Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

12/21/2009
03:58 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Element Payment Services, Trustwave Partner In Level 4 PCI Compliance Program

Element merchants will have access to TrustKeeper 3.0 Web portal

CHICAGO AND PHOENIX (December 18, 2009) " Element Payment Services, Inc. (Element), a PCI-compliant payment processing provider, has partnered with Trustwave to implement a Level 4 compliance program to help merchants achieve and maintain compliance with the Payment Card Industry Data Security Standard (PCI DSS). Trustwave is the leading provider of on-demand data security and payment card industry compliance management solutions to businesses and organizations throughout the world.

The PCI DSS is the payment card industry security requirement for entities that store, process or transmit cardholder data, and has been endorsed by all the major card brands " Visa Inc., MasterCard Worldwide, Discover Network, American Express and JCB. PCI Compliance Level 4 merchants are defined as those that process fewer than 20,000 e-commerce transactions and/or fewer than 1 million single card transactions per year.

As part of Element's commitment to assisting with PCI DSS compliance obligations, merchants will have access to Trustwave's TrustKeeper' 3.0. This new Web portal makes compliance validation easy and efficient for all Element merchants, including non-technical users. Using the new PCI Wizard, merchants work through a personalized, guided interview that simplifies the complex terminology of the PCI assessment into terms the merchant can understand, and uses their answers to complete the process on their behalf. By profiling merchant behavior pertaining to credit card acceptance and information security business practices, TrustKeeper 3.0 uses the information compiled and renders a result as to whether or not the merchant is compliant.

Element merchants will have access to several other features of TrustKeeper 3.0, all designed to help facilitate compliance. Some of those features include:

  • TrustKeeper Agent: Trustwave's state-of-the-art software security agent is downloaded and installed on the merchant's point-of-sale (POS) systems. TrustKeeper Agent provides security features for the POS system, including: daily identification of stored track data, file integrity management and security checks on firewall and anti-virus functionality. In addition, TrustKeeper Agent identifies the POS payment application, and determines if it is recognized as a compliant PCI DSS product.

  • Vulnerability Scan Management: Proprietary scanning technology ensures that both brick and mortar and e-commerce merchants maintain compliant networks and systems.

  • Online Educational and Compliance Tools: On-demand help text, tutorials and optional tools such as TrustKeeper's Security Policy Advisor and Security Awareness Education ensure that merchants can efficiently complete the PCI DSS validation process.

  • PCI Assistant: Online video tutorials will help guide merchants through general cardholder data security, the PCI DSS and how to comply with the PCI DSS.

  • Breach Protection: Merchants enrolled in the compliance program will receive credit card breach insurance to for added protection and peace-of-mind.

    Compliance support services are also available for those businesses requiring additional guidance to become PCI DSS compliant.

    "Research shows small businesses are more vulnerable to credit card compromise, making this partnership critical to our merchants. By providing compliance resources, support and best practices this program will help ensure they protect their organization from a cardholder data breach," says Sean Kramer, president and CEO at Element Payment Services. "We're confident that Trustwave's proprietary technology, TrustKeeper 3.0, will help our merchants understand, facilitate and maintain their compliance efforts."

    "Many small merchants are not focused on compliance and often lack the resources to ensure their environment is properly secured," says Robert J. McCullen, chairman and CEO of Trustwave. "The ease-of-use of TrustKeeper 3.0 will allow merchants to validate their compliance, resulting in a more secure payment environment and safe shopping for their consumers."

    About Element Payment Services

    Headquartered in Phoenix, Arizona, Element Payment Services, Inc. provides integrated payment processing solutions to merchants through partnership with leading business management software providers. Engineered using service-oriented architecture, Element's Express Processing Platform allows for easy integration and supports credit and debit card, ACH and check solutions for its merchants. Processing $4 billion in annual transaction volume, Element's secure, innovative and reliable payment solutions allow its customers to easily comply with industry security requirements such as PCI DSS, PA-DSS (PABP), significantly reducing the risk of a cardholder data breach. For more information, visit www.elementps.com.

    About Trustwave Trustwave is the leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper' compliance management software and other proprietary security solutions. Trustwave has helped thousands of organizations—ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers—manage compliance and secure their network infrastructure, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, China and Australia. For more information, visit https://www.trustwave.com.

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    Manchester United Suffers Cyberattack
    Dark Reading Staff 11/23/2020
    As 'Anywhere Work' Evolves, Security Will Be Key Challenge
    Robert Lemos, Contributing Writer,  11/23/2020
    Cloud Security Startup Lightspin Emerges From Stealth
    Kelly Sheridan, Staff Editor, Dark Reading,  11/24/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon Contest
    Write a Caption, Win an Amazon Gift Card! Click Here
    Latest Comment: This comment is waiting for review by our moderators.
    Current Issue
    2021 Top Enterprise IT Trends
    We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
    Flash Poll
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-27218
    PUBLISHED: 2020-11-28
    In Eclipse Jetty version 9.4.0.RC0 to 9.4.34.v20201102, 10.0.0.alpha0 to 10.0.0.beta2, and 11.0.0.alpha0 to 11.0.0.beta2, if GZIP request body inflation is enabled and requests from different clients are multiplexed onto a single connection, and if an attacker can send a request with a body that is ...
    CVE-2020-29367
    PUBLISHED: 2020-11-27
    blosc2.c in Blosc C-Blosc2 through 2.0.0.beta.5 has a heap-based buffer overflow when there is a lack of space to write compressed data.
    CVE-2020-26245
    PUBLISHED: 2020-11-27
    npm package systeminformation before version 4.30.5 is vulnerable to Prototype Pollution leading to Command Injection. The issue was fixed with a rewrite of shell sanitations to avoid prototyper pollution problems. The issue is fixed in version 4.30.5. If you cannot upgrade, be sure to check or sani...
    CVE-2017-15682
    PUBLISHED: 2020-11-27
    In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to inject malicious JavaScript code resulting in a stored/blind XSS in the admin panel.
    CVE-2017-15683
    PUBLISHED: 2020-11-27
    In Crafter CMS Crafter Studio 3.0.1 an unauthenticated attacker is able to create a site with specially crafted XML that allows the retrieval of OS files out-of-band.