, Inc.
Aetna, Inc. Clearing & SettlementMay 31, 2011 Trustwave
Other
Affiliated Acceptance Corporation
MOTO Payment ProcessingOctober 31, 2011 Trustwave
Payment Gateway
AFFILIATED COMPUTER SERVICES, INC.
Issuing ProcessingFebruary 28, 2011 Jefferson Wells
Other
AFFINA LLC - Consumer's Union
OtherJune 30, 2011 Coalfire
Affinion Benefits Group AuthorizationDecember 31, 2011 Trustwave
3 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Affinion Benefits Group MOTO Payment ProcessingDecember 31, 2011 Trustwave
Payment Gateway
Affinion Loyalty Group AuthorizationDecember 31, 2011 Trustwave
Alpha Card Services, Inc. Clearing & SettlementNovember 30, 2011 INFORMATION EXCHANGE, INC.
4 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Alpha Card Services, Inc. Merchant ServicesNovember 30, 2011 INFORMATION EXCHANGE, INC.
Alta Resources IPSP (E-commerce)April 30, 2011 IBM Internet Security Systems
Loyalty ProgramsPayment Gateway
Amazon.com Merchant ServicesOctober 31, 2011 IOActive, Inc.
AmegyBank OtherDecember 31, 2010 Verizon Business
Payment Gateway
American Bancard Merchant ServicesJune 30, 2011 Enterprise Risk Management, Inc.
Other
American Data Technology Hosting ProviderApril 30, 2011 Specialized Security Services, Inc
Account ManagementJuly 31, 2011 SISA Information Security Pvt. Ltd.
Back Office Services
Clearing & SettlementFraud and Chargeback Services
Issuer ProcessingLoyalty Programs
Payment Gateway/SwitchPayment Processing
Payment Processing - ATMPayment Processing - Internet
Arcot Systems Inc. 3-D Secure Access Control Server
December 31, 2011 Payment Software Company (PSC)
5 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Area 101, Inc IPSP (E-commerce)July 31, 2011 Coalfire Systems. Inc.
Armenian Card CJSC AuthorizationDecember 31, 2010 Informzaschita
Clearing & Settlement
Issuing Processing
Process Magnetic-Stripe Transactions
ART Technology Group (ATG)
Hosting ProviderNovember 30, 2010 Trustwave
IPSP (E-commerce)
Artez Interactive Inc OtherDecember 31, 2011 IBM Security Services
Arvato Finance Services Limited
Clearing & SettlementJuly 31, 2011 Acertigo AG - An EXCELSIS Company
IPSP (E-commerce)Payment Gateway
ASAP TRANSACTION PROCESSING CORPORATION LIMITED
Loyalty ProgramsAugust 31, 2011 Evolution Ltd
Merchant ServicesPayment Gateway/Switch
Payment Processing - Internet
Payment Processing - MOTOPayment Processing - POS
ASF International IPSP (E-commerce)August 31, 2011 Trustwave
MOTO Payment Processing
Payment Gateway
ASIAPAY (HONG KONG) LTD
AuthorizationNovember 30, 2010 Trustwave
IPSP (E-commerce)Payment Gateway
Asociacion Cibao de Ahorros y Prestamos
AuthorizationSeptember 30, 2011 Trustwave
Issuing Processing
AT&T Managed Hosting and Application Services
Hosting ProviderOctober 31, 2011 Trustwave
6 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
Atos Services (M) Sdn Bhd Managed ServicesApril 30, 2011 TUV Rheinland Secure iT GmbH
7 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Atos Worldline India Private Limited
AuthorizationDecember 31, 2010 ControlCase
Clearing & Settlement
Fraud and Chargeback ServicesIssuing Processing
Loyalty Programs
MOTO Payment Processing
AudienceView Ticketing Corporation
OtherAugust 31, 2011 NCI (Net Cyclops Inc.)
Auric Systems International OtherDecember 31, 2011 Payment Software Company (PSC)
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
Bora Payment Systems Merchant ServicesMarch 31, 2011 Information Exchange
Payment Gateway/Switch
9 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Bora Payment Systems Payment Processing - Internet
Cantaloupe Systems, Inc. Payment Gateway/SwitchSeptember 30, 2011 403 Labs, LLC
Capital Card Services Hosting ProviderApril 30, 2011 Trustwave
IPSP (E-commerce)
MOTO Payment Processing
Other
Card Management Corporation (CMC)
OtherAugust 31, 2011 Trustwave
Card Tranz, Inc. Hosting ProviderDecember 31, 2011 Trustwave
IPSP (E-commerce)
10 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Cardinal Commerce Corp. 3-D Secure Access Control Server
December 31, 2011 Payment Software Company (PSC)
Payment Gateway/Switch
CardLab, Inc. Clearing & SettlementOctober 31, 2010 Information Exchange
Issuing Processing
Other
CARDLINK SERVICES LIMITED
Clearing & SettlementJune 30, 2011 Securus Global
MOTO Payment ProcessingPayment Gateway/Switch
CARDPAY INC OtherJune 30, 2011 Vectra Information Security Pte Ltd (Branch office of Vectra Corp)
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
Century Bankcard Services Clearing & SettlementMay 31, 2011 Information Exchange
Merchant Services
12 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Certain Software Payment Gateway/SwitchOctober 31, 2011 Coalfire Systems
Columbus Data AuthorizationJanuary 31, 2011 Information Exchange
Clearing & Settlement
Issuing Processing
13 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Columbus Data Payment GatewayJanuary 31, 2011 Information Exchange
CommerceV3 Hosting ProviderNovember 30, 2011 Secure Technology Group LLC
Contact Solutions Payment GatewayApril 30, 2011 SecurityMetrics, Inc.
