SIOUX FALLS, SD, April 18, 2006 - CAPITAL Card Services, Inc. (CAPITAL), a leader in portfolio management and card outsourcing solutions, today announced that is has submitted to the credit card associations a Report on Compliance (ROC) to validate the company’s compliance with the Payment Card Industry (PCI) Data Security Standard. AmbironTrustWave, the leading provider of data security and compliance services to businesses in the payment industry, performed the audit.

“The protection of customer information is one of the most important – if not the most important – issue confronting today’s businesses. As we demonstrated in our Report on Compliance, CAPITAL has taken the necessary precautions to protect the cardholder data we manage on behalf of our clients, and to comply with the data security requirements outlined in the PCI Data Security Standard,” said Jeff Aegerter, President and CEO of CAPITAL Card Services, Inc.

Launched in December 2004, the Payment Card Industry Data Security Standard – known as PCI – is comprised of 12 data security requirements designed to protect sensitive information from being compromised. These requirements, which also include numerous sub-requirements, are applicable to all businesses that store, process, or transmit cardholder information.

To meet stringent security requirements of credit card associations, CAPITAL submitted to a rigorous audit of its information security policies, procedures, and IT environment, which included the following components:

• Penetration Testing or “ethical hacking” of their IT environment
• Security Assessment to determine the effectiveness of current security controls
• Remediation to ensure any areas of potential non-compliance were addressed
• Report on Compliance to benchmark CAPITAL with the PCI standard

AmbironTrustWave, a Chicago-based firm that specializes in data security and compliance services and a Qualified Data Security Company (QDSC) for all the card associations, conducted a comprehensive PCI security review for CAPITAL. In addition, AmbironTrustWave will perform regular audits on CAPITAL’s IT systems to maintain its compliance on a regular basis.

“We are pleased to be working with a market leader such as CAPITAL to further secure the transaction supply chain,” said Robert J. McCullen, CEO of AmbironTrustWave. “With its leadership position in the market, CAPITAL sets the standard for other payment industry service providers to validate compliance with PCI.”

Become a bobsguide member to access the following

1. Unrestricted access to bobsguide
2. Send a proposal request
3. Insights delivered daily to your inbox
4. Career development