HOME  
PRODUCTS & SERVICES  
CORPORATE INFORMATION  
PRESS ROOM   
CONTACT US  
CAREERS  
TERMS OF USE  

CAPITAL Corporate News

CAPITAL Card Services Submits Compliance Credentials to Card Associations
April 18, 2006

SIOUX FALLS, SD, April 18, 2006 - CAPITAL Card Services, Inc. (CAPITAL), a leader in portfolio management and card outsourcing solutions, today announced that it has submitted to the credit card associations a Report on Compliance (ROC) to validate the company’s compliance with the Payment Card Industry (PCI) Data Security Standard. AmbironTrustWave, the leading provider of data security and compliance services to businesses in the payment industry, performed the audit.

“The protection of customer information is one of the most important – if not the most important – issue confronting today’s businesses. As we demonstrated in our Report on Compliance, CAPITAL has taken the necessary precautions to protect the cardholder data we manage on behalf of our clients, and to comply with the data security requirements outlined in the PCI Data Security Standard,” said Jeff Aegerter, President and CEO of CAPITAL Card Services, Inc.

Launched in December 2004, the Payment Card Industry Data Security Standard – known as PCI – is comprised of 12 data security requirements designed to protect sensitive information from being compromised. These requirements, which also include numerous sub-requirements, are applicable to all businesses that store, process, or transmit cardholder information.

To meet stringent security requirements of credit card associations, CAPITAL submitted to a rigorous audit of its information security policies, procedures, and IT environment, which included the following components:

  • Penetration Testing or “ethical hacking” of their IT environment
  • Security Assessment to determine the effectiveness of current security controls
  • Remediation to ensure any areas of potential non-compliance were addressed
  • Report on Compliance to benchmark CAPITAL with the PCI standard

AmbironTrustWave, a Chicago-based firm that specializes in data security and compliance services and a Qualified Data Security Company (QDSC) for all the card associations, conducted a comprehensive PCI security review for CAPITAL. In addition, AmbironTrustWave will perform regular audits on CAPITAL’s IT systems to maintain its compliance on a regular basis.

“We are pleased to be working with a market leader such as CAPITAL to further secure the transaction supply chain,” said Robert J. McCullen, CEO of AmbironTrustWave. “With its leadership position in the market, CAPITAL sets the standard for other payment industry service providers to validate compliance with PCI.”

About AmbironTrustWave
AmbironTrustWave is a leading provider of information security and compliance management solutions to Fortune 2000 businesses and the public sector. The company's flagship product, TrustKeeper ®, provides data security and compliance services to approximately 30,000 businesses throughout the world. Through its TrustedCommerce SM program, AmbironTrustWave helps banks, merchants, service providers and software developers mitigate their risk by validating compliance with industry best practices for safeguarding information endorsed by American Express, Discover, MasterCard International, Visa International and Visa USA. AmbironTrustWave clients include financial organizations, global electronic exchanges, educational institutions and business services firms. The Company also provides services to several government agencies. AmbironTrustWave is headquartered in Chicago with offices throughout the United States and Europe. To learn more about AmbironTrustWave, please visit: www.atwcorp.com.