Transcription

The MasterCard Compliant Service Provider ListA company’s name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customer’s sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any kind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standardspertaining to use of a Service Provider.As a reminder, an AOC by a QSA provides a “snapshot” of security controls in place at a point in time.Service Provider NameRegionAOC DateAssessor1&1 Internet AG (1&1, 1&1 ipayment,ipayment.de)Europe05/11/2015Security Research & Consulting GmbH1Link (Guarantee) LimitedSAMEA11/17/2015Trustwave1stPayGateWay, LLCUS05/28/2015IBM Internet Security Systems (ISS)2000Charge Inc.US12/30/2014Information Exchange Inc.24 Solutions ABEurope06/15/2015CryptoNet Srl24/7 Customer, Inc.US03/26/2015Trustwave2C Processor USA, LLCUS02/26/2015Information Exchange Inc.2C2P (Thailand) Co. Ltd.Asia Pacific04/27/2015AGES Systems Gelderfarenit PTE LTD2C2P Pte., Ltd.Asia Pacific01/06/2016Trustwave2Checkout.com (2CO E-Commerce PaymentsLTD)US10/26/2015DirectDefense3Cinteractive CorporationUS08/14/2015Online Enterprises3dCart (Informat 2000 Corp)US03/10/2015SecurityMetrics3Delta Systems, Inc.US09/16/2015FortrexABC Financial Services, Inc.US08/10/2015Coalfire Systems, Inc.Abtran Ltd.Europe10/01/2015RitsAccel NetworksUS04/30/2015CompliancePoint, Inc.Friday, January 15, 2016Page 1 of 57

The MasterCard Compliant Service Provider ListA company’s name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customer’s sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any kind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standardspertaining to use of a Service Provider.As a reminder, an AOC by a QSA provides a “snapshot” of security controls in place at a point in time.Service Provider NameRegionAOC DateAssessorAccelerated Payment Technologies: a division ofGlobal Payments Direct, Inc.US07/16/2015Payment Software Company (PSC)Accenture LLPUS09/26/2015Verizon/CybertrustACCEO Solutions Inc.Canada11/06/2015TrustwaveAcceptiva, LLCUS03/30/2015TrustwaveAccertify, Inc.US06/05/2015Halock Security LabsAccesso, LLCUS05/29/2015TrustwaveAcculynk Inc. (PaySecure, PayLeap, Payzur)US04/20/2015Information Exchange Inc.Accumulate ABEurope09/30/201524 Solutions ABACI Worldwide - Retail Decisions Inc.US12/29/2015TrustwaveACI Worldwide, Inc. (PRM, Retail On Demand,and Postilion Retail Environments)US12/01/[email protected], LLC (Xerox FPS Lockbox SunTrust USService)06/04/2015SecurityMetricsActive Network (Active Merchant Services)[formerly (Infospherix, ReserveWorld, AWO)]US10/31/2015K3DES LLCAdaptive Payments, Inc.US10/29/2014Dara SecurityAdflex LimitedEurope06/26/2015Evolution LTDAdvam Pty Ltd.Asia Pacific04/01/2015Secure Logic Pty LtdAdyen B.V.Europe09/15/2015TrustwaveAffiliated Acceptance CorporationUS12/11/2014TrustwaveAffinion Benefits GroupUS12/23/2014TrustwaveAffinity Solutions LLCUS12/15/2015Coalfire Systems, Inc.AGS Transact Technologies LimitedSAMEA03/17/2015SISA Information Security Pvt. Ltd.Aimia Canada Inc. and Aimia Proprietary LoyaltyCanada IncCanada06/18/2015ControlCaseAirlines Reporting Corporation (ARC)US11/18/2015Brightline CPAs & Associates, Inc.Aizan Technologies Inc.Canada08/20/2015DatassurantFriday, January 15, 2016Page 2 of 57