Continental Credit Systems LLC
Account ManagementApril 30, 2011 Trustwave
14 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
CRE Secure Payment GatewayJuly 31, 2011 Coalfire Systems, Inc.
Credibanco Visa Colombia AuthorizationApril 30, 2011 Xtrategies
Clearing & SettlementIPSP (E-commerce)
15 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Credibanco Visa Colombia Issuing ProcessingApril 30, 2011 Xtrategies
Credomatic de Costa Rica AuthorizationJanuary 31, 2011 Xtrategies, LLC
Clearing & Settlement
IPSP (E-commerce)
MOTO Payment ProcessingPayment Gateway
Process Magnetic-Stripe Transactions
Switching
Credomatic de El Salvador AuthorizationSeptember 30, 2011 Xtrategies, LLC
Clearing & Settlement
IPSP (E-commerce)MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe TransactionsSwitching
Credomatic de Guatemala AuthorizationMay 31, 2011 Xtrategies, LLC
Clearing & SettlementIPSP (E-commerce)
MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe TransactionsSwitching
Credomatic de Honduras AuthorizationMay 31, 2011 Xtrategies, LLC
Clearing & Settlement
16 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Credomatic de Honduras IPSP (E-commerce)May 31, 2011 Xtrategies, LLC
MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe TransactionsSwitching
Credomatic de Nicaragua AuthorizationSeptember 30, 2011 Xstrategies, LLC
Clearing & SettlementIPSP (E-commerce)
MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe TransactionsSwitching
Credomatic de Panama AuthorizationMay 31, 2011 Xtrategies
CSG Content Direct Back Office ServicesMarch 31, 2011 Solutionary
Payment Gateway/Switch
Payment Processing - Internet
17 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
CSG Systems Inc. - Data Prose
Billing ManagementMay 31, 2011 Solutionary
Payment Processing - Internet
Records Management
CSG Systems, Inc. - Interactive Messaging
Back Office ServicesApril 30, 2011 Solutionary
Payment Gateway/Switch
Payment Processing - Internet
CSG Systems, Inc. – Statement and Account Billing Services
CT-Paiement Inc. MOTO Payment ProcessingNovember 30, 2011 Bell Canada
Payment Gateway
Cvent, Inc. Payment Processing - Internet
August 31, 2011 Stratum Security
Cyber City Teleservices OtherDecember 31, 2011 CrimsonSecurity
Cybera SwitchingApril 30, 2011 FishNet Security
CyberSource (including Authorize.Net)
Billing ManagementAugust 31, 2011 Trustwave
Clearing & Settlement
18 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
Debit Technologies, Inc. Clearing & SettlementMay 31, 2011 Information Exchange
Merchant Services
19 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Delphis Software, Inc. Payment GatewayMay 31, 2011 Digital Resources Group (DRG)
drugstore.com, inc. AuthorizationJune 30, 2011 Coalfire
20 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
drugstore.com, inc. Hosting ProviderJune 30, 2011 Coalfire
eCommLink Hosting ProviderMarch 31, 2011 Payment Software Company (PSC)
Issuing Processing
Edhance, Inc. Loyalty ProgramsJuly 31, 2011 Payment Software Company (PSC)
EFT SOURCE, INC. OtherJuly 31, 2011 Lattimore Black Morgan and Cain
eGate Payment Technologies Ltd
Back Office ServicesAugust 31, 2011 Sysnet
Payment Gateway/SwitchPayment Processing - Internet
Eigen Development, Ltd Payment Gateway/SwitchOctober 31, 2011 Payment Software Company (PSC)
Payment Processing - Internet
Payment Processing - MOTO
21 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Eigen Development, Ltd Payment Processing - POSOctober 31, 2011 Payment Software Company (PSC)
Elan Financial Services AuthorizationApril 30, 2011 TrustWave
Clearing & SettlementHosting Provider
IPSP (E-commerce)
Issuing ProcessingLoyalty ProgramsOther
Payment Gateway
Process Magnetic-Stripe TransactionsSwitching
Elan Financial Services Credit Card Issuing
Account ManagementDecember 31, 2011 Trustwave
Clearing & SettlementFraud and Chargeback Services
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
ELECTRA CARD SERVICES PVT. LTD.
