SOURCE: Lightbridge

June 29, 2005 09:00 ET

Authorize.Net Partners With AmbironTrustWave to Offer PCI Compliance

BURLINGTON, MA -- (MARKET WIRE) -- June 29, 2005 -- Authorize.Net Corporation, a service of Lightbridge, Inc. (NASDAQ: LTBG), and AmbironTrustWave, a leading provider of information security and compliance management solutions, today announced a partnership to offer Payment Card Industry (PCI) Data Security Standard compliance services to Authorize.Net's 118,000 merchants.

The PCI Data Security Standard was launched in late 2004 to unify industry security requirements for storing, processing and transmitting cardholder data. PCI encompasses the standards of Visa's Cardholder Information Security Program (CISP) and MasterCard's Site Data Protection (SDP) Program. Merchant compliance requirements are segmented into four merchant levels based on the number of transactions a merchant processes annually.

As a result of the partnership, Authorize.Net merchant clients will have access to all of the services required for validating compliance with the PCI Data Security Standard through AmbironTrustWave's TrustKeeper® solution, including:

--  PCI Questionnaire - An approved list of questions about the security
    controls on a merchant's transaction network.
--  Vulnerability Scanning - A remote scan of a merchant's transaction
    network to detect weaknesses that could be exploited by hackers or
    unauthorized third-parties.
--  Remediation Recommendations - A "Compliance Report" includes data
    gathered from the questionnaire and scan, and outlines actions required to
    address any vulnerabilities.
--  On-site Audit - Per PCI regulations, an on-site audit is required
    annually for large or "Level 1" merchants.
    
"As a leading IP based payment processor, we recognize the importance of protecting sensitive cardholder data and aggressively support industry security initiatives such as PCI compliance," commented Roy Banks, president, Authorize.Net. "We contracted with AmbironTrustWave to validate our own PCI compliance, and were impressed with their technology and process. It is our goal to provide our merchants and partners with opportunities to proactively adhere to the PCI security initiatives and standards as dictated by the credit card associations."

Added Robert McCullen, chief executive officer, AmbironTrustWave: "Although the PCI requirements are dictated by the card associations, Authorize.Net continues to elevate its payment industry leadership by offering affordable and convenient PCI compliance services to its merchant clients. The partnership between AmbironTrustWave and Authorize.Net is a great example of industry leaders working together to provide the best solutions for merchants and consumers."

Additional information on PCI requirements and merchant compliance levels can be found on Visa's Web site at: www.visa.com/cisp.

About Authorize.Net (www.authorize.net)

Authorize.Net provides secure, reliable, Internet Protocol (IP) based payment gateway solutions that enable merchants to authorize, settle and manage electronic transactions anytime, anywhere, via Web sites, retail, mail order/telephone order (MOTO) call centers and on wireless devices. Authorize.Net is sold through an extensive network of reseller partners and leading financial institutions that offer its industry leading payment services to their merchant customers. Authorize.Net is a service of Lightbridge, Inc.

About Lightbridge (www.lightbridge.com)

Lightbridge, Inc. (NASDAQ: LTBG) is a leading ecommerce, analytics and decisioning company that businesses trust to manage customer transactions. Lightbridge adds value to fraud screening, credit qualification and payment authorization. Lightbridge solutions leverage intelligent automated systems and human expertise, delivered primarily through the efficiencies and cost savings of an outsourced business model. Businesses use Lightbridge to make smarter decisions, deliver better services, provide secure payments, reduce costs and enhance the lifetime value of their customers. For more information, visit www.lightbridge.com.

About AmbironTrustWave (www.atwcorp.com)

AmbironTrustWave is a leading provider of information security and compliance management solutions to businesses in the Fortune 2000 and the public sector. The company's flagship products, TrustKeeper® and TrustMinder™, serve more than 25,000 businesses throughout the world to validate compliance with a variety of industry standards and regulations. For the payment card industry, AmbironTrustWave helps banks, merchants, service providers and software developers mitigate their risk by validating compliance with industry best practices for safeguarding information endorsed by American Express, Discover, MasterCard, Visa Canada and Visa USA. AmbironTrustWave clients include financial organizations, global electronic exchanges, educational institutions and business services firms. The company also provides services to several government agencies. AmbironTrustWave is headquartered in Chicago with offices throughout the United States.

AUTHORIZE.NET, LIGHTBRIDGE, and the Lightbridge logo are registered trademarks of Lightbridge, Inc. TRUSTKEEPER is a registered trademark and TRUSTMINDER is trademark of AmbironTrustWave. All other marks are the property of their respective owners.

Forward-looking Statements

Certain statements in this news release that are not historical facts, including, without limitation, those relating to the Company's partnerships, products, commitments, services and markets are forward-looking statements that involve risks and uncertainties. Such statements are based upon the current beliefs and expectations of the management of the Company. Actual results may vary materially from those contained in forward-looking statements based on a number of factors including, without limitation, (i) dependence on a limited number of clients, (ii) the Company's revenue concentration in the wireless telecommunications business and the declining subscriber growth rate in that business, (iii) continuing rapid change in the telecommunications industry and payment processing industries, and other markets in which the Company does business that may affect both the Company and its clients, (iv) uncertainties about the impact of partnerships on the Company's business, (v) market acceptance of the Company's new products, services and technologies (vi) the industry risks associated with Authorize.Net's business and operations including, without limitation, illegal or improper uses of Authorize.Net's payment system, changes or failures to comply with credit card association rules, governmental regulation and the application of existing laws to Authorize.Net's business and dependence on relationships with a third party payment processors, (vii) the uncertainty of future revenue, profitability and benefits from the Company's announced strategic relationships, including the relationship described herein; and (viii) factors disclosed in the Company's filings with the U.S. Securities and Exchange Commission including, without limitation, its 2004 Annual Report on Form 10-K and its most recent Quarterly Report on Form 10-Q.. The Company undertakes no obligation to update any forward-looking statements.

Contact Information