The MasterCard Compliant Service Provider ListA company’s name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customer’s sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any kind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standardspertaining to use of a Service Provider.As a reminder, an AOC by a QSA provides a “snapshot” of security controls in place at a point in time.Service Provider NameRegionAOC DateAssessorAkamai Technologies Inc.US06/26/2015Cisco Systems, Inc.Alacriti, Inc.US01/14/2015Dara SecurityAlegeus Technologies, LLCUS07/07/2015TrustwaveAliaswire, Inc.US09/18/2015Dara SecurityAlipay (Europe) Limited (Branded as “AlipayEurope”)Europe06/03/2015atsec (Beijing) Information Technology Co., LAlipay.com Co., Ltd. (Alipay HangLv)Asia Pacific12/26/2015atsec (Beijing) Information Technology Co., LAlliance Data - Retail ServicesUS11/25/2014Verizon/CybertrustAllied Wallet Ltd. (GTBill, Baltic Bill)US06/19/2015DirectDefenseAlorica Direct, LLC (Alorica Direct II, LLC)US06/30/2015Continuum WorldwideAlorica Inc.US12/10/2015K3DES LLCAlpha Card Services Inc.US11/20/2015Information Exchange Inc.Alpha Note, Inc.Asia Pacific12/09/2015International Certificate Authority of Mgt SystAltapay Denmark (formerly Pensio A/S)Europe09/21/2015FortConsult A/SAltech Card Solutions (Division of Altron TMT(Pty) Ltd)SAMEA03/03/2015Sysnet Ltd.Altech NuPay (Pty) LtdSAMEA06/18/2015Sysnet Ltd.Amadeus IT Group S.A. (Spain)Europe12/14/2015Security Research & Consulting GmbHAMARA Tech (Pty) Ltd.SAMEA11/27/2014Sysnet Ltd.Amazon Web Services, LLCUS06/12/2015Coalfire Systems, Inc.Amazon.com, Inc.US06/12/2015Coalfire Systems, Inc.Amdocs Software System, Ltd.US11/18/2015GRSee ConsultingAmerican Bancard, LLC (Touchsuite)US12/23/2014Enterprise Risk ManagementAmerican Data Technology Inc.US04/22/2015Specialized Security Services, Inc.Americaneagle.com (Svanaco, Inc.)US09/09/2015FortrexAmeriCommerce, LPUS12/14/2014TrustwaveAnywhereCommerce Inc.Canada04/23/2015Sysnet Ltd.Friday, January 15, 2016Page 3 of 57

The MasterCard Compliant Service Provider ListA company’s name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customer’s sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any kind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standardspertaining to use of a Service Provider.As a reminder, an AOC by a QSA provides a “snapshot” of security controls in place at a point in time.Service Provider NameRegionAOC DateAssessorAOC Solutions, Inc.US09/18/2015FortrexAOL Inc.US11/07/2014IOActive, Inc.Apac Link Solutions LimitedAsia Pacific05/09/2015Thales Transport & Security (Hong Kong) LtdAPCO Systems Ltd.Europe11/24/2015Kyte Consultants, Ltd.Aperia Solutions (formerly Data Delivery Services, USInc.)04/30/2015Coalfire Systems, Inc.AppDirect, Inc.US03/03/2015SecureWorksApriva, LLC (formerly APPSware Wireless, LLC)US09/08/2015Brightline CPAs & Associates, Inc.Aptos (formerly Epicor Retail s, Inc. - Digital Commerce (formerlyShopVisible LLC)US10/01/2015CompliancePoint, Inc.Arab Financial Services B.S.C.SAMEA05/20/2015SISA Information Security Pvt. Ltd.Arcelik T.A.S.Europe03/31/2015Biznet Information SystemsAria Systems, Inc.US02/10/2015TrustwaveArise Virtual SolutionsUS05/31/2015Online EnterprisesArmenian Card CJSC (ARCA)Europe08/29/2015InformzaschitaArmor Defense, Inc.US05/31/2015Coalfire Systems, Inc.Artez InteractiveCanada12/15/2014ControlCaseArvato Distribution GmbHEurope12/18/2014Adsigo AGArvato Finance Services Ltd.Europe04/07/2015Adsigo AGAshburn InternationalEurope12/30/2015Cognit Consult, UABAsiaPay LimitedAsia Pacific06/17/2015TrustwaveASJ Inc.Asia Pacific06/01/2015Verizon/CybertrustASOCIACIÓN GREMIAL DE INSTITUCIONESFINANCIERAS CREDIBANCOLatin Americ12/31/2014TrustwaveAspect Software, Inc. (Voxeo, Voxeo EuropeLimited, Voxeo Germany GmbH)US03/23/2015SuneraFriday, January 15, 2016Page 4 of 57