Payment Gateway/SwitchMay 31, 2011 ControlCase
Payment Processing - ATM
Payment Processing - Internet
Electronic Merchant Systems
OtherApril 30, 2011 Trustwave
Electronic Payment Exchange (EPX)
AuthorizationApril 30, 2011 Payment Software Company (PSC)
Element Payment Services Clearing & SettlementNovember 30, 2011 Information Exchange
Merchant Services
Payment Gateway/SwitchPayment Processing - Internet
Payment Processing - POS
Emdeon Back Office ServicesMarch 31, 2011 Lattimore Black Morgan and Cain
Payment Processing - Internet
Payment Processing - POS
23 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
Loyalty ProgramsAugust 31, 2011 Brightline CPAs & Associates, Inc.
24 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Excellence in Motivation Clearing & SettlementNovember 30, 2011 Information Exchange
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
Fidelity Information Services - Australasia Pty Ltd
AuthorizationNovember 30, 2011 Trustwave
Clearing & SettlementIssuing Processing
Fidelity Information Services - Chicago Authnet
AuthorizationDecember 31, 2010 Trustwave
Debit Card Processing
Payment Gateway
POS Payment Processing
Switching
Fidelity Information Services - Clear Commerce
AuthorizationMay 31, 2011 Trustwave
Clearing & Settlement
Payment Gateway
Fidelity Information Services - Electronic Payment Presentment
AuthorizationJuly 31, 2011 Trustwave
Fidelity Information Services - eZCard Charlotte
OtherMarch 31, 2011 Trustwave
Fidelity Information Services - Issuing Solutions, Debit Account, Healthcare Payment Card and Prepaid Card Solutions
AuthorizationApril 30, 2011 Trustwave
Issuing Processing
Fidelity Information Services - Lisle Remittance Processing
OtherJanuary 31, 2011 Trustwave
Fidelity Information Services - Loyalty Card Processing
Loyalty ProgramsJune 30, 2011 Trustwave
Fidelity Information Services - Merchant Acquiring and Credit Card Account Processing Services
OtherApril 30, 2011 Trustwave
Fidelity Information Services - Norcross Debit Card Processing
AuthorizationApril 30, 2011 Trustwave
Clearing & Settlement
27 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Fidelity Information Services - Norcross Debit Card Processing
Issuing ProcessingApril 30, 2011 Trustwave
Process Magnetic-Stripe Transactions
Fidelity Information Services - Output Solutions San Antonio
OtherFebruary 28, 2011 Trustwave
Fidelity Information Services - Payment Processing and Data Center Little Rock, AR
MOTO Payment ProcessingMay 31, 2011 Trustwave
Process Magnetic-Stripe Transactions
Fidelity Information Services - Prepaid Solutions - South
AuthorizationJuly 31, 2011 IBM – Internet Security Systems (ISS)
Clearing & Settlement
Issuing Processing
Payment GatewaySwitching
Fidelity Information Services - Processadora e Servicos S.A. Brazil
AuthorizationApril 30, 2011 Trustwave
Clearing & Settlement
Issuing Processing
Payment Gateway
Process Magnetic-Stripe Transactions
Fidelity Information Services - PSS India
Issuing ProcessingJanuary 31, 2012 Trustwave
Payment Gateway/Switch
Payment Processing - ATM
Fidelity Information Services - St. Petersburg Check
OtherMarch 31, 2011 Trustwave
Payment Gateway
Fidelity Information Services - St. Petersburg Remittance Processing
Fidelity Information Services Electronic Payments, New Berlin WI
Clearing & SettlementSeptember 30, 2011 Trustwave
Payment Gateway/Switch
28 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Fidelity Information Services India Business Process Outsource (BPO) Program
Account ManagementSeptember 30, 2011 Trustwave
Back Office Services
Fidelity Information Services PayDirect Solutions - Government
First Data Buypass (First Data Concord Payment Services)
AuthorizationSeptember 30, 2011 Trustwave
Clearing & SettlementIPSP (E-commerce)
Issuing Processing
MOTO Payment Processing
Payment Gateway
29 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
First Data Buypass (First Data Concord Payment Services)
Process Magnetic-Stripe Transactions
September 30, 2011 Trustwave
Switching
First Data CAC (Processing Center, S.A.)
AuthorizationMarch 31, 2011 TrustWave
Clearing & Settlement
Issuing Processing
Process Magnetic-Stripe Transactions
First Data Card Services International
AuthorizationSeptember 30, 2011 Trustwave
Clearing & Settlement
IPSP (E-commerce)Issuing Processing
MOTO Payment ProcessingPayment Gateway
Process Magnetic-Stripe Transactions
Switching
First Data Clientline Reporting (First Data Concord Electronic Financial Systems)
First Data Global Gateway (First Data LinkPoint/First Data YourPay)
IPSP (E-commerce)September 30, 2011 Trustwave
MOTO Payment ProcessingPayment Gateway
Process Magnetic-Stripe Transactions
First Data Government Solutions
IPSP (E-commerce)September 30, 2011 Trustwave
Payment Gateway
First Data Integrated Payment Systems
OtherSeptember 30, 2011 Trustwave
30 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
First Data International ANZ AuthorizationSeptember 30, 2011 Trustwave
First Data PayPoint Clearing & SettlementSeptember 30, 2011 Trustwave
IPSP (E-commerce)
Process Magnetic-Stripe Transactions
31 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
First Data Prepaid Services (First Data Concord Financial Technologies)
AuthorizationSeptember 30, 2011 Trustwave
Clearing & Settlement
IPSP (E-commerce)Issuing Processing
Loyalty Programs
MOTO Payment ProcessingPayment Gateway
Process Magnetic-Stripe Transactions
Switching
First Data RemitCo OtherSeptember 30, 2011 Trustwave
Remittance Processing
First Data Resources AuthorizationSeptember 30, 2011 Trustwave
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
First Data STAR (Networks, Processing and Systems Inc.)
