Datapipe Named CISP Compliant Service Provider


Hoboken, NJ — April 22, 2005 — Datapipe, a global provider of managed hosting services announced today that Ambiron, LLC completed its inspection of Datapipe for conformance with Visa’s Cardholder Information Security Program (CISP). The company now operates as a service provider for a CISP compliant ecommerce solution.

Visa developed CISP to ensure protection of sensitive cardholder information through all phases including collection, transmission and storage. The standards mark a significant advance in the war against identity theft and fraud by ensuring that the merchant or service provider does not leave cardholder data vulnerable to compromise.

As a CISP compliant solution service provider, Datapipe assists its clients in ensuring the full security and compliance of their ecommerce network. Many small to medium sized business owners are not yet aware that they are responsible for this compliance, even if they do not store, process or transmit the cardholder data themselves. Any third party service provider they outsource to must also be compliant.

Merchants must go through the certification process themselves if they want to claim legitimate compliance and avoid being fined by Visa. Compliance assurances on their end involve issues such as how they handle their hard copy media and which of their employees are allowed to access the accounts. While the solution does not allow Datapipe’s clients to claim certification themselves, it does allow them to say that they outsource certain requirement standards to a CISP compliant provider.

"Attaining our CISP certification allows us to address yet another compliance issue that is important to our clients," says Robb Allen, CEO of Datapipe. "We continually strive to deliver the most advanced security solutions for our clients. While we have always operated within a secure service delivery infrastructure, gaining this certification gives our clients even more confidence in our security capabilities.”

While CISP is defined as an ongoing development, the initial efforts have focused primarily on the ecommerce acceptance channel. This includes an annual schedule for validation of certain major internet-based merchants’ security positions. CISP also includes, or will soon include, mail/telephone, face-to-face and wireless acceptance channels.