The MasterCard Compliant Service Provider ListA company’s name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customer’s sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any kind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standardspertaining to use of a Service Provider.As a reminder, an AOC by a QSA provides a “snapshot” of security controls in place at a point in time.Service Provider NameRegionAOC DateAssessorAsseco SEE d.o.o.Europe07/13/2015VOC-Consultancy BVAsseco SEE Teknoloji A.Ş (formerly ElektronikSanal Ticaret Bilisim Hizmetieri A.S. (EST A.S.))Europe03/23/2015Evolution LTDASSIST.Technology (LLC) (formerly ModernPayment Solutions Ltd.)Europe06/16/2015Security Research & Consulting GmbHAT&T eCommerce Solution for Target.comUS11/03/2015ControlCaseAT&T Integrated Cloud (AIC)US05/05/2015TrustwaveAT&T Managed Firewall Service - Premise Based US08/31/2015TrustwaveAT&T Managed HostingUS11/30/2015TrustwaveAT&T Managed Services - AT&T ContentDelivery Network (ACDN)US08/05/2015TrustwaveAT&T Managed Services - AT&T EncryptionServices (AES)US12/11/2015TrustwaveAT&T Managed Services - AT&T Network BasedIP VPN Remote Access Service/AT&T VPNTunneling Service (ANIRAIAVTS)US08/03/2015TrustwaveAT&T Managed Services - AT&T Virtual PrivateNetwork Service (AVPN)/Enhanced VirtualPrivate Network (EVPN)/Private NetworkTransport (PNT)US08/03/2015TrustwaveAT&T Managed Services - Intrusion DetectionServices & Intrusion Prevention Services(IDS/IPS)US09/30/2015TrustwaveAT&T Managed Services - IP Telephony and LAN USServices (IPT/LS)08/01/2015TrustwaveAT&T Managed Services - Managed RouterServices (MRS)US07/31/2015TrustwaveAT&T Managed Services - Network BasedFirewall (NBFW)US08/14/2015TrustwaveAT&T Managed Services - Network Security withInternet Access (NSIA)US09/10/2015TrustwaveAT&T Managed Services – Security Event andThreat Analysis (SETA)US12/30/2015TrustwaveFriday, January 15, 2016Page 5 of 57

The MasterCard Compliant Service Provider ListA company’s name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customer’s sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any kind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standardspertaining to use of a Service Provider.As a reminder, an AOC by a QSA provides a “snapshot” of security controls in place at a point in time.Service Provider NameRegionAOC DateAssessorAT&T Managed Services - VoiceTone/InteractiveVoice Services-Advanced PlusUS08/13/2015TrustwaveAT&T Synaptic Hosting & Application Services(AT&T SH&AS)US12/29/2015TrustwaveAT&T Synaptic Storage as a Service (STaaS)US03/09/2015TrustwaveAT&T Ultravailable StorageUS06/09/2015TrustwaveAthenahealth, Inc.US10/02/2015Security Risk AdvisorsAtlantic-Pacific Processing Systems, Inc. (APPS)US12/19/2014Terra Verde LLCAtlatl, Inc (First One Now, LLC; Simply EasierPayments)US12/31/2015TrustwaveATOS Information Technology GmbHEurope08/15/2015usd AGAtrada Trading Network AGEurope11/18/2014TUV SUD Management Service GmbHAudienceView Ticketing CorporationCanada07/16/2015NCI Secured IntelligenceAurus Inc. (TalentBeat Inc.)US02/16/2015K3DES LLCAXSY Software (UK) Ltd. (formerly PayliquidMarleting UK Ltd.)Europe07/24/2015Nettitude Ltd.AzeriCard LLCEurope10/22/2015TrustwaveBalanced (formerly Pound Payments)US12/22/2014Coalfire Systems, Inc.Bambora Device AB (formerly Samport PaymentServices 5Nethost Legislation LtdBancard S.A.Latin Americ06/19/2015CYBSEC Security SystemsBanco de Crédito Social Cooperativo (BCC)Europe10/15/2015Internet Security Auditors, S.L.Bank Organization for Payments Initiated byCards Ltd (BORICA)Europe09/01/2015Security Research & Consulting GmbHBankalararası Kart Merkezi A.Ş. (BKM)Europe05/11/2015Biznet Information SystemsBankart - Procesiranje Placilnih Instrumentovd.o.o.Europe05/29/2015IBM Internet Security Systems (ISS)BankCard USA Merchant ServicesUS12/05/2014TrustwaveFriday, January 15, 2016Page 6 of 57

