DIBS Payment Services to Provide PCI DSS Compliance Services for E-Commerce Merchants

1 April 2008

DIBS Payment Services, listed at First North, and Trustwave have announced a compliance management program to help Level Two, Three and Four e-commerce merchants in 17 countries, including Sweden, Denmark, Norway, Finland, Germany, Great Britain, The Netherlands and France, comply with the Payment Card Industry Data Security Standard (PCI DSS). Trustwave is a leading provider of data security and compliance management solutions to businesses and organizations throughout the world.

PCI DSS is the payment card industry security requirement for entities that process, transmit and/or store cardholder data, and has been endorsed by all the major card brands – Visa Inc., MasterCard Worldwide, Discover Network, American Express and JCB. Merchant compliance requirements are segmented into four levels based on the number of transactions a merchant processes annually. The following defines e-commerce merchant Level Two through Level Four:

• Level Two: Any merchant regardless of acceptance channel, processing 1,000,000 to 6,000,000 transactions per year, in a single card brand.
• Level Three: Any merchant processing 20,000 to 1,000,000 e-commerce transactions per year, in a single card brand.
• Level Four: Any merchant processing fewer than 20,000 e-commerce transactions per year, in a single card brand.

DIBS Payment Services will offer their Level Two, Three and Four e-commerce merchants Trustwave’s Risk Profiler, an online portal that defines data security risk associated with credit card acceptance practices. Risk Profiler guides merchants through a dynamic question-set that presents merchants with simple questions about their card acceptance environment. Risk Profiler then analyzes and correlates the responses to give merchants and service providers a risk score.

Trustwave’s Risk Profiler is the first stage of its TrustKeeper® compliance management program. TrustKeeper provides merchants with access to tools necessary to validate PCI DSS compliance including the Self-Assessment Questionnaire and vulnerability scanning, and when necessary, remediation recommendations.

“As a payment service provider who has already validated PCI DSS compliance, we understand the importance of adhering to the standard, and have thus instituted this program for our e-commerce merchants,” says Eric Wallin, CEO of DIBS. “The program’s easy-to-follow process will ensure our merchants, large or small, have the most intuitive technology to ensure their compliance.”

“Our forensic investigation data into data breach cases clearly shows that more often than not, smaller merchants – those in Level Two, Three and Four categories are more likely to experience theft of their customer’s credit card information,” says Robert J. McCullen, chairman and CEO of Trustwave. “By offering the latest compliance technology to their clients, DIBS is not only helping merchants achieve compliance, but maintain compliance on a continual basis.”

Become a bobsguide member to access the following

1. Unrestricted access to bobsguide
2. Send a proposal request
3. Insights delivered daily to your inbox
4. Career development