8/21/2019 SP Post List

1/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any kind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standardspertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

1&1 Internet AG (1&1, 1&1 ipayment,ipayment.de)

05/12/2014 Security Research & Consulting GmbHEurope

1Link (Guarantee) Limited 11/22/2013 TrustwaveSAMEA

1stPayGateway 06/20/2014 IBM Internet Security Systems (ISS)US2000Charge Inc. 07/03/2013 Information Exchange Inc.US

24 Solutions AB 06/12/2014 CryptoNet SrlEurope

2C Processor USA, LLC 02/25/2014 Information Exchange Inc.US

2C2P Pte., Ltd. 01/06/2014 TrustwaveAsia Pacific

3 Delta Systems, Inc. 08/11/2014 FortrexUS

3Cinteractive, LLC 08/08/2014 Online EnterprisesUS

3dCart (Informat 2000 Corp) 02/06/2014 SecurityMetricsUS

5th Dimension, LLC 02/15/2014 K3DES LLCUS

888 US Ltd (for the Delaware & New-Jersey &Nevada sites) (888 US Ltd, 888 Liberty, 888

Atlantic, 888 Holdings, Cassava, Dixie)

12/15/2013 GRSee ConsultingUS

888extramoney.com (Extrameasures) 05/27/2014 Coalfire Systems, Inc.US

A6IT Ltd. 06/26/2013 Kyte Consultants, Ltd.Europe

ABC Financial Services, Inc. 06/20/2014 Coalfire Systems, Inc.US

Abtran Ltd. 10/01/2013 RitsEurope

Acadaca, LLC 03/10/2014 FortrexUS

Monday, September 15, 2014 Page 1 of 5

8/21/2019 SP Post List

2/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

Accel Networks 03/19/2014 TrustwaveUS

Accelerated Payment Technologies: a division of

Global Payments Direct, Inc.

07/30/2014 Payment Software Company (PSC)US

Accellence (Thailand) Ltd. 08/24/2014 Atos Worldline (Malaysia) Sdn BhdAsia Pacific

Accelya Madrid - Vivaldi Product 12/30/2013 TrustwaveEurope

ACCEO Solutions Inc. 08/27/2014 Trustwave

Acceptiva, LLC 03/06/2014 TrustwaveUS

Accertify, Inc. 06/06/2014 Halock Security LabsUS

Accesso, LLC 03/06/2014 TrustwaveUS

AccountNow/Ready Financial Group 08/06/2013 TrustwaveUS

Accullink Inc. (Acculynk, Inc.) 02/06/2014 TrustwaveUS

ACI Worldwide (eps) AG 12/16/2013 Solutionary, Inc.Europe

ACI Worldwide, Inc. - eCommerce Division -Columbus (ORCC-Columbus)

10/02/2013 TrustwaveUS

ACI Worldwide, Inc. - eCommerce Division -Parsippany (ORCC - eCommerce ParsippanyDivision)

10/01/2013 TrustwaveUS

ACI Worldwide, Inc. (PRM, Retail On Demand,and Postilion Retail Environments)

12/27/2013 TrustwaveUS

Active Network (Infospherix, ReserveWorld,AWO)

12/09/2013 K3DES LLCUS

Adaptive Payments, Inc. 11/15/2013 403 Labs, LLCUSAdflex Limited 05/14/2014 Evolution LTDEurope

Aditya Birla Minacs Worldwide Inc. 07/12/2013 TrustwaveCanada

Advam Pty Ltd. 01/30/2014 Securus Global ConsultingAsia Pacific

Advent Financial 11/04/2013 DirectDefenseUS

Adyen B.V. 07/09/2014 TrustwaveEurope

Aegis USA, Inc. 06/16/2014 K3DES LLCUS

Monday, September 15, 2014 Page 2 of 5

8/21/2019 SP Post List

3/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

Affiliated Acceptance Corporation 10/11/2013 TrustwaveUS

Affina, LLC (HGS-USA) 01/24/2014 Coalfire Systems, Inc.US

Affinion Benefits Group 12/27/2013 TrustwaveUS

Affinion International 10/22/2013 TrustwaveEurope

Affinity Solutions 12/10/2013 Coalfire Systems, Inc.US

Agilysys NV LLC 07/30/2014 Coalfire Systems, Inc.US

Aimia Proprietary Loyalty Canada Inc. -Enhancement Services

06/19/2014 K3DES LLCCanada

Aimia Proprietary Loyalty U.S. Inc. (formerlyCarlson Marketing Group)

05/28/2014 ControlCaseUS

Airline Reporting Corporation (ARC) 11/08/2013 Brightline CPAs & Associates, Inc.US

Aizan Technologies Inc. 09/30/2013 DatassurantCanada

Akamai Technologies Inc. 07/22/2014 NeohapsisUS

Alacriti, Inc. 01/24/2014 Foresite MSP, LLCUS

Alaska Option Services Corporation 04/10/2014 K3DES LLCUS

Alegeus Technologies, LLC 05/05/2014 TrustwaveUS

Alert Communications Ltd. 06/23/2014 Kyte Consultants, Ltd.Europe

Aliaswire, Inc. 11/25/2013 Foresite MSP, LLCUS

Alliance Data - Retail Services 11/19/2013 Verizon/CybertrustUS

Allied Wallet Ltd. (GTBill, Baltic Bill) 04/06/2014 TrustwaveUS

Allus Global BPO Center 02/06/2014 Trustwave

Alorica 12/03/2013 K3DES LLCUS

Alpha Card Services Inc. 10/18/2013 Information Exchange Inc.US

Altapay Denmark (formerly Pensio A/S) 08/30/2014 FortConsult A/SEurope

Altech Card Solutions, a division of Altech Data(Pty) Limited

02/26/2014 TrustwaveSAMEA

Altech NuPay 04/16/2014 Sysnet Ltd.SAMEA

Monday, September 15, 2014 Page 3 of 5

8/21/2019 SP Post List

4/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

AMARA Tech (Pty) Ltd. 10/30/2013 Sysnet Ltd.SAMEA

Amazon Web Services, LLC 07/31/2014 Coalfire Systems, Inc.US

Amazon.com, Inc. 05/29/2014 Coalfire Systems, Inc.US

American Bancard, LLC (Touchsuite) 01/10/2014 Enterprise Risk ManagementUS

American Data Technology Inc. 04/25/2014 Specialized Security Services, Inc.US

Americaneagle.com (Svanaco, Inc.) 10/24/2013 FortrexUS

Anderson Zaks Ltd. 01/09/2014 2-sec Ltd.Europe

AOC Solutions, Inc. 10/01/2013 FortrexUS

AOL Inc. 11/25/2013 IOActive, Inc.US

APCO Limited 07/10/2013 Kyte Consultants, Ltd.Europe

Aperia Solutions (formerly Data Delivery Services,Inc.)