The MasterCard Compliant Service Provider ListA company’s name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customer’s sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any kind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standardspertaining to use of a Service Provider.As a reminder, an AOC by a QSA provides a “snapshot” of security controls in place at a point in time.Service Provider NameRegionAOC DateAssessorBanks Processing Center JSC (BPC)Europe12/16/2015InformzaschitaBank-Verlag GmbHEurope05/18/2015Security Research & Consulting GmbHBarclaycard ePDQEurope02/12/2015NTT Security Ltd.Bassilichi SpAEurope03/10/2015KIMA Projects & ServicesBayern Card-Services GmbH (BCS)Europe03/10/2015usd AGBC Victoriabank SA (JSCB Victoriabank)Europe12/15/2014TrustwaveBeanstream Internet Commerce Corp.(Beanstream Internet Commerce Inc.)Canada07/10/2015AppSec Consulting, Inc.Benefitfocus.com Inc. (Benefitfocus)US03/17/2015FortrexBigcommerce Holdings Inc. (Bigcommerce PtyLtd., Bigcommerce Inc.)Asia Pacific05/07/2015Payment Software Company (PSC)Bilesim Alternatif Dagitim Kanallari ve ÖdemeSistemleri A.S.Europe01/30/2015Biznet Information SystemsBilling System CorporationAsia Pacific11/26/2014International Certificate Authority of Mgt SystBilltrust (Factor Systems, Inc.)US03/20/2015CrimsonSecurityBlackbaud Internet ServicesUS06/03/2015Brightline CPAs & Associates, Inc.Blackbaud Payment ServiceUS02/11/2015Brightline CPAs & Associates, Inc.BluePay Processing LLCUS12/10/2014TrustwaveBluesnap Inc. (Bluesnap International Ltd)SAMEA07/24/2015Comsec Consulting, Ltd.BNY Mellon (ClearTran; Electronic ReceivablePayment Services)US08/26/2015SecurityMetricsBookingSuite (USA), Inc.US11/25/2015KalioTek, Inc.BPC Processing, LLC (formerly BPC BPS Info Solutions, Inc. (UltraCart)US08/01/2015CompliancePoint, Inc.Braintree, a division of PayPal, Inc.US03/16/2015TrustwaveBreakaway Loyalty, LLCUS12/15/2014TrustwaveFriday, January 15, 2016Page 7 of 57

The MasterCard Compliant Service Provider ListA company’s name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customer’s sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any kind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standardspertaining to use of a Service Provider.As a reminder, an AOC by a QSA provides a “snapshot” of security controls in place at a point in time.Service Provider NameRegionAOC DateAssessorBridgePay Network Solutions, Inc. (T-GatePayments)US05/15/2015A-Lign Security and Compliance ServicesBrighterionUS02/13/2015KalioTek, Inc.Brightwell Payments Inc. (formerly PrepaidSolutions Inc.)US12/26/2014Information Exchange Inc.Brinkman Financial Company, L.P.US06/26/2015K3DES LLCBuckaroo Online Payment Services B.V.Europe11/24/2014TrustwaveBusinessRalliart Inc.Asia Pacific03/25/2015International Certificate Authority of Mgt SystBuy4 Processamento de Pagamentos S.A.Latin Americ12/12/2014TrustwaveBypass Mobile, LLCUS06/29/2015SecurityMetricsBytemark, Inc.US08/31/2015SecurityMetricsC Solution SRL (PlatiOnline.ro)Europe12/09/2014Endava LTDC&K Systems, Inc.US07/10/2015Sera-BrynnCabal Brazil Ltda.Latin Americ03/30/2015TrustwaveCA-CP (Credit Agricole-Cards and Payments) POS (Payment Transaction Collecting e Access ABEurope09/28/2015TrustwaveCaledon Card ServicesCanada05/12/2015Secured Net Solutions Inc.CamisCanada11/28/2014SecureWorksCantaloupe Systems, Inc.US08/03/2015Truvantis, Inc.Capita Business Services (Capita SoftwareServices)Europe12/29/2015TrustwaveCapital Card Services, Inc.US08/13/2015TrustwaveCapital Payments LLC (Bluefin Payment Systems US/ Blue Financial Corporation)06/18/2015Coalfire Systems, Inc.Card Access Services Pty Ltd.Asia Pacific09/29/2015TrustwaveCard Corporation (Card.com)US10/31/2014K3DES LLCFriday, January 15, 2016Page 8 of 57