Payment GatewaySeptember 30, 2011 Trustwave
Process Magnetic-Stripe TransactionsSwitching
First Data TeleCheck AuthorizationSeptember 30, 2011 Trustwave
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Fiserv - Amherst Call Center OtherMarch 31, 2011 Payment Software Company (PSC)
Fiserv - Bank Solutions Lincoln & Sioux Falls
OtherJuly 31, 2011 Payment Software Company (PSC)
Fiserv - Bank Solutions Precision Data Center
OtherNovember 30, 2011 Payment Software Company (PSC)
Fiserv ‐ Checkfree Club Solutions (I4 Aphelion, EFT, POS)
OtherDecember 31, 2011 Payment Software Company (PSC)
Fiserv - CheckFreePay OtherJune 30, 2011 Payment Software Company (PSC)
Fiserv - Club Solutions (Compete, EFT Web, EFT, POS)
AuthorizationJuly 31, 2011 Payment Software Company (PSC)
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Fiserv - Xroads OtherFebruary 28, 2011 Payment Software Company (PSC)
FISERV Advantage AuthorizationSeptember 30, 2011 Payment Software Company (PSC)
Hosting ProviderSwitching
Fiserv Bank Solutions - Cleartouch Banking Platform
Hosting ProviderNovember 30, 2011 Payment Software Company (PSC)
IPSP (E-commerce)
Issuing Processing
Fiserv Bank Solutions - Southwest
AuthorizationMarch 31, 2011 Payment Software Company (PSC)
Issuing Processing
Switching
Fiserv Bank Solutions - Western Region Data Center
Issuing ProcessingNovember 30, 2011 Payment Software Company (PSC)
Fiserv Bank Solutions Eastern Region: Service Center
Issuing ProcessingDecember 31, 2011 Payment Software Company (PSC)
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
Global Cash Card AuthorizationJanuary 31, 2011 Digital Resources Group (DRG)
Issuing Processing
Global Debt Registry OtherSeptember 30, 2011 Solutionary, Inc.
Global Electronic Technology
AuthorizationJanuary 31, 2011 403 Labs, LLC
Clearing & SettlementPayment Gateway
Global Payments Direct, Inc. AuthorizationJuly 31, 2011 Trustwave
Clearing & Settlement
37 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Global Payments Direct, Inc. MOTO Payment ProcessingJuly 31, 2011 Trustwave
Payment Gateway
Process Magnetic-Stripe Transactions
Switching
Global Processing Centre Clearing & SettlementJune 30, 2011 Information Exchange Inc.
Issuing Processing
Payment Gateway/SwitchPayment Processing - ATM
Payment Processing - Internet
Payment Processing - POS
GLOBAL REFUND HOLDINGS AB
Payment GatewayJanuary 31, 2011 Vectra Information Security Pte Ltd
Global Technology Partners LLC
OtherJune 30, 2011 Coalfire
Go Daddy OtherDecember 31, 2011 Protiviti
GoEmerchant AuthorizationMay 31, 2011 IBM Internet Security Systems
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
HP Consumer Direct Clearing & SettlementSeptember 30, 2011 Arsenal Security Group
Hosting ProviderIPSP (E-commerce)Payment Gateway
HP EDS Merchant Acquirer AuthorizationOctober 31, 2011 Arsenal Security Group
Clearing & SettlementPayment Gateway
Switching
HP Guidance Authorization AuthorizationOctober 31, 2011 Arsenal Security Group
Issuing Processing
HP Oregon eGovernment (EDS)
Payment GatewayJune 30, 2011 Trustwave
HP Pay for Convenience (EDS)
Payment GatewayApril 30, 2011 Trustwave
HP Surveyor (EDS) OtherAugust 31, 2011 Trustwave
Hughes Network Systems Network Provider/Transmitter
September 30, 2011 IBM Internet Security Systems
Hyperativa Consultoria e Internet LTDA
Loyalty ProgramsJanuary 31, 2011 Cipher
40 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
HyperQuality, Inc. OtherApril 30, 2011 ControlCase
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
InstaMed Communications Process Magnetic-Stripe Transactions
February 28, 2011 Trustwave
Integrity Payment Systems Clearing & SettlementMarch 31, 2011 K3DES
Other
InteliSpend Prepaid Solutions
Issuing ProcessingSeptember 30, 2011 IBM Security Services
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Intersections AuthorizationFebruary 28, 2011 Control Case
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
IP Commerce OtherOctober 31, 2011 Coalfire
Payment Gateway
IP PAYMENTS PTY LTD Payment Gateway/SwitchAugust 31, 2011 Vectra Corporation
Payment Processing - Internet
iPass, Inc. OtherMarch 31, 2011 Digital Resources Group (DRG)
iPayment OtherJune 30, 2011 Trustwave
IPS Group Inc. Payment Gateway/SwitchOctober 31, 2011 Tevora Business Solutions
iQmetrix Payment Processing - Internet
August 31, 2011 Seccuris, Inc.