04/30/2014 Coalfire Systems, Inc.US

Apriva, LLC (formerly APPSware Wireless, LLC) 08/25/2014 Brightline CPAs & Associates, Inc.US

Arab Financial Services B.S.C. 05/16/2014 SISA Information Security Pvt. Ltd.SAMEA

Area101, Inc 10/02/2013 Security Horizon, Inc.US

Arena Plus LTD 04/01/2014 Comsec Consulting, Ltd.Europe

Argus Payments Inc. 12/13/2013 403 Labs, LLCUS

Aria Systems, Inc. 12/19/2013 TrustwaveUS

Arise Virtual Solutions 05/31/2014 Online EnterprisesUS

Armenian Card CJSC (ARCA) 08/23/2013 InformzaschitaEurope

Artez Interactive 12/15/2013 ControlCaseCanada

Arvato Distribution GmbH 01/07/2014 TUV SUD Management Service GmbHEurope

Arvato Finance Services Ltd. 04/07/2014 TUV SUD Management Service GmbHEurope

Ashburn International 12/06/2013 FortConsult A/SEurope

AsiaPay (Hong Kong) Limited 02/27/2014 TrustwaveAsia Pacific

ASJ Inc. 06/06/2014 Verizon/CybertrustAsia Pacific

Monday, September 15, 2014 Page 4 of 5

8/21/2019 SP Post List

5/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

Asseco SEE d.o.o. 07/01/2014 VOC-Consultancy BVEurope

Asseco SEE Teknoloji A. (formerly Elektronik

Sanal Ticaret Bilisim Hizmetieri A.S. (EST A.S.))

03/14/2014 Evolution LTDEurope

ASSIST.Technology (LLC) (formerly ModernPayment Solutions Ltd.)

05/03/2014 Security Research & Consulting GmbHEurope

AT&T Managed Services Security Event andThreat Analysis (SETA)

11/15/2013 TrustwaveUS

AT&T Hosted Integrated Contact Services (AT&THICS)

09/13/2013 TrustwaveUS

AT&T Managed Firewall Service - Premise Based 07/15/2014 TrustwaveUS

AT&T Managed Hosting and Application Services 10/21/2013 TrustwaveUS

AT&T Managed Services - AT&T Content

Delivery Network (ACDN)

07/15/2014 TrustwaveUS

AT&T Managed Services - AT&T EncryptionServices (AES)

10/16/2013 TrustwaveUS

AT&T Managed Services - AT&T Network BasedIP VPN Remote Access Service/AT&T VPNTunneling Service (ANIRAIAVTS)

05/09/2014 TrustwaveUS

AT&T Managed Services - AT&T Virtual PrivateNetwork Service (AVPN)/Enhanced VirtualPrivate Network (EVPN)/Private NetworkTransport (PNT)

07/15/2014 TrustwaveUS

AT&T Managed Services - Intrusion DetectionServices & Intrusion Prevention Services

(IDS/IPS)

06/28/2013 TrustwaveUS

AT&T Managed Services - IP Telephony and LANServices (IPT/LS)

07/15/2014 TrustwaveUS

AT&T Managed Services - Managed RouterServices (MRS)

07/15/2014 TrustwaveUS

AT&T Managed Services - Network BasedFirewall (NBFW)

07/15/2014 TrustwaveUS

AT&T Managed Services - VoiceTone/InteractiveVoice Services-Advanced Plus

07/15/2014 TrustwaveUS

Monday, September 15, 2014 Page 5 of 5

8/21/2019 SP Post List

6/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

AT&T Synaptic Compute as a Service (CaaS) 01/14/2014 TrustwaveUS

AT&T Synaptic Hosting 10/29/2013 TrustwaveUS

AT&T Synaptic Platform as a Service (PaaS) 01/22/2014 TrustwaveUS

AT&T Synaptic Storage as a Service (SaaS) 01/22/2014 TrustwaveUS

AT&T Ultravailable Storage 04/29/2014 TrustwaveUS

AT&T WiFi Services 03/10/2014 TrustwaveUS

Athenahealth, Inc. 12/09/2013 TrustwaveUS

Atlatl, Inc (First One Now, LLC; Simply EasierPayments)

10/28/2013 TrustwaveUS

ATOS Information Technology GmbH 08/15/2014 usd AGEurope

Atos Services (M) Sdn Bhd. 11/08/2013 TrustwaveAsia Pacific

ATOS Worldline (Belgium) - (Banksys) 03/14/2014 TrustwaveEurope

Atos Worldline GmbH 12/06/2013 usd AGEurope

Atos Worldline India Pvt. Ltd (Worldline E-payment Services)

01/23/2014 TrustwaveSAMEA

Atos Worldline SA (Worldline RBU3, RegionalBusiness Unit France)

09/12/2014 TrustwaveEurope

Atrada Trading Network AG 12/05/2013 TUV SUD Management Service GmbHEurope

Auchan, LLC 11/29/2013 InformzaschitaEurope

AudienceView Ticketing Corporation 07/30/2014 NCI Secured IntelligenceCanada

Auric Systems International (AppropriateSolutions, Inc.)

09/30/2013 Payment Software Company (PSC)US

Aurora Financial Systems, Inc. (AFS CardServices)

06/14/2014 403 Labs, LLCUS

Aurus Inc. 11/30/2013 K3DES LLCUS

Autonomy HP (LiveVault) 11/25/2013 NeohapsisUS

AzeriCard LLC 06/09/2014 TrustwaveEurope

Balanced (formerly Pound Payments) 10/31/2013 Coalfire Systems, Inc.US

Monday, September 15, 2014 Page 6 of 5

8/21/2019 SP Post List

7/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

Bancard S.A. 07/28/2014 CYBSEC Security SystemsLatin Americ

Bank Organization for Payments Initiated by

Cards Ltd (BORICA)

07/28/2014 Security Research & Consulting GmbHEurope

Bankalararas Kart Merkezi A.. (BKM) 03/14/2014 Biznet Information SystemsEurope

Bankart - Procesiranje Placilnih Instrumentovd.o.o.

05/16/2014 IBM Internet Security Systems (ISS)Europe

BankCard USA Merchant Services 01/23/2014 TrustwaveUS

Barclaycard ePDQ 02/24/2014 NTT Security Ltd.Europe

Barclaycard SmartPay 07/31/2014 TrustwaveEurope

Bayern Card-Services GmbH (BCS) 03/10/2014 usd AGEurope

BC Victoriabank SA (JSCB Victoriabank) 11/18/2013 TrustwaveEurope

Beanstream Internet Commerce Inc. 01/13/2014 Control Gap Inc.Canada

Bendigo Community Telco 08/31/2013 K3DES LLCAsia Pacific

Benefitfocus.com Inc. (Benefitfocus) 03/27/2014 FortrexUS

BEPSA del Paraguay SAECA 04/21/2014 CYBSEC Security SystemsLatin Americ

Bescontact, Ltd. (i-free) 06/21/2013 Digital SecurityEurope

Bigcommerce Pty Ltd. (formerly Interspire Pty 05/04/2014 Payment Software Company (PSC)Asia Pacific

Bill 1st, LLC 10/30/2013 SecurityMetricsUS

Billing System Corporation 11/26/2013 International Certificate Authority of Mgt SysAsia Pacific

Billtrust (Factor Systems, Inc.) 03/07/2014 CrimsonSecurityUS

Blackbaud Internet Services 06/24/2014 Brightline CPAs & Associates, Inc.US

Blackbaud Payment Service 02/12/2014 Brightline CPAs & Associates, Inc.US

BluePay Processing LLC 09/30/2013 TrustwaveUS

Bluesnap Inc. 07/24/2014 Comsec Consulting, Ltd.SAMEA

BMI Fulfillment Services (Bluemenfield Marketing,INC)

06/01/2014 UHY Advisors TX, LLCUS

Bora Payment Systems LLC 06/25/2013 RaveneyeUS

Monday, September 15, 2014 Page 7 of 5

8/21/2019 SP Post List

8/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

BPS Info Solutions, Inc. (UltraCart) 08/01/2014 CompliancePoint, Inc.US

Braintree Payment Solutions 02/05/2014 TrustwaveUS

BridgePay Network Solutions, Inc. (T-GatePayments)

04/15/2014 A-Lign Security and Compliance ServicesUS

Brightwell Payments Inc. (formerly PrepaidSolutions Inc.)

