Trustwave Merchant Validation/Certification Portal
Trustwave is a leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper® compliance management software and other proprietary security solutions.
Trustwave has helped thousands of organizations—ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers—manage compliance and secure their network infrastructure, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, Asia and Australia. For more information, visit
Trustwave has partnered with Sage Payment Solutions in order to bring their services to a broader base of merchants in a cost-effective manner. The partnership is simply an alignment of a mutual goal: To help merchants become PCI-DSS compliant. The role of Trustwave as a QSA and Sage Payment Solutions as a Merchant Acquirer (credit card processor) have not changed as a result of this partnership. Trustwave is required to continue to meet their QSA responsibilities in accordance with the PCI SSC requirements, and Sage Payment Solutions must ensure all of our merchants are PCI-DSS certified. NOTE: Sage Payment Solutions has no means or ability to interfere or otherwise influence Trustwave in regard to any requirements or actions necessary for them to administer and validate any merchant to the PCI-DSS.
The Sage Payment Solutions-Trustwave Partnership
In order to better service our merchant base, Sage Payment Solutions researched approved Qualified Security Advisor’s (QSA's) to determine if the size of our merchant base could yield benefits to our merchant customers.
We partnered with Trustwave to provide PCI-DSS services to our merchant base this year (and going forward) for a number of reasons:
Trustwave created a PCI-DSS wizard that (depending on how you answer) provided merchants with a means to shorten the questionnaires (Self Assessment Questionnaire – SAQ) by not having to answer questions that do not pertain to them.
Trustwave provides a downloadable executable (TrustKeeper Agent) that can scan the merchant’s internal system and help populate some of the SAQ. In addition, the TrustKeeper Agent runs monthly to continue to help alert merchants to potential issues that may not have been present during the last scan. Again, this service is part of the base PCI-DSS annual fee.
The size of our merchant base enabled Sage Payment Solutions to provide a discount over the generally available pricing currently in the market.
Sage Payment Solutions negotiated a discounted fee for a service that retails between $100-200+. As PCI-DSS certification is required by all merchants each year, we feel confident that the service cannot be found elsewhere for less, nor can the features/benefits of the service be matched.
That said, there are many approved Qualified Security Advisors (QSA's) and should any Sage Payment Solutions merchant wish to source PCI-DSS services with any of these QSA's, Sage Payment Solutions will refund $40 of the $75 fee charged to your account. $10 of the base fee charged will be used to offset the cost of a Compliance Representative having to verify the PCI-DSS certificate with an alternate QSA and the remaining $25 will be used to provide each merchant account with up to $50,000 in Breach Coverage.
Questions or concerns regarding the PCI program may be directed to
. [email protected]