News Releases

DerbySoft Validated PCI DSS Compliant by Trustwave

Written by | Mar 16, 2010 6:19:00 PM

CHICAGO and SHANGHAI (March 16, 2010) - DerbySoft, a Shanghai-headquartered technology company serving hotels and the hospitality industry, has been validated compliant with the Payment Card Industry Data Security Standard (PCI DSS). Trustwave, the leading provider of on-demand data security and payment card industry compliance management solutions to businesses and organizations throughout the world, performed the validation.

PCI DSS is the payment card industry security requirement for entities that store, process or transmit cardholder data, and has been endorsed by all the major card brands - Visa Inc., MasterCard Worldwide, Discover Network, American Express and JCB.

As a payment gateway provider for hotels and the hospitality industry, DerbySoft had to demonstrate compliance by thoroughly reviewing its physical access controls, IT environment and information security policies and procedures. To maintain their compliance, DerbySoft has enrolled in Trustwave's on-demand compliance management solution, TrustKeeper® to access the necessary tools to support on-going compliance such as quarterly network vulnerability scans. Additionally, DerbySoft has passed an internal penetration test, which ensures adequate controls are in place for any person with access to the internal corporate LAN/WAN environment.

"As a leading payment gateway, it was critical that we secure our processes and network environment," says Feng Ou, CTO at DerbySoft. "Trustwave's proprietary technology helped us secure our organization, ensure our customer's data was protected and maintain our compliance with the PCI DSS."

"The hospitality industry has seen a dramatic increase in targeted attacks that aim to obtain consumer cardholder data," says Robert J. McCullen, chairman and CEO of Trustwave. "Validating compliance with the PCI DSS demonstrates DerbySoft's commitment to help ensure their customer's information is protected."

"By leveraging Trustwave's leading security technology and services, DerbySoft was able to achieve PCI DSS compliance validation, reinforcing their leadership in the marketplace," says Sophia Chen, director of Northern Asia Pacific for Trustwave.

About DerbySoft
Founded in Shanghai in 2002, DerbySoft is a leading technology company serving the hospitality and travel industries. It has a growing team of 150 members with offices in Shanghai, Beijing, Guangzhou, Chengdu and the U.S. DerbySoft has developed and now operates the connecting service for thousands of large international and domestic chain hotels including Hilton, IHG, BTG-Nikko Hotels, Jinling Hotel Group, CTS Hotels and others as well as OTAs, such as Booking.com, Hotel.de, Agoda ect. For more information please visit www.derbysoft.com.

About Trustwave

Trustwave is a leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper® compliance management software and other proprietary security solutions including SIEM , WAF , EV SSL certificates  and secure digital certificates . Trustwave has helped hundreds of thousands of organizations-ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers-manage compliance and secure their network infrastructures, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, Asia and Australia. For more information, visit https://www.trustwave.com/en-us/.