The MasterCard Compliant Service Provider ListA company’s name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customer’s sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any kind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standardspertaining to use of a Service Provider.As a reminder, an AOC by a QSA provides a “snapshot” of security controls in place at a point in time.Service Provider NameRegionAOC DateAssessorCardFlex Inc.US08/17/2015K3DES LLCCardFlight, IncUS04/14/2015SecurityMetricsCardGateAsia Pacific12/12/2014Securus Global ConsultingCardinal Commerce CorporationUS12/28/2015Payment Software Company (PSC)Cardlink S.A.Europe06/11/2015Encode SACardlink Services Limited (CSL) (The BPAYGroup; BPAY Pty Ltd)Asia Pacific06/19/2015BAE Systems Applied Intelligence PTY LimiteCardProcess GmbH (VR-PAY Virtuell, POSNetzbetrieb)Europe12/14/2015Security Research & Consulting GmbHCardSmith, twaveCardstream LimitedEurope08/28/2015AmbersailCardtronics Inc. (Cardtronics EFT)US05/27/2015K3DES LLCCardWorks Servicing, LLCUS05/01/2015TrustwaveCareington BenefitSolutions (CBS) (Core VSolutions, Inc., Core Five Solutions, Inc.)US12/03/2014TrustnetCarlson Hotels, Inc.US11/26/2015Coalfire Systems, Inc.Carta Solutions Processing Services Corp.Europe12/29/2015TrustwaveCartaSi S.p.A. (formerly Key Client Cards &Solutions S.p.A.)Europe06/30/2015Verizon/CybertrustCash Depot Ltd.US12/15/2014K3DES LLCCashier Live, LLCUS12/15/2014TrustwaveCashLINQ Group, LLCUS09/28/2015SecurityMetricsCatalyst Corporate Federal Credit UnionUS12/23/2015Tevora Business SolutionsCayan LLC (Capital Bankcard; AVATAS)(formerly Merchant Warehouse)US06/22/2015TrustwaveCBC Companies, Inc. (CBC Innovis, Inc. / Innovis USData Solutions, Inc., DataVerify)05/12/2015Verizon/CybertrustFriday, January 15, 2016Page 9 of 57

The MasterCard Compliant Service Provider ListA company’s name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customer’s sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any kind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standardspertaining to use of a Service Provider.As a reminder, an AOC by a QSA provides a “snapshot” of security controls in place at a point in time.Service Provider NameRegionAOC DateAssessorCDMS Merchant Services Inc.US02/04/2015Dara SecurityCDS Global Inc. (formally Communications DataServices)US02/27/2015Solutionary, Inc.CDS Global Inc. (PayDQ Gateway)US02/27/2015Solutionary, Inc.Cedar Document TechnologiesUS01/21/2015Dara SecurityCendyn (Central Dynamics)US01/30/2015SecurityMetricsCenPos Inc.US08/20/2015SecurityMetricsCentral Payment Corp (Smartpay MerchantServices)US11/30/2015Coalfire Systems, Inc.Centrum Elektronicznych Uslug Platniczych(eService SA)Europe04/15/2015SC2LabsCentrum Rozliczeń Elektronicznych PolskieePłatności S.A. (PeP)Europe04/02/2015Sysnet Ltd.CenturyLink Hosted Storage and Backup Services US06/26/2015Coalfire Systems, Inc.Cerdo Bankpartner ABEurope06/29/2015Cybercom GroupCertain Software, Inc.US11/07/2014Coalfire Systems, Inc.Certitrade ABEurope07/08/2015FortConsult A/SCetrel a SIX Group CompanyEurope07/10/2015IT WorksCharge Anywhere, LLC (Comstar Interactive)US03/27/2015CompliancePoint, Inc.Chargify, LLCUS02/06/2015Brightline CPAs & Associates, Inc.Chase Paymentech Solutions, LLC.US02/27/2015TrustwaveCheckout Technology LimitedEurope09/01/2015Sysnet Ltd.ChinaPay e-payment Service Co.,Ltd.Asia Pacific12/23/2015atsec (Beijing) Information Technology Co., LChronopay Services LLCEurope09/07/2015Security Research & Consulting GmbHCitrus Payment Solutions Pvt Ltd.SAMEA04/20/2015ControlCaseCJSC PC "CardStandard" (Previously WestSiberian Processing Center)Europe12/15/2015Compliance Control Ltd.Clear Choice Merchant Services (ClearGate)US06/26/2015Information Exchange Inc.Friday, January 15, 2016Page 10 of 57

The MasterCard Compliant Service Provider ListA company’s name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Prov

ACCEO Solutions Inc. Canada 11/06/2015 Trustwave Acceptiva, LLC US 03/30/2015 Trustwave Accertify, Inc. US 06/05/2015 Halock Security Labs Accesso, LLC US 05/29/2015 Trustwave Acculynk Inc. (PaySecure, PayLeap, Payzur) US 04/20/2015 Information Exch