BEDFORD, Mass., Jan. 25, 2011 (GLOBE NEWSWIRE) -- SoundBite Communications, Inc. (Nasdaq:SDBT), a leading provider of on-demand, multi-channel proactive customer communications, today announced its re-certification as a Level 1 Service Provider compliant with the Payment Card Industry Data Security Standard (PCI DSS). This marks the third consecutive year that SoundBite has been PCI certified as a Level 1 service provider. The full list of service providers is available here.
PCI DSS is the industry standard for any merchant or service provider to process, store, or transmit cardholder data. Organizations that outsource the processing of cardholder information including financial institutions, credit card issuers, retailers and other secure enterprises require that their service providers go through the rigorous PCI certification process. These organizations may fall out of compliance themselves if they do business with non-certified service providers.
Level 1 service providers, such as SoundBite, must successfully undergo a stringent, on-site PCI data security assessment conducted by an independent Qualified Security Assessor. This is the most rigorous level of validation available under the PCI Data Security Standard. In order to achieve PCI certification, a service provider must demonstrate that it has information security controls, procedures and technology in place that effectively meet all of the PCI requirements across 12 control areas. Consistently achieving PCI recertification year after year requires operational maturity and continued evidence of success within an information security program.SoundBite's Information Security Program is based on industry best practices and recognized standards such as ISO 27002 and NIST 800-53, and includes an annual PCI recertification process. This comprehensive approach ensures that safeguards are in place to protect information entrusted to SoundBite by all of its clients, not only those with a requirement for PCI certification. "Businesses have zero tolerance for exposing their customers to increased threats of credit card fraud and identity theft," said John Nye, Director of Information Security and Compliance at SoundBite Communications. "The only way for an organization to demonstrate publicly that it is PCI compliant is to achieve PCI certification as validated by a Qualified Security Assessor. A comprehensive information security program that includes this stringent PCI certification process helps businesses reduce their risks and maintain their PCI compliance."