VeriSign Achieves Three Industry Security Certifications for Payments Services Compliance With Visa CISP, MasterCard SDP and AICPA SAS70 from VeriSign, Inc.

You Are Here: US Home > About VeriSign > News and Events > News Archive > U.S. Press Releases: 2005 > Press Release

News & Events

VeriSign Achieves Three Industry Security Certifications for Payments Services Compliance With Visa CISP, MasterCard SDP and AICPA SAS70 

Underscore The VeriSign Commitment To Providing Merchants With Strongest Security Possible

MOUNTAIN VIEW, CA. – April 26, 2005 - VeriSign, Inc. (Nasdaq: VRSN), the leading provider of intelligent infrastructure services for the Internet and telecommunications networks, today announced that it has achieved compliance with three highly coveted industry certifications:  The Visa Cardholder Information Security Program (CISP), MasterCard Site Data Protection (SDP) program and the American Institute of Certified Public Accountant’s (AICPA) Statement of Auditing Standards #70 (SAS70).  Each certification underscores a strong VeriSign commitment to making security a central focus of its development efforts and protecting the safety and integrity of customer data.

In today's global economy, service organizations and providers must demonstrate that they have adequate controls and safeguards in place when they host or process customer data.  To address these needs, both Visa, MasterCard and the AICPA have established standards to protect cardholder information in all organizations that store, process or transmit data.

“The extraordinary rise in online shopping has also precipitated fraud, hacking and other malicious activity.  For consumer confidence to remain intact, merchants, and their customers, need to know their information is safe and protected.” said Trevor Healy, vice president, VeriSign Payment Services.  “These certifications serve as further proof to our 134,000 merchant customers that VeriSign takes its role in processing e-commerce transactions very seriously, taking all the steps necessary to protect essential customer data.”

Visa CISP is a set of 12 industry-wide requirements designed to protect sensitive information from being compromised.  As part of the certification process, VeriSign employed an independent, Visa-qualified, auditor to perform a thorough inspection of the VeriSign payment processing environment. This process included an intensive review of the procedures VeriSign uses to classify, access, and store sensitive information.  In addition, VeriSign performed and in-depth analysis of network and system architecture, a complete assessment of IT policies and procedures, and an on-site inspection of physical data-center facilities.

Complying with MasterCard SDP involved a two-step process.  VeriSign completed a self-evaluation of its security procedures, with a detailed analysis of its Web infrastructure, to showcase VeriSign’s compliance with MasterCard standards.  MasterCard then performed compliance testing, scanning VeriSign Payment Services solutions in a controlled environment to ascertain their viability.

The SAS70 compliance process involves a formal, in-depth report by a third party auditor that analyzes the design, implementation, and operational effectiveness of the controls that reside within a service organization. The SAS70 audit report allows service organizations to disclose their control activities and processes to customers, thus demonstrating adequate controls and safeguards are in place. The addition of Section 404 of the Sarbanes-Oxley Act make SAS70 audit reports even more important to the process of reporting effective internal controls.

VeriSign Payment Services simplify payment processing by providing a reliable, secure, and affordable way to accept payments, no matter the size of a business. VeriSign Payment Services employs a fully customizable payment platform, connected to all the major financial networks, which accepts multiple payment types such as credit card, debit card, ACH, and check. In addition, it is integrated with all major shopping carts through its software development kit.  Currently, VeriSign Payment Services processes over 37% of North American e-commerce, handling transactions for more than 134,000 merchants. 

About VeriSign 
VeriSign, Inc. (Nasdaq: VRSN) operates intelligent infrastructure services that enable businesses and individuals to find, connect, secure and transact across today’s complex global networks.  Additional news and information about the company is available at www.verisign.com.

For more information, contact: 
VeriSign Media Relations: Brendan P. Lewis, brlewis@verisign.com, 650-426-4470 
VeriSign Investor Relations: Tom McCallum, tmccallum@verisign.com, 650-426-3744

Statements in this announcement other than historical data and information constitute forward-looking statements within the meaning of Section 27A of the Securities Act of 1933 and Section 21E of the Securities Exchange Act of 1934. These statements involve risks and uncertainties that could cause VeriSign's actual results to differ materially from those stated or implied by such forward-looking statements. The potential risks and uncertainties include, among others, the uncertainty of future revenue and profitability, potential fluctuations in quarterly operating results , and increased competition and pricing pressures. More information about potential factors that could affect the company's business and financial results is included in VeriSign's filings with the Securities and Exchange Commission, including in the company's Annual Report on Form 10-K for the year ended December 31, 2004 and quarterly reports on Form 10-Q. VeriSign undertakes no obligation to update any of the forward-looking statements after the date of this press release.

# # #

Printable version
Contact Us
For media inquiries,
please contact us at
650-426-5028 or at
pr@verisign.com.
2008
2007
2006

Web Seminars