IRN Payment Systems Clearing & SettlementFebruary 28, 2011 Information Exchange
Merchant Services
Iron Mountain OtherMay 31, 2011 Neohapsis Inc.
iTransact MOTO Payment ProcessingMay 31, 2011 Specialized Security Services, Inc.
Payment Gateway
Process Magnetic-Stripe Transactions
ITS Inc./Shazam Inc. AuthorizationApril 30, 2012 Trustwave
Clearing & SettlementJune 30, 2011 Coalfire Systems Inc.
Issuing ProcessingLoyalty Programs
44 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
jha Payment Processing Solutions
Payment GatewayJune 30, 2011 Coalfire Systems Inc.
Kimbia, Inc. Hosting Provider - WebOctober 31, 2011 Compass IT Compliance, LLC
Payment Processing - Internet
Klik Technologies, Corp. OtherSeptember 30, 2011 Information Exchange
45 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Klik Technologies, Corp. Payment Gateway/SwitchSeptember 30, 2011 Information Exchange
Kobie Marketing, Inc. Loyalty ProgramsDecember 31, 2011 BrightLine CPAs and Associates, Inc.
AuthorizationOctober 31, 2011 Digital Resources Group (DRG)
MOTO Payment ProcessingPayment Gateway
Process Magnetic-Stripe Transactions
46 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Mediterranean Smart Cards Company
SwitchingNovember 30, 2011 Trustwave
MegaPath OtherJanuary 31, 2011 Trustwave
Member Solutions, Inc. AuthorizationSeptember 30, 2011 Trustwave
Clearing & Settlement
MOTO Payment Processing
Payment Gateway
Merchant e-Solutions AuthorizationJuly 31, 2011 Digital Resources Group (DRG)
Merchants Billing Services Clearing & SettlementNovember 30, 2011 Information Exchange Inc.
IPSP (E-commerce)
Merchant Services
MOTO Payment Processing
48 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Merchants Billing Services Payment GatewayNovember 30, 2011 Information Exchange Inc.
Payment Processing - Internet
Merchants’ Choice Payment Solutions
OtherSeptember 30, 2011 K3DES LLC
Mercury Payment Systems Payment GatewayNovember 30, 2011 Coalfire
Meridian Enterprises, Inc. AuthorizationDecember 31, 2010 Protiviti Inc.
Microsoft Tellme MOTO Payment ProcessingSeptember 30, 2011 Trustwave
Other
Minacs Worldwide Inc. Account ManagementApril 30, 2011 Trustwave
Loyalty ProgramsMOTO Payment Processing
49 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Minacs Worldwide Inc. OtherApril 30, 2011 Trustwave
Prepaid Services
Mindbody Hosting ProviderSeptember 30, 2011 Payment Software Company (PSC)
Payment Gateway
Moneris Solutions Corp - Shared Cash Dispensing Royal Bank of Canada
AuthorizationJuly 31, 2011 Control Gap
Clearing & Settlement
Process Magnetic-Stripe Transactions
Switching
Moneris Solutions Inc. 3-D Secure Access Control Server
July 31, 2011 Control Gap
Clearing & SettlementMOTO Payment Processing
Process Magnetic-Stripe Transactions
Monexa Solutions, Inc. OtherJanuary 31, 2011 Payment Software company (PSC)
Money Movers, Inc AuthorizationFebruary 28, 2011 Digital Resources Group (DRG)
Clearing & Settlement
Payment Gateway
MoneyGram Payment Systems / Property Bridge
IPSP (E-commerce)May 31, 2011 Payment Software Company (PSC)
Other
Moneytree ATM Digital Network Solutions LLC
Clearing & SettlementApril 30, 2011 Information Exchange
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
MPOS AUSTRALIA PTY LTD
OtherOctober 31, 2010 Vectra Corporation Limited
Payment Gateway
Process Magnetic-Stripe TransactionsSwitching
MSI - Merchant Services, Inc. NJ
Clearing & SettlementMarch 31, 2011 Information Exchange
Merchant Services
MSX International AuthorizationDecember 31, 2010 Nuspire Networks
National Bankcard Services Clearing & SettlementOctober 31, 2011 RSM McGladrey
Loyalty Programs
Payment Gateway/Switch
Payment Processing - POS
National Credit Cards Clearing & SettlementJuly 31, 2011 NVision Group
Issuer Processing
Other
Payment Gateway/SwitchPayment Processing - ATM
National Fulfillment Services (NFS)
AuthorizationOctober 31, 2011 SecurityMetrics
Clearing & Settlement
Hosting ProviderMOTO Payment Processing
Payment Gateway
National Information Solutions Cooperative
Payment GatewayMay 31, 2011 Trustwave
National Merchant Center AuthorizationDecember 31, 2011 Digital Resources Group (DRG)
51 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
National Merchant Center IPSP (E-commerce)December 31, 2011 Digital Resources Group (DRG)
MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe Transactions
National Processing Company
OtherSeptember 30, 2011 Trustwave
National Records Management
OtherAugust 31, 2011 403 Labs
National Systems Corporation / QuikOrder, Inc.
