Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


04:22 PM
Dark Reading
Dark Reading
Products and Releases

Trustwave Launches TrustKeeper 3.0

TrustKeeper 3.0 profiles merchant's behavior pertaining to credit card acceptance and information security business practices

CHICAGO (November 19, 2009) "Trustwave, the leading provider of on-demand data security and payment card industry compliance management solutions to businesses and organizations throughout the world, unveils TrustKeeper 3.0, the next generation of Trustwave's industry leading compliance platform. TrustKeeper 3.0 is a new revolutionary approach to supporting Level 4 merchants' efforts to validate compliance with the Payment Card Industry Data Security Standard.

PCI DSS is the payment card industry security requirement for entities that store, process or transmit cardholder data, and has been endorsed by all the major card brands — Visa Inc., MasterCard Worldwide, Discover Network, American Express and JCB. Level 4 merchants are defined as those that process fewer than 20,000 e-commerce transactions and/or fewer than 1 million single card transactions per year.

Trustwave's ground-breaking Web portal moves merchants through the compliance process with ease and efficiency by making the PCI compliance process accessible to the non-technical user. TrustKeeper 3.0 profiles merchant's behavior pertaining to credit card acceptance and information security business practices. Using the information compiled, TrustKeeper 3.0 simplifies and automates the PCI DSS compliance process. This simplified process renders a result as to whether or not the merchant is compliant, which facilitates the compliance process for even the most inexperienced, non-technical merchants. Should a merchant be found non-compliant, TrustKeeper 3.0 provides actionable recommendations to mitigate any issues to better protect their customer's data.

Acquirers and ISOs interested in implementing a PCI program for their merchant portfolios benefit from the innovative approach of TrustKeeper 3.0, which minimizes the effort required for their merchants to comply, thereby increasing adoption and lowering the financial risks associated with data compromises. TrustKeeper 3.0 features include:

  • Easy Enrollment: A stream-lined registration process guides merchants into the compliance process with simple questions about their payment environment, ensuring each merchant is enrolled in a PCI program suitable for their business.

  • Step-By-Step PCI Wizard: A personalized, guided interview that translates the language of the PCI assessment into terms merchants can understand, and uses their answers to complete the process on their behalf.

  • TrustKeeper Agent: Merchants may download and install software on their Point-of-Sale (POS) systems, which further automates the PCI process by gathering important technical details needed for the PCI assessment. The TrustKeeper Agent also provides security features for the POS system.

  • Online Educational and Compliance Tools: On-demand help text, tutorials and optional tools such as TrustKeeper's Security Policy Advisor and Security Awareness Education ensure that merchants can efficiently complete the PCI process.

  • Vulnerability Scan Management: Proprietary scanning technology ensures that both brick and mortar and e-commerce merchants maintain compliant networks and systems.

  • Reporting for Program Sponsors: Real-time reporting provides acquirers and ISOs the ability to monitor the compliance progress of their merchant populations.

  • Compliance Certificate: The Trustwave certificate identifies the measures taken by merchants to validate compliance.

    To facilitate the compliance process for merchants around the world, TrustKeeper 3.0 has multi-lingual capabilities. Trustwave also has compliance call centers in Chicago and Warsaw, Poland, for merchants in need of additional support. The call centers are available 24 x 7 and support English, Spanish, German, French, Swedish, Polish, Flemish, Norwegian and Italian.

    "Trustwave worked closely with smaller merchants and acquirers to thoroughly understand their security and compliance needs while developing TrustKeeper 3.0," says Doug Klotnia, general manager, compliance division. "This new platform provides tools throughout the compliance process to support and facilitate merchant validation and allows program sponsors to effectively manage large-scale programs with added ease and functionality."

    "Smaller merchants often do not have the resources or IT experience to manage their compliance initiatives," says Robert J. McCullen, chairman and CEO of Trustwave. "Our proprietary technology will facilitate their experience by ensuring that they understand the compliance standard and process, and provide actionable remediation recommendations to manage vulnerabilities and achieve compliance."

    About Trustwave Trustwave is the leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper' compliance management software and other proprietary security solutions. Trustwave has helped thousands of organizations—ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers—manage compliance and secure their network infrastructure, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, Asia and Australia. For more information, visit https://www.trustwave.com.

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    Inside the Ransomware Campaigns Targeting Exchange Servers
    Kelly Sheridan, Staff Editor, Dark Reading,  4/2/2021
    Beyond MITRE ATT&CK: The Case for a New Cyber Kill Chain
    Rik Turner, Principal Analyst, Infrastructure Solutions, Omdia,  3/30/2021
    Register for Dark Reading Newsletters
    White Papers
    Current Issue
    2021 Top Enterprise IT Trends
    We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
    Flash Poll
    How Enterprises are Developing Secure Applications
    How Enterprises are Developing Secure Applications
    Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    PUBLISHED: 2021-04-14
    An overly permissive CORS policy in Devolutions Server before 2021.1 and Devolutions Server LTS before 2020.3.18 allows a remote attacker to leak cross-origin data via a crafted HTML page.
    PUBLISHED: 2021-04-14
    An SQL Injection issue in Devolutions Server before 2021.1 and Devolutions Server LTS before 2020.3.18 allows an administrative user to execute arbitrary SQL commands via a username in api/security/userinfo/delete.
    PUBLISHED: 2021-04-14
    An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate escaping allowed XSS attacks using the logo parameter of the default templates on error page
    PUBLISHED: 2021-04-14
    An issue was discovered in Joomla! 3.0.0 through 3.9.25. Inadequate filters on module layout settings could lead to an LFI.
    PUBLISHED: 2021-04-14
    Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK A720R router with firmware v4.1.5cu.470_B20200911 allows remote attackers to execute arbitrary OS commands by sending a modified HTTP request. This occurs because the function executes glibc's system funct...