02/05/2014 Information Exchange Inc.US

Brinkman Financial Company, L.P. 07/31/2014 K3DES LLCUS

BSG Payments Inc. (BSG Clearing LLC) 02/14/2014 TrustwaveUS

BTB Soft, Inc. 01/31/2014 Foresite MSP, LLCUS

Buckaroo Online Payment Services B.V. 09/12/2013 TrustwaveEurope

Bypass Mobile, LLC 05/23/2014 SecurityMetricsUS

Bytemark, Inc. 06/24/2014 SecurityMetrics

BZWBK SA (Bank Zachodni WBK SA) 03/14/2014 Sysnet Ltd.Europe

CA Technologies (Arcot) 03/31/2014 SISA Information Security Pvt. Ltd.US

Cabal Brazil Ltda. 02/13/2014 TrustwaveLatin Americ

Cale Access AB 06/13/2014 TrustwaveEurope

Caledon Card Services 05/30/2014 Secured Net Solutions Inc.Canada

Camis 06/27/2014 (3S) Salient Security Solutions, Inc.Canada

Cantaloupe Systems, Inc. 08/06/2014 Truvantis, Inc.US

Capita Business Services (Capita Software

Services)

11/26/2013 TrustwaveEurope

Capital Card Services, Inc. 04/27/2014 TrustwaveUS

Capital Payments LLC (Bluefin Payment Systems/ Blue Financial Corporation)

06/12/2014 403 Labs, LLCUS

Card Access Services Pty Ltd. 09/12/2014 TrustwaveAsia Pacific

Card Assets, LLC (formerly BV Card Assets) 11/01/2013 CompliancePoint, Inc.US

Card Express, Inc. 04/16/2014 Information Exchange Inc.US

Monday, September 15, 2014 Page 8 of 5

8/21/2019 SP Post List

9/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

CardConnect (formerly Princeton PaymentsSolutions, LLC)

09/19/2013 SecurityMetricsUS

CardFlight, Inc 04/18/2014 SecurityMetrics

Cardinal Commerce Corporation 12/11/2013 Payment Software Company (PSC)US

Cardlink S.A. 05/14/2014 Encode SAEurope

Cardlink Services Limited (CSL) (The BPAYGroup; BPAY Pty Ltd)

06/24/2014 Securus Global ConsultingAsia Pacific

Cardpay Inc. 08/20/2013 Vectra CorporationAsia Pacific

CardProcess GmbH (VR-PAY Virtuell, POS-Netzbetrieb)

10/14/2013 Security Research & Consulting GmbHEurope

CardSmith, LLC 08/08/2013 TrustwaveUS

CardSpring 10/29/2013 TrustwaveUS

Cardstream Limited 09/13/2013 AmbersailEurope

Cardtranz 04/03/2014 TrustwaveUS

CardWorks Servicing, LLC 02/12/2014 TrustwaveUS

Carlson Hotels, Inc. 11/18/2013 Coalfire Systems, Inc.US

Carta Solutions Processing Services Corp. 07/26/2013 TrustwaveCanada

CartaSi S.p.A. (formerly Key Client Cards &Solutions S.p.A.)

06/30/2014 Verizon/CybertrustEurope

Cartera Commerce LLC (formerly VesdiaCorporation)

06/17/2013 NeohapsisUS

Cashier Live, LLC 11/15/2013 TrustwaveUS

CashLINQ Group, LLC 07/17/2014 SecurityMetricsUS

Cashtronics Ltd. 08/19/2013 Kyte Consultants, Ltd.Europe

C-CARD 01/29/2014 Verizon/CybertrustEurope

CDS Global Inc. (PayDQ Gateway) 11/26/2013 Solutionary, Inc.US

Cedar Document Technologies 01/14/2014 Foresite MSP, LLCUS

Cendyn (Central Dynamics) 01/29/2014 SecurityMetricsUS

Monday, September 15, 2014 Page 9 of 5

8/21/2019 SP Post List

10/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

CenPos Inc. 08/26/2014 Enterprise Risk ManagementUS

Centrum Rozlicze Elektronicznych Polskie

ePatnoci S.A. (PeP)

03/31/2014 IBM Internet Security Systems (ISS)Europe

Certain Software, Inc. 09/09/2013 Coalfire Systems, Inc.US

Certified Payments 04/03/2014 TrustwaveUS

Cetrel a SIX Group Company 07/15/2014 IT WorksEurope

CGI Bank and Card Services 04/16/2014 TrustwaveEurope

Charge Anywhere, LLC (Comstar Interactive) 04/28/2014 TrustwaveUS

Chargify, LLC 01/24/2014 Brightline CPAs & Associates, Inc.US

Checkout Technology Limited 09/05/2014 Sysnet Ltd.Europe

China Unionpay Data Services Co., Ltd

(CUPData)

02/18/2014 TrustwaveAsia Pacific

Chip Card a.d 05/16/2014 VOC-Consultancy BVEurope

ChronoPay B. V. 06/30/2014 Security Research & Consulting GmbHEurope

Cintas Document Management - Shredding(Shred-it USA LLC)

07/31/2014 Crowe Horwath LLPUS

Civica UK Ltd 07/29/2014 TrustwaveEurope

CJSC Cyberplat 05/26/2014 Sysnet Ltd.Europe

CJSC PC "CardStandard" (Previously WestSiberian Processing Center)

02/19/2014 TrustwaveEurope

Clear Choice Merchant Services (ClearGate) 07/10/2014 Information Exchange Inc.US

Clearent 04/30/2014 Coalfire Systems, Inc.US

ClearTran 06/20/2014 SecurityMetricsUS

Cleverbridge AG 02/11/2014 Security Research & Consulting GmbHEurope

CNHC, LLC (ePay Healthcare) 01/15/2014 403 Labs, LLCUS

Cobalt Telephone Technologies 05/06/2014 TrustwaveEurope

Cobre BEM-WortdPay 08/29/2014 Sysnet Ltd.Latin Americ

Monday, September 15, 2014 Page 10 of 5

8/21/2019 SP Post List

11/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

CoKinetic Systems India Pvt Ltd 03/07/2014 SISA Information Security Pvt. Ltd.SAMEA

CollegeNET 03/26/2014 Coalfire Systems, Inc.US

Columbus Data Services LLC (CDS) (Innovus) 01/15/2014 K3DES LLCUS

Comdata Inc. 10/11/2013 K3DES LLCUS

CommerceGate Ireland Ltd. 06/24/2014 TrustwaveEurope

CommuniGate GmbH 01/15/2014 usd AGEurope

Compass Plus Ltd. 10/15/2013 TrustwaveEurope

Complete Merchant Solutions 03/11/2014 SecurityMetricsUS

Complete Payment Systems (Latvia) 10/15/2013 NTT Security Ltd.Europe

Comprise Technologies, Inc. 03/12/2014 403 Labs, LLCUS

Computer Services, Inc. 07/18/2014 Crowe Horwath LLPUS

Computercentrum C.van de Velden B.V. (CCVHolland)

03/03/2014 TUV SUD Management Service GmbHEurope

CompuTop Wirtschaftsinformatik GmbH 03/24/2014 TUV SUD Management Service GmbHEurope

