Offers AmbironTrustWave's Risk Profiler to Help Merchants Validate PCI DSS ComplianceATLANTA, May 23, 2007 (BUSINESS WIRE) -- NOVA Information Systems (NOVA), a wholly owned subsidiary of U.S.
Bancorp (NYSE:USB) and a leader in the payment processing industry,
has launched a data security compliance program to help "Level 4"
merchants comply with the Payment Card Industry Data security Standard
(PCI DSS). According to the PCI DSS, Level 4 merchants are defined by
processing fewer than 20,000 e-commerce transactions and/or fewer than
1 million Visa(R) or MasterCard transactions annually. NOVA currently
processes for more than 850,000 merchants in North America, most of
which meet the Level 4 criteria.
To help small businesses better secure credit card information
they process and/or transmit, all of NOVA's Level 4 merchants will now
have access to AmbironTrustWave's Risk Profiler, an automated risk
analysis engine. The tool has primarily been used by acquirers and
ISOs to identify and aggregate risk across their entire merchant base.
NOVA's implementation will allow its merchants to directly access the
tool and complete a series of questions about acceptance methods,
point-of-sale system, transaction volume and other parameters. Once
completed, a risk score is provided along with recommendations for the
merchant to achieve PCI DSS compliance.
"The protection of consumer and card data is imperative for
merchants of all sizes," said Gerry Tilson, vice president, Card
Association Compliance, NOVA. "As larger retailers implement
PCI-compliant systems, fraudsters will have even more of a tendency to
move downstream to smaller businesses. Together, NOVA and
AmbironTrustWave are working toward end-to-end security for all
merchants in our base."
"While much of the attention regarding PCI DSS compliance for the
past couple years has focused on the large merchants and service
providers, the trends indicate that small businesses are just as
vulnerable to a data security breach," said Robert McCullen, chairman
and CEO, AmbironTrustWave. "We applaud NOVA for taking such a
wide-scale proactive step in protecting cardholder data and mitigating
risk for all of its merchants."
Small businesses tend to be victimized by hackers more than large
businesses. In fact, according to an analysis of AmbironTrustWave data
compromise investigations, Level 4 merchants account for more than 80
percent of the cases in which credit card data is stolen from
merchants. More than 90 percent of compromises are caused by a
security flaw in a third-party software or service used by merchants
to process credit card transactions. The average compromise case
results in the exposure of approximately 40,000 credit cards.
AmbironTrustWave developed the RiskProfiler in 2005, and since
then several large acquirers and ISOs have used the RiskProfiler to
identify and aggregate their risk across thousands of merchants.
AmbironTrustWave is a global provider of information security and
compliance management solutions to businesses and the public sector.
The company has serviced more than 30,000 organizations throughout the
world including banks, merchants, service providers and software
developers that are required to validate compliance with industry best
practices for safeguarding information endorsed by American Express,
Discover, MasterCard Worldwide, Visa International and Visa USA.
AmbironTrustWave is headquartered in Chicago with offices throughout
the United States, Europe and Asia. For more information, visit
NOVA Information Systems, a leader in the payment processing
industry is a wholly owned subsidiary of U.S. Bancorp (NYSE:USB). NOVA
and euroConex, its European affiliate, provide global merchant
processing services to financial institutions and clients in the
United States, Canada, and Europe, and currently support more than
1,000,000 merchants worldwide. For more information, visit
SOURCE: NOVA Information Systems
NOVA Information Systems
Michelle Graff, 678-731-5064
Michael Petitti, 312-873-7291