Compliance Requirements Prior to Migration:

Please be aware of your compliance obligations and furnish proof of compliance, if appropriate. The following requirements apply to all vendors and TPPs accessing a First Data platform:

Software Application Providers (vendors)

·       Software versions that are currently certified to EFSnet and not PABP or PA-DSS compliant will be grandfathered and may be migrated to the new go-forward platform; HOWEVER, any new merchants will not be boarded by First Data after October 1, 2008 unless proof of compliance has been provided.

·       Software versions that are currently certified to EFSnet and are PABP or PA-DSS compliant may be migrated to the new go-forward platform.

Third Party Processors (TPPs)

·       PCI compliant transaction aggregators and gateways (TPPs) may begin migrating to the appropriate go-forward solution(s), but will be required to provide proof of PCI compliance and execute appropriate TPP agreements per existing policy.

·       TPPs that are currently certified to EFSnet that cannot furnish proof of compliance or evidence of an audit being underway risk being decertified and deactivated.