Conductor Tecnologia S/A 01/31/2014 Cipher InformaticaLatin Americ

Confederacion Espanola de Cajas de Ahorros(CECABANK)

05/31/2014 S21sec Gestion, S.A.Europe

Connexions Loyalty Travel Solutions (CLTS) 10/17/2013 TrustwaveUS

Connextions, Inc. 06/21/2013 TrustwaveUS

Consorcio Credicard C.A. 11/01/2013 IQ Information QualityLatin Americ

Consorcio de Tarjetas Dominicanas, S.A.(Cardnet.com)

04/30/2014 AT&T Consulting Solutions, Inc. (Verisign)Latin Americ

Consorzio Triveneto S.p.A. 01/16/2014 KIMA Projects & ServicesEurope

ControlScan (formerly CRE Secure PaymentsLLC)

07/15/2014 Coalfire Systems, Inc.US

Convenient Payments, LLC (formerlyGovernment Payments LLC)

12/04/2013 TrustwaveUS

Convergence Technologies, Inc. (IPPAY) 02/15/2014 403 Labs, LLCUS

Monday, September 15, 2014 Page 11 of 5

8/21/2019 SP Post List

12/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

Convergys Interaction Recording Platform 07/18/2014 FortrexUS

Convergys (Professional Tuning Services)

[formerly Convergys Intervoice]

06/17/2014 FortrexUS

Convergys CCMS 08/26/2014 FortrexUS

Convergys Encore 12/09/2013 FortrexUS

Convergys Home Agent 06/27/2014 FortrexUS

Co-Op Financial Services (CU COOPERATIVESYSTEMS, INC)

03/17/2014 Tevora Business SolutionsUS

Corduro Inc. (Corduro Processing; CorduroMerchant Services)

07/01/2014 TrustwaveUS

CoreCard Software, Inc. 10/01/2013 CompliancePoint, Inc.US

CoreCommerce 03/11/2014 TrustwaveUS

Cornerstone Group of Companies Limited 04/10/2014 The Herjavec Group Inc.Canada

Corporacion De Servvicios Financieros yAlianzas, C. por A. (Cosefi)

04/03/2014 TrustwaveLatin Americ

Corserv Holdings Inc. 08/26/2013 CompliancePoint, Inc.US

Corum Group Ltd. 08/14/2013 TrustwaveAsia Pacific

Corvus Info d.o.o 09/12/2013 TrustwaveEurope

Credencial Argentina S.A. 10/24/2013 CYBSEC Security SystemsLatin Americ

Credibanco (Asociacion Gremial De InstitucionesFinancieras Credibanco)

07/30/2013 XtrategiesLatin Americ

Credimatic S.A 12/30/2013 TrustwaveLatin Americ

Credit Card Services Inc. (BankCard Services) 12/30/2013 TrustwaveUS

Credit Europe Bank Ltd. 04/09/2014 TrustwaveEurope

Credit Guard Ltd. 06/24/2013 Comsec Consulting, Ltd.Europe

CreditCall Communications Ltd. 04/14/2014 Foregenix LimitedEurope

Credomatic of Florida, Inc. 08/30/2013 1st Secure IT, LLCUS

Croem, Inc. (Sigma Processing Group) 07/24/2014 TrustwaveUS

Monday, September 15, 2014 Page 12 of 5

8/21/2019 SP Post List

13/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

Crosskey Banking Solutions 08/08/2014 Verizon/CybertrustEurope

CSC Denmark A/S (formerly CSC Airline Solution

Denmark A/S)

08/21/2014 FortConsult A/SEurope

CSCBank SAL (CSC Lebanon) 02/11/2014 O-C GroupSAMEA

CSG Media (Content Direct) 04/10/2014 Solutionary, Inc.US

CSG Systems, Inc. - Interactive Messaging 04/30/2014 Solutionary, Inc.US

CSI Software 12/11/2013 TrustwaveUS

CSID (CSIDentity) 11/08/2013 Enterprise Risk ManagementUS

CSU Cardsystem S.A. 10/07/2013 TrustwaveLatin Americ

CT-Paiement (CT-Payment) 01/14/2014 TrustwaveCanada

Cubic Transportation Systems, Inc. (Vancouver

Compass Program)

11/01/2013 Payment Software Company (PSC)

Cvent, Inc. 08/01/2014 True Digital Security, Inc.US

CyberSource (including Authorize.Net andCyberSource Managed Hosting) (CYBS KK)

08/30/2013 TrustwaveUS

DanDomain A/S 04/18/2014 FortConsult A/SEurope

DanubePay, a.s. 05/05/2014 TrustwaveEurope

Data Oceans 08/01/2014 CompliancePoint, Inc.US

Data Paradigm, Inc. (DPI) 07/03/2014 Specialized Security Services, Inc.US

Data Stream 06/26/2014 Information Exchange Inc.US

DataCash Group Limited 08/15/2013 SecuriCentrixSAMEA

Datacom Payment Manager (Datacom Group Ltd.) 10/18/2013 Confide Ltd.Asia Pacific

DataDivider 08/25/2013 K3DES LLCUS

Dataline Systems, Inc. 12/15/2013 TrustwaveUS

DataMatx, Inc. 12/10/2013 A-Lign Security and Compliance ServicesUS

DataPipe, Inc. 10/25/2013 TrustwaveUS

Datatrans AG 05/27/2014 TUV SUD Management Service GmbHEurope

Monday, September 15, 2014 Page 13 of 5

8/21/2019 SP Post List

14/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

Datatrax Technologies, Inc. 01/24/2014 SecurityMetricsCanada

Davis + Henderson, Ltd. Partnership 09/05/2014 NCI Secured IntelligenceCanada

DAXKO, LLC 04/09/2014 Brightline CPAs & Associates, Inc.US

DeepCove Laboratories, Ltd. 08/14/2014 TrustwaveCanada

Delego Software, Inc. 04/29/2014 TrustwaveCanada

Demandware, Inc. 08/28/2014 SecurityMetricsUS

Desjardin Card Services (Fdration des caissesDesjardins du Qubec)

09/09/2013 TrustwaveCanada

DHD Media (Digital Hemisphere DevelopmentLLC)

07/09/2013 TrustwaveUS

DIBS Payments Services A/S 05/15/2014 FortConsult A/SEurope

Digit Secure India Pvt Ltd. 05/25/2014 SecuriCentrixSAMEA

Digital Payment Technologies Corp. 06/24/2014 Payment Software Company (PSC)Canada

Digital River Inc. 06/30/2014 AppSec Consulting, Inc.US

Digital River World Payments AB (a wholly ownedsubsidiary of Digital River, Inc.)

06/30/2014 AppSec Consulting, Inc.US

Dimension Data Cloud Solutions, Inc. (OpSource,Inc.)

05/29/2014 Brightline CPAs & Associates, Inc.US

Direct Insite Corp 08/22/2014 Enterprise Risk ManagementUS

Direct Mail Processors Inc. 01/30/2014 FortrexUS

Direct Payment Solutions Limited (Direct PaymentSolutions U.S. LLC) (Paymentexpress)

11/26/2013 Confide Ltd.Asia Pacific

Docdata Payments B.V. 07/23/2014 VOC-Consultancy BVEurope

Duncan Solutions (Duncan Parking TechnologiesInc.)

