PRESS RELEASE

The PCI Security Standards Council (PCI SSC), an independent industry standards body providing management of the Payment Card Industry Data Security Standard (DSS) on a global basis, today announced the results of elections for the PCI SSC Board of Advisors.

The Board of Advisors will represent the current global roster of over 500 PCI SSC Participating Organizations and provide critical feedback to the ongoing enhancement of security standards managed by the Council.

More than 140 organizations from across the payment industry were nominated for their direct experience and leadership in the field, reflecting the varied perspectives of different global stakeholders. To ensure the desired breadth of industry focus, the elected seats were distributed within the categories of: Financial Institutions; Merchants; Processors; Vendors, and Others (Industry Associations, etc).

Of those nominated, 14 organizations were elected by their peers in the PCI SSC Participating Organizations member base to serve on the board and provide strategic and technical guidance to the PCI Security Standards Council. To ensure geographic and functional diversity, an additional seven seats were appointed from the Participating Organization roster by the PCI SSC Executive Council to fill any gaps in representation and to help augment any under-represented stakeholder sector or geographic market. As a worldwide organization managing a portfolio of industry standards, the Council seeks input from EMEA, North America, Latin America and Asia Pacific to reflect the global nature of card data security threats.

The new Board of Advisors is comprised of representatives from the following organizations: Bank of America Banrisul S.A. Barclaycard Chase Paymentech Solutions Inc Cisco Citrix Systems, Inc. European Payments Council Exxon Mobil Corporation First Data Global Payments Inc. JPMorgan Chase & Co Lufthansa Systems Passenger Services McDonald's Corporation MICROS Systems, Inc. National Australia Bank PayPal Royal Bank of Scotland Group Tesco Stores Ltd TSYS Acquiring Solutions VeriFone Wal-Mart Stores, Inc

The inaugural Board of Advisors, which served a two year term from 2007 to 2009, played an integral part in setting strategic direction for the Council during its formative years. Some of the areas the Board helped guide over this term include the evolution of the PCI Data Security Standard from version 1.1 to 1.2, publication of the Prioritized Approach to PCI DSS and the formation of special interest groups on wireless, scoping, virtualization and pre-authorization. Board representatives will continue to play a leadership role in these groups, working with other industry stakeholders to examine the impact of different technologies and industry specific challenges on the implementation of PCI Security Standards.

"Our Participating Organizations came out in force in the recent Council nominations and election process. It is exciting to see such widespread participation," said Bob Russo, general manager, PCI Security Standards Council. "I would like to congratulate not only our new Board of Advisors but everyone who continues to join the Council in pursuing its mission of securing payment card data, through these collaborative processes. I'm confident our new Board of Advisors will build upon the success of their predecessors in helping the Council to effectively evolve the PCI standards and bring new tools and resources to market to help improve education and implementation of PCI standards."

The first order of business for the new Board of Advisors will be reviewing the results of a Council commissioned emerging technology study and preparing for the 2009 PCI Security Standards Council Community Meetings in Las Vegas (22-24 September) and Prague, Czech Republic (27-28 October).

For more information about the PCI Security Standards Council or to become a Participating Organization please visit pcisecuritystandards.org, or contact the PCI Security Standards Council at [email protected].

About the PCI Security Standards Council The mission of the PCI Security Standards Council is to enhance payment account security by fostering broad adoption of the PCI Data Security Standard and other standards that increase payment data security. The PCI Security Standards Council was formed by the major payment card brands American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa Inc. to provide a transparent forum in which all stakeholders can provide input into the ongoing development, enhancement and dissemination of the PCI Data Security Standard (DSS), PIN Entry Device (PED) Security Requirements and the Payment Applications Data Security Standard (PA-DSS). Merchants, banks, processors and point of sale vendors are encouraged to join as Participating Organizations.

Andrea Gosselin Account Coordinator, Boston Text 100 Public Relations D: 617.399.4984 M: 603.504.5255 E: [email protected] The Holmes Report's Best Midsized Agency to Work For, 2008