AuthorizationJuly 31, 2011 Trustwave
Hosting Provider
Nationwide Payment Solutions
AuthorizationNovember 30, 2010 Information Exchange
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
NetCentrix Payment Processing - POSApril 30, 2011 INFORMATION EXCHANGE, INC
netSpend Corporation Clearing & SettlementJune 30, 2011 Coalfire Systems. Inc.
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
NPC Secure Process Magnetic-Stripe Transactions
March 31, 2011 Trustwave
NRT Technologies, Inc. AuthorizationFebruary 28, 2011 Trustwave
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
Oracle E-Billing Hosting ProviderAugust 31, 2011 Coalfire Systems
IPSP (E-commerce)
Oracle On Demand Service Hosting ProviderAugust 31, 2011 Coalfire
IPSP (E-commerce)
ORBIT Systems Inc. Hosting ProviderFebruary 28, 2011 Raven Eye
ORBITALL SERVICOS E PROCESSAMENTO DE INFORMACOES COMERCIAIS LTDA.
AuthorizationOctober 31, 2011 CPqD
Hosting Provider
Issuing ProcessingMOTO Payment Processing
Process Magnetic-Stripe Transactions
Switching
ORCC - eCommerce Division: Columbus
OtherNovember 30, 2011 Trustwave
ORCC - eCommerce Division: Parsippany
OtherOctober 31, 2011 Trustwave
ORCC - eCommerce Division: Princeton
Payment GatewayMay 31, 2011 Trustwave
ORCS Web, Inc. Hosting Provider - WebMay 31, 2011 igxglobal, Inc.
OrderMotion Payment Processing - Internet
May 31, 2011 Trustwave
55 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
PAY.ON IPSP (E-commerce)December 31, 2010 Acertigo AG
Payment Gateway
PayCommerce Inc. IPSP (E-commerce)October 31, 2011 Trustwave
MOTO Payment Processing
Payment Gateway
PayJunction OtherApril 30, 2011 Payment Software Company (PSC)
Payment Gateway
PayLeap LLC Clearing & SettlementFebruary 28, 2011 Information Exchange
56 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
PayLeap LLC Payment Gateway/SwitchFebruary 28, 2011 Information Exchange
Payment Data Systems Clearing & SettlementMay 31, 2011 Information Exchange Inc.
Issuer Processing
Merchant ServicesPayment Gateway/Switch
Payment Processing - POS
Payment Processing, Inc. IPSP (E-commerce)April 30, 2011 Trustwave
MOTO Payment Processing
Payment Gateway
Process Magnetic-Stripe Transactions
Payment Service Network Payment GatewayDecember 31, 2010 Digital Resources Group (DRG)
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
PBD Worldwide Fulfillment Services
Hosting ProviderJuly 31, 2011 Trustwave
IPSP (E-commerce)
Payment Gateway
Peak 10, Inc. Hosting Provider- HardwareDecember 31, 2011 BrightLine CPAs and Associates, Inc.
PFSweb, Inc. AuthorizationApril 30, 2011 Trustwave
POS Portal OtherAugust 31, 2011 Coalfire Systems. Inc.
Posatel Inc. AuthorizationMarch 31, 2011 SPIguard Security Solutions Inc.
Clearing & Settlement
58 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Posatel Inc. Issuing ProcessingMarch 31, 2011 SPIguard Security Solutions Inc.
Process Magnetic-Stripe Transactions
Switching
POST Integrations, Inc. (Ebocom, LLC)
Clearing & SettlementApril 30, 2011 Verizon Business Network Services Inc.