07/02/2014 SecurityMetricsUS

Duncan Solutions (Professional AccountManagement)

08/26/2014 SecurityMetricsUS

Dydacomp Development Corp. 03/21/2014 Brightline CPAs & Associates, Inc.US

Dzetta Processing Center 02/13/2014 Security Research & Consulting GmbHEurope

Monday, September 15, 2014 Page 14 of 5

8/21/2019 SP Post List

15/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

Easy Soft LLC 03/03/2014 Sysnet Ltd.Europe

EasyCash GmbH 05/11/2014 TrustwaveEurope

EasyPay (Pty) Ltd 04/29/2014 TrustwaveSAMEA

Ebocom, LLC (POST Integrations Inc.) 04/03/2014 Verizon/CybertrustUS

EBRC (e-Business Resilience Center) 12/03/2013 IT WorksEurope

EC Suite LLC 08/31/2013 Coalfire Systems, Inc.US

eCard Solutions Ltd. (ECS) 06/25/2014 AmbersailSAMEA

E-Complish, LLC 02/12/2014 TrustwaveUS

Econtext (Formerly Digital Garage Inc.) 11/30/2013 International Certificate Authority of Mgt SysAsia Pacific

ECSC Limited 04/16/2014 O-C GroupEurope

Edenred USA (Wired Commute, CommuterCheck Services Corp, Edenred USA/North

America)

07/12/2013 Compass IT ComplianceUS

EdgeCast Networks, Inc. 03/31/2014 Tevora Business SolutionsUS

Edgil Associates, Inc 01/31/2014 Foresite MSP, LLCUS

EDPS (Electronic Data Processing Source SA) 09/13/2013 O-C GroupEurope

EFT Canada Inc. 08/26/2013 DatassurantCanada

EFTEX Pty Ltd 01/08/2014 Witham LaboratoriesAsia Pacific

Eigen Development, LTD. 10/08/2013 Payment Software Company (PSC)Canada

Elan Financial Services - Core Services 04/14/2014 TrustwaveUS

Elavon (Formerly Southern Datacomm) 09/12/2013 Verizon/CybertrustUS

Elavon Global Card Services 05/30/2014 Verizon/CybertrustUS

Elavon Merchant Services Europe 04/30/2014 Verizon/CybertrustUS

Elavon NA (formerly NOVA) 05/30/2014 Verizon/CybertrustUS

Electracard Services Private Limited 09/10/2013 Verizon/CybertrustSAMEA

Electronic Funds Source, LLC (EFS -Chanhassen, MN)

12/18/2013 Lattimore, Black, Morgan and Cain, P.C.

Monday, September 15, 2014 Page 15 of 5

8/21/2019 SP Post List

16/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

Electronic Funds Source, LLC (EFS - Ogden, UT) 12/18/2013 Lattimore, Black, Morgan and Cain, P.C.US

Electronic Merchant Systems (OH based) 03/26/2014 TrustwaveUS

Electronic Payment Exchange (EPX) (PhoenixPayment Systems, Inc.)

05/05/2014 Payment Software Company (PSC)US

Electronic Payments, Inc. (NY) 07/30/2013 Information Exchange Inc.US

Electronic Processing Services, LLC 05/20/2014 Information Exchange Inc.US

Electronic Transaction Systems Corporation (ETSCorp)

09/05/2014 Verizon/CybertrustUS

Element Payment Services Inc. 10/17/2013 SecurityMetricsUS

Emdeon 01/31/2014 Lattimore, Black, Morgan and Cain, P.C.US

Emerging Markets Payments (EMP) (formerlyMediterranean Smart Cards Company)

12/06/2013 TrustwaveSAMEA

Emerging Markets Payments Jordan (EMP-J) 01/28/2014 TrustwaveSAMEA

Enacomm, Inc. 02/24/2014 True Digital Security, Inc.US

Endeavour Internet Business Solutions Ltd. (EIBS) 05/08/2014 Odyssey Consultants LimitedEurope

eNett International (Singapore) Pte. Ltd. 11/01/2013 Securus Global ConsultingAsia Pacific

enStage Software Pvt Ltd. 07/04/2013 Stickman ConsultingSAMEA

Envoy Services Sweden AB 10/28/2013 FortConsult A/SEurope

EOS Payment Solutions GmbH 08/20/2014 TUV SUD Management Service GmbHEurope

Epay.bg 09/27/2013 TrustwaveEurope

Epicor Retail Solutions Corporation 03/14/2014 TrustwaveCanada

Epicor Software Solutions 05/23/2014 TrustwaveUS

Epoch.com, LLC 11/15/2013 ProtivitiUS

eProcessing Network, LLC 04/08/2014 TrustwaveUS

EPS LT, UAB (formerly Universalios ValdymoSistemos (UVS Lithuania))

12/20/2013 TrustwaveEurope

Equens SE 03/27/2014 Noordbeek B.V.Europe

Monday, September 15, 2014 Page 16 of 5

8/21/2019 SP Post List

17/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

Equens SE (Italy) - Acquirer and Issuer 08/08/2014 Noordbeek B.V.

Ernex 07/18/2013 TrustwaveCanada

Escalion S.a.r.l. (Escalion) 11/15/2013 NTT Security Ltd.Europe

Ethoca Ltd. 08/08/2014 Sysnet Ltd.Canada

Euro Payment Group GmbH 10/08/2013 TUV SUD Management Service GmbHEurope

Euro-Information 03/03/2014 TrustwaveEurope

Euronet Pakistan (PVT) Limited 05/27/2014 Risk Associates/Gaming Associates Inc.SAMEA

Euronet Services India Private Limited 08/09/2013 ControlCaseSAMEA

Euronet Worldwide, European EFT Business 06/12/2014 Security Research & Consulting GmbHEurope

EuroPayment Services S.R.L. (euplatesc.ro) 05/20/2014 Endava LTDEurope

Eventbrite 03/18/2014 Coalfire Systems, Inc.US

Evertec Latinoamrica S.A. (ATH Costa Rica,S.A.)

12/20/2013 1st Secure IT, LLCLatin Americ

EVO Merchant Services Inc. 10/21/2013 TrustwaveUS

Evolution1 04/18/2014 Compass IT ComplianceUS

Evry Card Acquiring Services 03/14/2014 FortConsult A/SEurope

EVRY Card Services AB 06/22/2014 FortConsult A/SEurope

EVRY Card Services AS 12/20/2013 FortConsult A/SEurope

Evry FD Card (EVRY AS Norge) 04/15/2014 FortConsult A/SEurope

Evry Issuing Services 10/04/2013 FortConsult A/SEurope

EVRY VINO/MAAS 01/10/2014 FortConsult A/SEurope

eWAY Europe Limited (A subsidiary of WebActive Corporation Pty Ltd in Australia)

12/06/2013 Stratsec.net RTY LTDEurope

E-xact Transactions (Canada) 05/31/2014 TrustwaveCanada

Experient, Inc. 12/06/2013 TrustwaveUS

Expert Global Solutions, Inc. (NCO Group, Inc.and APAC Customer Services, Inc.)

12/20/2013 Payment Software Company (PSC)US

Monday, September 15, 2014 Page 17 of 5

8/21/2019 SP Post List

18/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

ExpiTrans, Inc. (ET Data Processing ServicesInc.)

