CTOPAY Validated PCI DSS Compliant by Trustwave

HONG KONG and CHICAGO, IL--(Marketwire - December 17, 2008) - Ctopay, a global online payment service provider, has announced compliance with the Payment Card Industry Data Security Standard (PCI DSS). Trustwave, the leading provider of on-demand data security and payment card industry compliance management solutions to businesses and organizations throughout the world, performed the PCI DSS compliance validation.

PCI DSS is the payment card industry security requirement for entities that process, transmit and/or store cardholder data, and has been endorsed by all the major card brands -- Visa Inc., MasterCard Worldwide, Discover Network, American Express and JCB. Under the PCI DSS, payment service provider compliance requirements are segmented into three levels based on the number of transactions processed and/or transmitted annually.

To validate compliance with the PCI DSS, Ctopay had to demonstrate compliance with 12 stringent security requirements by thoroughly reviewing its IT environment and information security policies and procedures. To maintain their compliance, Ctopay has enrolled in Trustwave's on-demand compliance management solution, TrustKeeper® to have the necessary tools to support on-going compliance such as quarterly network vulnerability scans.

"As a payment service provider, we need to maintain a secure environment not only for our business, but also to ensure the security of our merchants who use our services globally to process e-payments," says Wiky Ding, chief technology officer at Ctopay. "Security of cardholder data is a priority for our organization and Trustwave has helped us achieve the highest compliance standard."

"Ctopay is taking a leadership role by securing their environment to protect every transaction they process," says Robert J. McCullen, chairman and CEO of Trustwave. "Trustwave's full suite of compliance solutions has increased Ctopay's network security capabilities, creating a more secure environment for themselves and their customers."

"By working with Trustwave, Ctopay is taking the necessary steps to secure payment practices as an integral part of their business," says Sophia Chen, director of Northern Asia Pacific for Trustwave.

About Ctopay

CTOPAY is a global online payment service provider based in Hong Kong and with branches/offices in China, Europe and Africa. Ctopay is providing professional online credit card and debit card payment service with its connection to the banks in China, Japan, Korea, Europe, US and Africa. And also, with our acquiring relationship with those banks, we could provide our clients with multi-currency online payment and settlement service.

About Trustwave

Trustwave is the leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper® compliance management software and other proprietary security solutions. Trustwave has helped more than 30,000 organizations -- ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers -- manage compliance and secure their network infrastructure, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, China and Australia. For more information, visit https://www.trustwave.com.

Contact Information: MEDIA CONTACT: Wiky Ding Ctopay +86 138 233 929 12 Michelle Genser Trustwave +1 312 873 7288