Powa Technologies Payment Processing - Internet
October 31, 2011 SecurityMetrics
PowerPay, LLC OtherOctober 31, 2011 Payment Software Company (PSC)
PreCash, Inc. OtherDecember 31, 2010 Trustwave
Preferred Health Technology Payment GatewayAugust 31, 2011 Trustwave
Priority Payment Systems OtherApril 30, 2011 SecurityMetrics
Payment Gateway
PROCARD SERVICES FZ LLC
AuthorizationJuly 31, 2011 Trustwave
Clearing & Settlement
Issuing ProcessingMOTO Payment Processing
Switching
Procecard, S.A. Billing ManagementMay 31, 2011 Internet Security Systems
Payment Gateway/Switch
Payment Processing
Payment Processing - ATM
Process America Clearing & SettlementSeptember 30, 2011 Information Exchange
59 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Process America Merchant ServicesSeptember 30, 2011 Information Exchange
Payment Gateway/Switch
Payment Processing - Internet
ProfitStars Payment GatewaySeptember 30, 2011 Coalfire Systems
Promoción y Operación S.A. de C.V. (PROSA)
Clearing & SettlementNovember 30, 2011 403 Labs
Issuer ProcessingPayment Gateway/Switch
Payment Processing - ATMPayment Processing - POS
ProPay USA, Inc. AuthorizationJune 30, 2011 SecurityMetrics
Issuing Processing
Payment Gateway
Process Magnetic-Stripe Transactions
Propco Marketing Loyalty ProgramsApril 30, 2011 Neohapsis, Inc.
PSCU Financial Services, Inc.
Payment GatewayFebruary 28, 2011 Verizon Business
PSiGate Payment GatewayApril 30, 2011 Trustwave
PSOnline, LLC OtherAugust 31, 2011 ControlCase
PSP Card Services Inc. Issuing ProcessingFebruary 28, 2011 Control Gap Inc.
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Redcats USA IPSP (E-commerce)March 31, 2011 Trustwave
Redfin Network, Inc. Payment GatewayOctober 31, 2011 Trustwave
RegOnline AuthorizationApril 30, 2011 Coalfire
Clearing & SettlementPayment Gateway
Resurgent Capital Services OtherAugust 31, 2011 Protiviti
RewardsNow Loyalty ProgramsMarch 31, 2011 AT&T Consulting Solutions, Inc.
RightNow Technologies, Inc. Hosting ProviderApril 30, 2011 FishNet Security
Other
ROAM Data, Inc. Payment Gateway/SwitchMarch 31, 2011 igxglobal, Inc.
RocketGate Payment Gateway/SwitchOctober 31, 2011 IGX Global
RSI International IPSP (E-commerce)January 31, 2011 Coalfire
Payment Gateway
RT Lawrence Payment GatewayApril 30, 2011 Trustwave
Rycom Inc Network Provider/Transmitter
November 30, 2011 NCI (Net Cyclops Inc.)
S1 Corp. - Postilion Retail POS Environment
Hosting ProviderOctober 31, 2011 Trustwave
Payment Gateway
62 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
S1 Corp. - Postilion Retail POS Environment
Process Magnetic-Stripe Transactions
October 31, 2011 Trustwave
Sabre GetThere OtherNovember 30, 2011 Verizon Business
Payment Gateway/Switch
Sabre Hospitality Solutions (SynXis)
SwitchingOctober 31, 2011 Fortrex Technologies
Sabre, Inc. Global Distribution SystemJuly 31, 2011 Verizon Business
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
Servicios Electrónicos Globales S.A. de C.V. (E-Global)
AuthorizationOctober 31, 2010 403 Labs
64 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Servicios Electrónicos Globales S.A. de C.V. (E-Global)
Clearing & SettlementOctober 31, 2010 403 Labs
Issuing Processing
Process Magnetic-Stripe TransactionsSwitching
SHC Direct Loyalty ProgramsApril 30, 2011 Trustwave
Shift4 DOLLARS ON THE NET
Payment Gateway/SwitchMay 31, 2011 Verizon Business
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Smart Business Technology, Inc
AuthorizationMarch 31, 2011 T3i
Clearing & Settlement
Loyalty Programs
Payment GatewaySwitching
SmartEtailing, Inc Hosting ProviderSeptember 30, 2011 Digital Resources Group (DRG)
Payment Gateway
SOCIEDADE INTERBANCARIA E SISTEMA DE PAGAMENTOS SARL
SwitchingJanuary 31, 2012 Trustwave
SoftHotel Payment GatewayOctober 31, 2010 Verizon Business Network Services Inc.
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Sterling Payment Technologies
Process Magnetic-Stripe Transactions
August 31, 2011 Trustwave
Sterling Valley Systems, Inc.- Inntopia
AuthorizationJuly 31, 2011 Trustwave
MOTO Payment ProcessingPayment Gateway
STI PROCESSING LTD. AuthorizationApril 30, 2011 K3DES LLC
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Strategic Profits Payment Gateway/SwitchApril 30, 2011 SPIguard Security Solutions Inc.
Payment Processing - Internet
Payment Processing - MOTO
Stripe, Inc Payment GatewayMarch 31, 2011 Payment Software Company (PSC)
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Teleperformance Brazil Hosting ProviderApril 30, 2011 British Telecom
Teleperformance USA MOTO Payment ProcessingFebruary 28, 2011 AT&T Consulting Solutions, Inc.
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
TransFirst Back Office ServicesMay 31, 2011 Solutionary, Inc.
Clearing & SettlementFraud and Chargeback Services
Merchant ServicesOtherPayment Gateway/Switch
Payment Processing - Internet
Payment Processing - MOTO
71 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
TransFirst Payment Processing - POSMay 31, 2011 Solutionary, Inc.