07/17/2013 ControlScanUS

EZ Facility.com, Inc. 09/13/2013 TrustwaveUS

Ezic, Inc. 09/13/2013 Information Exchange Inc.US

Ezidebit Pty Ltd. 08/07/2013 TrustwaveAsia Pacific

Farepayment AB 07/11/2013 TrustwaveEurope

Fast Print & System LTDA (Fast Solutions) 06/05/2014 TrustwaveLatin Americ

FBME Card Services Ltd. 12/24/2013 Nettitude Ltd.Europe

FD do Brasil Solues de Pagamento Ltda (FDBrazil)

06/12/2014 TrustwaveLatin Americ

Fexco Merchant Services (Fexco DCC (DynamicCurrency Conversion Limited))

05/10/2014 O-C GroupEurope

Fidelity Information Services - (FIS) International -EMEA-Ljubljana Branch Solvenia

07/18/2014 TrustwaveEurope

Fidelity Information Services - Electronic PaymentPresentment (FIS-EPP)

08/21/2014 TrustwaveUS

Fidelity Information Services - EZCard Charlotte,NC

04/25/2014 TrustwaveUS

Fidelity Information Services - Output SolutionsSt. Petersburg

10/21/2013 TrustwaveUS

Fidelity Information Services (FIS) - Certegy CardServices

09/13/2013 TrustwaveUS

Fidelity Information Services (FIS) - CertegyLimited 11/08/2013 TrustwaveEurope

Fidelity Information Services (FIS) - ChicagoAuthnet

01/02/2014 TrustwaveUS

Fidelity Information Services (FIS) - Chile 02/03/2014 TrustwaveLatin Americ

Fidelity Information Services (FIS) - ClearCommerce - New Berlin

06/02/2014 TrustwaveUS

Fidelity Information Services (FIS) - EFT /Payment Processing Norcross, GA

05/23/2014 TrustwaveUS

Monday, September 15, 2014 Page 18 of 5

8/21/2019 SP Post List

19/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

Fidelity Information Services (FIS) - IssuingSolutions, Debit Account, Healthcare PaymentCard and Prepaid Card Solutions

04/24/2014 TrustwaveUS

Fidelity Information Services (FIS) - ProfileOutsourcing

12/13/2013 TrustwaveUS

Fidelity Information Services (FIS) Australasia PtyPP Ltd

04/22/2014 TrustwaveAsia Pacific

Fidelity Information Services (FIS)- CardProcessing and Data Center Little Rock, AR

05/29/2014 TrustwaveUS

Fidelity Information Services (FIS) ElectronicPayments New Berlin, WI

09/13/2013 TrustwaveUS

Fidelity Information Services (FIS) PayDirectSolutions - Government (fomerly Link2Gov, Inc.)

03/15/2014 TrustwaveUS

Fidelity Information Services (FIS) Payment andSolutions Services (PSS) India

10/11/2013 TrustwaveAsia Pacific

Fidelity Information Services (FIS) RemittanceProcessing, Lisle IL.

02/03/2014 TrustwaveUS

Fidelity Information Services (FIS) RemittanceProcessing, St. Petersburg, FL.

10/14/2013 TrustwaveUS

Fidelity Information Services (FIS) SunrisePrepaid Processing

07/03/2014 IBM Internet Security Systems (ISS)US

Fidelity Information Services (FIS) WebVault 04/29/2014 TrustwaveUS

Fidelity Information Services, Inc. - OutputSolutions San Antonio

05/05/2014 TrustwaveUS

Fifth Gear 07/31/2014 TrustwaveUS

Financial Software and Systems Pvt. Ltd.(FSSNeT- Payment Gateway Services)

08/29/2013 ControlCaseSAMEA

Financial Transmission Network, Inc. 06/20/2014 TrustwaveUS

Finanz Informatik Technologie Service GmbH &Co. KG

02/14/2014 usd AGEurope

FINEXUS International Sdn Bhd 04/06/2014 TrustwaveAsia Pacific

Fintrax Teoranta 05/14/2014 TrustwaveEurope

Monday, September 15, 2014 Page 19 of 5

8/21/2019 SP Post List

20/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

FireHost Inc. 05/31/2014 Coalfire Systems, Inc.US

First American Payment Systems, LP 07/10/2014 IBM Internet Security Systems (ISS)US

First Atlantic Commerce Ltd. 03/14/2014 Coalfire Systems, Inc.Latin Americ

First Data - Concord Electronic Financial Systems(CEFS) (FD Clientline Reporting)

09/13/2013 TrustwaveUS

First Data - Concord Financial Technologies(CFT) - (First Data Prepaid Services)

09/13/2013 TrustwaveUS

First Data - Global Gateway (First Data -LinkPoint/First Data YourPay)

09/13/2013 TrustwaveUS

First Data - Government Solutions (FDGS) 09/13/2013 TrustwaveUS

First Data - Paypoint Electronic Payment Systems 09/13/2013 TrustwaveUS

First Data - RemitCo 09/13/2013 TrustwaveUS

First Data - Retail ATM Services 09/13/2013 TrustwaveUS

First Data - Secure Transport (Datawire) 09/13/2013 TrustwaveUS

First Data - Slovakia--Serbia 10/14/2013 TrustwaveEurope

First Data STAR (Networks, Processing andSystems Inc.)

09/13/2013 TrustwaveUS

First Data - TeleCheck 09/13/2013 TrustwaveUS

First Data CAC, (Processing Center, S.A.) 03/13/2014 TrustwaveLatin Americ

First Data India Pvt Ltd 04/03/2014 TrustwaveSAMEA

First Data International - China 08/29/2014 TrustwaveAsia Pacific

First Data International - Cono Sur (POSNETS.R.L)

03/11/2014 TrustwaveLatin Americ

First Data International - Deutschland (Germany) 09/10/2014 TrustwaveEurope

First Data International - Hellas (Greece) 11/01/2013 TrustwaveEurope

First Data International - Italy 11/13/2013 TrustwaveEurope

First Data International - Latvia 11/15/2013 TrustwaveEurope

First Data International - OmniPay Limited 10/29/2013 TrustwaveEurope

Monday, September 15, 2014 Page 20 of 5

8/21/2019 SP Post List

21/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

First Data International - Polska S.A. (Polcard) 05/13/2014 TrustwaveEurope

First Data International - TeleCash / First Data

Global Services

09/10/2014 TrustwaveEurope

First Data International - UAB First Data Lietuva(Lithuania)

11/15/2013 TrustwaveEurope

First Data International - United Kingdom 10/31/2013 TrustwaveEurope

First Data International ANZ (First Data ANZ; FDANZ)

09/13/2013 TrustwaveAsia Pacific

First Data Merchant Services (PaySpringMerchant Services)

09/13/2013 TrustwaveUS

First Data Resources 09/13/2013 TrustwaveUS

First National of Nebraska, Inc. (FNNI, FNBO,

FNMS Inc., SPC Inc.)