Transnational Bankcard, Inc. OtherJanuary 31, 2011 Valcom
TransPerfect Translations Inc.
OtherDecember 31, 2011 403 Labs
TransUnion Interactive, Inc. OtherNovember 30, 2011 SecurityMetrics, Inc.
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Ukrainian Processing Center (UPC)
Process Magnetic-Stripe Transactions
September 30, 2011 SRC Security Research & Consulting GmbH (SRC)
Switching
UltraCart Merchant ServicesSeptember 30, 2011 Compliance Point
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Universal Money Centers Inc.
Clearing & SettlementSeptember 30, 2011 Information Exchange
Merchant Services
Payment Gateway/Switch
Payment Processing - ATM
UrbanStyle, Inc. Hosting ProviderDecember 31, 2011 Compass IT Compliance, LLC
US ALLIANCE GROUP, INC OtherNovember 30, 2011 SecurityMetrics
Payment Gateway
US Bank - ATM Banking AuthorizationApril 30, 2011 TrustWave
Clearing & Settlement
Other
Process Magnetic-Stripe TransactionsSwitching
US Bank - Gaming Services AuthorizationApril 30, 2011 TrustWave
Clearing & Settlement
OtherProcess Magnetic-Stripe Transactions
Switching
US Bank - Voyager OtherJuly 31, 2011 TrustWave
US Bank E-Payment Service IPSP (E-commerce)January 31, 2011 Trustwave
Payment Gateway
US Bank Multiservice Aviation
Payment Gateway/SwitchDecember 31, 2011 Trustwave
US Bank Retail Payment Solutions - Integrated Card Systems
Account ManagementDecember 31, 2011 TrustWave
Clearing & Settlement
Fraud and Chargeback ServicesIssuing Processing
Other
USA ePay AuthorizationApril 30, 2011 Trustwave
Payment Gateway
USA Fulfillment, Inc. AuthorizationNovember 30, 2011 AT&T Consulting
Clearing & Settlement
Hosting Provider
USA Payment Systems, Inc. AuthorizationDecember 31, 2010 K3DES
Clearing & Settlement
75 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
USA Payment Systems, Inc. Process Magnetic-Stripe Transactions
December 31, 2010 K3DES
Switching
USA Technologies Payment GatewayJanuary 31, 2011 Trustwave
USA800 MOTO Payment ProcessingSeptember 30, 2011 IOActive, Inc.
Payment Gateway
ValuCard Nigeria Plc 3-D Secure Access Control Server
Varolii Corporation OtherMarch 31, 2011 Brightline CPAs & Associates, Inc.
Payment Gateway/Switch
VEGAS.COM Loyalty ProgramsJuly 31, 2011 Trustwave
MOTO Payment Processing
76 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
VEGAS.COM Payment GatewayJuly 31, 2011 Trustwave
Vendmore Systems, LLC (StadiumVIP, LLC)
AuthorizationNovember 30, 2010 Arsenal Security Group
Clearing & Settlement
VenTek International Payment GatewayNovember 30, 2011 Digital Resources Group (DRG)
Verizon Business Global Services System Integration (VB-GSSI)
Payment GatewayJanuary 31, 2011 Trustwave
Verizon Business Remote Application Management
OtherFebruary 28, 2011 Trustwave
Verizon Computing as a Service
Hosting ProviderJune 30, 2011 Trustwave
Verrus Mobile Technologies AuthorizationNovember 30, 2011 Trustwave
77 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Verrus Mobile Technologies MOTO Payment ProcessingNovember 30, 2011 Trustwave
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Visa Inc. (including Visa Debit Processing)
Account ManagementJune 30, 2011 Trustwave
Back Office Services
Billing Management
Clearing & SettlementData PreparationFraud and Chargeback Services
Voice Data Solutions OtherOctober 31, 2011 SecurityMetrics
79 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
* Current PCI DSS status is under review.
SERVICE PROVIDERVALIDATION
DATESERVICES
COVERED BY REVIEW (1) ASSESSOR
List of Compliant Service Providers - All
AP CEMEA LAC NA
Volusion Hosting ProviderJanuary 31, 2011 Payment Software Company (PSC)
Clearing & SettlementFraud and Chargeback Services
Loyalty Programs
Payment Gateway/Switch
80 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.
ZirMed, Inc. Payment GatewayApril 30, 2011 403 Labs
Zuora, Inc. AuthorizationJune 30, 2011 Digital Resources Group (DRG)
Payment Gateway
82 of 82
(1) PCI DSS assessments represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers.
Visa has no duty to clients, merchants, processors or other third parties to obtain or review reports from any party required to submit a report. Visa is not responsible to any party for the timeliness, accuracy or completeness of any report. Inclusion on this list indicates only that the service provider successfully validated PCI DSS compliance, based on the report of an independent Qualified Security Assessor (QSA). Visa does not endorse the service providers or their business processes or practices. Visa has sole discretion to include or exclude entities on this list.