12/30/2013 TrustwaveUS

First National Technology Solutions 04/01/2014 TrustwaveUS

First Ukrainian International Bank 09/11/2014 FortConsult A/SEurope

FirstView Financial, LLC. 09/13/2013 TrustwaveUS

FIS - Biller Solution Product (SSP) 09/12/2013 TrustwaveUS

FIS - Everlink 07/30/2014 TrustwaveCanada

FIS - Merchant Acquiring and Credit CardAccount Processing Services

04/15/2014 TrustwaveUS

FIS Brazil, Fidelity Processadora e Services SA(FPS)

05/07/2014 TrustwaveLatin Americ

Fiserv - ACCEL/Exchange 04/09/2014 Payment Software Company (PSC)US

Fiserv - Advantage 08/08/2013 Payment Software Company (PSC)US

Fiserv - Bank Solutions Eastern Region AtlantaService Center Service Center

09/30/2013 Payment Software Company (PSC)US

Fiserv - Bank Solutions Precision Outsourcing 08/30/2013 Payment Software Company (PSC)US

Fiserv - Bank Solutions Premier OutsourcingWestern Region Houston & Dallas ServiceCenters

02/26/2014 Payment Software Company (PSC)US

Monday, September 15, 2014 Page 21 of 5

8/21/2019 SP Post List

22/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

Fiserv - Bank Solutions Product Management,Development and Support

07/03/2014 Payment Software Company (PSC)US

Fiserv - Biller Solutions - CheckFreePay 07/11/2014 Payment Software Company (PSC)US

Fiserv - Biller Solutions (Fiserv eBill) 12/23/2013 Payment Software Company (PSC)US

Fiserv - BillMatrix 08/30/2014 Payment Software Company (PSC)US

Fiserv - Card Services - Credit Services (Formerlyassessed as Fiserv - EFT and Fiserv - CardServices - Credit)

03/25/2014 Payment Software Company (PSC)US

Fiserv - Card Services - Debit Services 03/27/2014 Payment Software Company (PSC)US

Fiserv - CashEdge 04/30/2014 Payment Software Company (PSC)US

Fiserv - CUSA 10/24/2013 Payment Software Company (PSC)US

Fiserv - Customer Solutions 11/11/2013 Payment Software Company (PSC)US

Fiserv - Digital Channels (formerly Fiserv - E-Banklng Hillsboro)

09/16/2013 Payment Software Company (PSC)US

Fiserv - Electronic Payments (formerly FiservElectronic Banking, Biller Solutions and Itech)

10/22/2013 Payment Software Company (PSC)US

Fiserv - Enterprise Technology Group -Brookfield, WI Data Center

10/23/2013 Payment Software Company (PSC)US

Fiserv Enterprise Technology Group - John'sCreek, GA and Lewisville, TX Data Centers

09/21/2013 Payment Software Company (PSC)US

Fiserv - Galaxy 05/21/2014 Payment Software Company (PSC)US

Fiserv - Lending Solutions - Contact and Service

Center (Formerly Amherst Call Center)

03/10/2014 Payment Software Company (PSC)US

Fiserv - Lending Solutions - LoanServ 11/21/2013 Payment Software Company (PSC)US

Fiserv - Prepaid Solutions 02/21/2014 Payment Software Company (PSC)US

Fiserv - Signature Development Lake Mary 07/23/2014 Payment Software Company (PSC)US

Fiserv - Virtual Branch 12/20/2013 Payment Software Company (PSC)US

Fiserv - XP2 05/14/2014 Payment Software Company (PSC)US

Fiserv - Xroads 01/18/2014 Payment Software Company (PSC)US

Monday, September 15, 2014 Page 22 of 5

8/21/2019 SP Post List

23/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

Fiserv Bank Solutions - Cleartouch Outsourcing 09/13/2013 Payment Software Company (PSC)US

Fiserv Bank Solutions - Premier Outsourcing

Eastern Region Brookfield Service Center

08/27/2013 Payment Software Company (PSC)US

Fiserv Bank Solutions - Premier OutsourcingWestern Region Des Moines Service Center

12/18/2013 Payment Software Company (PSC)US

Fiserv India Pvt. Ltd. 07/25/2014 ControlCaseSAMEA

Fiserv OnCU 07/30/2013 Payment Software Company (PSC)US

Fiserv Output Solutions - Electronic DocumentDelivery (EDD)

02/24/2014 Payment Software Company (PSC)US

Florists Transworld Delivery, Inc 12/31/2013 Halock Security LabsUS

Forte Payment Systems (formerly ACH Direct) 01/10/2014 TrustwaveUS

Forward Information Technologies (DataPak)(LWK LLC)

04/11/2014 TrustwaveUS

FoxyCart.com, LLC 03/31/2014 Specialized Security Services, Inc.US

FreedomPay, Inc. 08/01/2014 CompliancePoint, Inc.US

Frontline Processing 06/01/2014 SecurityMetricsUS

FrontStream Payments, Inc. / FirstGiving Inc. 06/02/2014 ControlCaseUS

Fry, Inc., a Michigan corporation (MICROS-Retail) 08/22/2014 TrustwaveUS

FSV Payment Systems, Inc. 06/08/2014 K3DES LLCUS

Fujitsu America 02/28/2014 Verizon/CybertrustUS

FundsTech Corporation PTY (LTD) (FNDS3000Corp)

08/30/2013 TrustwaveSAMEA

Galileo Processing, Inc. 02/14/2014 SecurityMetricsUS

GARANTI BANKASI A.S/GARANTI TEKNOLOJI 10/11/2013 Biznet Information SystemsEurope

Gateway Ticketing Systems, Inc. 08/27/2013 FortrexUS

Gazcardservice Ltd. 10/31/2013 InformzaschitaEurope

Genesis Financial Solutions, Inc. 07/03/2014 TrustwaveUS

Monday, September 15, 2014 Page 23 of 5

8/21/2019 SP Post List

24/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

Genesys - Angel.com Division (formerlyAngel.com Incorporated and Microstrategy Inc.)

10/18/2013 FishNet SecurityUS

Genesys - SoundBite Division (formerlySoundBite Communications)

09/25/2013 Verizon/CybertrustUS

Genpact Guatemala SA 11/13/2013 ControlCaseLatin Americ

Genpact LLC Manila, Philippines (GEMA- RCF,GECA, GEMA RSF, Green Dot, Lexus Nexus,Dollar General, AstraZeneca, CITI Mortgage,Walgreen, HomeDepot, VFS Global, AETNA)

08/22/2013 ControlCaseAsia Pacific

GETNET Tecnologia em Processamento detransaes eletrnicas H.U.A LTDA

06/30/2014 Cipher InformaticaLatin Americ

Gisland Ltd. (Cassava, Brigend, 888 Holdings,Dixie, VMSI srl, 888 Spain PLC)

12/31/2013 GRSee ConsultingEurope

Global Cash Card - (World Processing Limited) 11/16/2013 Coalfire Systems, Inc.US

Global Collect Services B.V. (Global CollectServices USA)

07/01/2013 TrustwaveEurope

Global Communication Planning Co., Ltd. 06/28/2013 BSI Management Systems Japan K.K.Asia Pacific

Global Electronic Technology 04/15/2014 403 Labs, LLCUS

Global Payment Services - GPS W.L.L. 01/07/2014 SISA Information Security Pvt. Ltd.SAMEA

Global Payments - GP UK LLP. 02/20/2014 Payment Software Company (PSC)US

Global Payments Direct Inc. (Global PaymentsGlobal Service Center)

02/21/2014 Payment Software Company (PSC)US

Global Payments Europe, s.r.o. 11/08/2013 Payment Software Company (PSC)Europe

Global Processing SA 07/26/2014 TrustwaveLatin Americ

GMO Payment Gateway, Inc. (includes GMOEpsilon, Inc. environment)

12/28/2013 International Certificate Authority of Mgt SysAsia Pacific

GoConcierge.net (Innsight Reports LLC.) 01/31/2014 Accretive Solutions Operating Corp.US

GoDaddy.oom, LLC (Quick Shopping Cart) 12/13/2013 Coalfire Systems, Inc.US

GoEmerchants, LLC 06/20/2014 IBM Internet Security Systems (ISS)US

Goldmine World, Inc. (World Bankcard Services) 08/13/2013 Sysnet Ltd.US

Monday, September 15, 2014 Page 24 of 5

8/21/2019 SP Post List

25/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

Google Inc. 01/31/2014 Securisea, Inc.US

Gotham Ingedigit Financial Processing Corp.

(Power2Process, P2P)

09/13/2013 TrustwaveUS

Govolution, Inc. 06/17/2014 IBM Internet Security Systems (ISS)US

GP Net 09/30/2013 BSI Management Systems Japan K.K.Asia Pacific

Grant Street Group 01/16/2014 SecurityMetricsUS

Green Dot Corporation (Next EstateCommunications, Inc.)

10/09/2013 SecurityMetricsUS

Group ISO 04/14/2014 Foresite MSP, LLCUS

Groupon 05/13/2014 TrustwaveUS

GSI Commerce Solutions, Inc. 10/11/2013 TrustwaveUS

Guthy Renker Fulfillment Services 10/14/2013 TrustwaveUS

Hamer Enterprises 11/08/2013 SecurityMetricsUS

Handpoint ehf. (formerly Median - rafraen midlunhf.)

07/18/2014 TrustwaveEurope

Harris Connect LLC 01/27/2014 TrustwaveUS

Harte-Hanks, Inc. 09/11/2013 CyberEnsure, LLCUS

Heartland Payment Systems, Inc. 04/21/2014 Coalfire Systems, Inc.US

Helcim Inc. 07/25/2014 Secured Net Solutions Inc.Canada

Hewlett Packard (Canada) Co. - (TD Bank

Environment)

06/30/2014 ProtivitiCanada

Higher One, Inc. (CASHNet) 01/20/2014 Coalfire Systems, Inc.US

HighRadius Corporation 08/27/2014 TrustwaveUS

Hitrust Incorporated 12/20/2013 Verizon/CybertrustAsia Pacific

HostedPCI Inc. 03/12/2014 NCI Secured IntelligenceCanada

Hosting.com, Inc. 07/12/2013 TrustwaveUS

Hotelbeds Technology, S.L.U. 12/20/2013 Internet Security Auditors, S.L.

Monday, September 15, 2014 Page 25 of 5

8/21/2019 SP Post List

26/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

Hotline LLC 06/27/2014 Sysnet Ltd.Europe

HP - Enterprise Services Regional Cards and

Payments Utility

09/04/2014 TrustwaveUS

HP - Merchant Acquirer 12/30/2013 ProtivitiUS

HP Enterprise Services - Convenience Pay 08/05/2014 TrustwaveUS

HPC Heidelberger Payment Consulting GmbH 04/11/2014 usd AGEurope

Hughes Network Systems 09/25/2013 IBM Internet Security Systems (ISS)US

Humboldt Merchant Services (5967 Ventures) 06/25/2014 TrustwaveUS

Hybris Canada (formerly iCongo, Inc.) 07/22/2013 FishNet SecurityCanada

hyperWALLET Systems Inc. 10/21/2013 Bell CanadaCanada

i2c, Inc. (US, Canada, Latin America, Europe,

Asia Pac, and SAMEA)

11/01/2013 TrustwaveUS

IBM Payment Systems 10/11/2013 TrustwaveEurope

Immediate Travel Industry Switching (Pty) Ltd. 02/26/2014 Foregenix Limited

Inatec Payment AG (Inatec Solutions GmbH) 08/28/2013 Infinity Security ConsultingEurope

Industry Retail Group, Inc. 02/12/2014 Coalfire Systems, Inc.US

Inet-Cash GmbH 03/14/2014 usd AGEurope

InfoCision Management Corporation (K & LTeleservices)

08/26/2014 SecurityMetricsUS

InfoGroup 04/23/2014 Solutionary, Inc.US

InfusionSoft 07/29/2014 SecurityMetricsUS

Ingenico Iberia S.L. 09/26/2013 TrustwaveEurope

Innotrac, LLC 09/27/2013 TrustwaveUS

Insight Card Services 12/30/2013 Information Exchange Inc.US

In-Solutions Global Pvt Ltd (ISG) 03/12/2014 SISA Information Security Pvt. Ltd.SAMEA

INSOnline Limited 06/18/2014 usd AGEurope

Inspire Commerce, LLC 02/24/2014 Megaplanit, LLC

Monday, September 15, 2014 Page 26 of 5

8/21/2019 SP Post List

27/54

The MasterCard Com liant Service Provider List

Service Provider Name Region AOC Date Assessor

A companys name appears on this Compliant Service Provider List if (i) MasterCard has received a copy of an Attestation of Compliance (AOC) by aQualified Security Assessor (QSA) reflecting validation of the company being PCI DSS compliant and (ii) MasterCard records reflect the company isregistered as a Service Provider by one or more MasterCard Customers. The date of the AOC and the name of the QSA are also provided. Each AOCis valid for one year. MasterCard receives copies of AOCs from various sources.

This Compliant Service Provider List is provided solely for the convenience of MasterCard Customers and any Customer that relies upon or otherwiseuses this Compliant Service Provider list does so at the Customers sole risk. While MasterCard endeavors to keep the list current as of the date setforth in the footer, MasterCard disclaims any and all warranties of any k ind, including any warranty of accuracy or completeness or fitness for anyparticular purpose. MasterCard disclaims any and all liability of any nature relating to or arising in connection with the use of or reliance on theCompliant Service Provider List or any part thereof. Each MasterCard Customer is obligated to comply with MasterCard Rules and other Standards

pertaining to use of a Service Provider.

As a reminder, an AOC by a QSA provides a snapshot of security controls in place at a point in time.

InstaMed Communications 02/12/2014 TrustwaveUS

Integrity Payment Systems 10/01/2013 K3DES LLC

InteliSpend Prepaid Solutions 08/19/2013 IBM Internet Security Systems (ISS)US

Intelligent Payments Group (Myriad PaymentsLtd, Matrix Payments Ltd)

02/07/2014 TrustwaveEurope

Intellipay, Inc. 01/03/2014 TrustwaveUS

Interactive Communication International, Inc.(InComm) Datawave Systems, Inc.

09/28/2013 IBM Internet Security Systems (ISS)US

Interactive Transaction Solutions Limited (ITS) 11/15/2013 O-C GroupEurope

Interbancos SA 08/06/2013 TrustwaveSAMEA

InterCard AG 12/19/2013 TUV SUD Management Service GmbHEurope

INTERCEPT EFT 09/20/2013 Coalfire Systems, Inc.US

Interface Security Systems 03/25/2014 SecurityMetricsUS

Interface Technologies (Reservit) 06/10/2014 XMCO PartnersEurope

International Automated Transaction Services(IATS)

08/24/2014 IBM Internet Security Systems (ISS)US

International Bancard Corporation 11/08/2013 Information Exchange Inc.US

International Card Processing Services Ltd.(ICPS) (Mauritius Commercial Bank Ltd. (MCB))

08/07/2013 ControlCaseSAMEA

International Card Systems AD (Casys) 06/23/2014 TUV SUD Management Service GmbHEurope

International Commerce Solutions, Inc. 09/11/2013 SecurityMetricsUS

International Payment Solutions (Shanghai) LTD. 02/05/2014 TrustwaveAsia Pacific

Internet Payment Exchange, Inc. (IpayX) 07/22/2014 Megaplanit, LLCUS

Internet Payment Service, Inc. (IPS) 02/20/2014 BSI Management Systems Japan K.K.Asia Pacif