eRSVP Receives E-Business Security Certification

November 2, 2004 - (PromotionWorld) - eRSVP, a major developer and provider of Web-based events registration, payments processing and information management solutions for professional meeting planners and special events producers, has successfully passed an audit required for e-commerce security certification by the card association data security programs of major credit card companies VISA, MasterCard and Discover.

The approval, received under terms of the Vital Signs™ Multi-Card Compliance Program (MCCP) conducted by independent data security firm Ambiron LLC, signifies that eRSVP adheres to current e-business best practice security standards for the protection and care of sensitive customer data. Individual card security programs for which eRSVP received approval are:

• Visa USA CISP (Cardholder Information Security Program)
• Visa Canada AIS (Account Information Security)
• MasterCard SDP (Site Data Protection)
• Discover DISC (Discover Information Security and Compliance)

"The MCCP certification is important because it allows us to authenticate the stringent security processes eRSVP has employed all along," stated Ajay Arora, eRSVP co-founder & CEO. "In an industry that's often too casual about online security, we regard our security preparedness as a strategic advantage, and we intend to draw a sharp contrast," he said.

MCCP measures and evaluates compliance with benchmarks for physical as well as procedural security for such system components as servers/hardware, data backup and recovery, applications and operating systems, in addition to establishing requirements for background checks and screening of key IT personnel. Approved online vendors and merchants must submit to regular monthly and quarterly system monitoring as well as annual external audits to remain in good standing.

eRSVP not only meets standards of all the individual card security programs but in some cases exceeds them, for example maintaining a monthly port scanning protocol that at least one program requires on only a quarterly basis, plus a rigorous schedule of daily website security review that MCCP does not require at all. By developing its applications on the relatively secure Unix/Oracle platform, eRSVP avoids the widespread security holes and vulnerabilities common to applications built on the Microsoft platform.

"With our roots in the financial services sector, we feel that we came to the event planning industry with a huge head start on security issues," claimed Ajay Arora. "Mission-critical applications and billion-dollar money flows don't leave room for error. We strive to bring that same standard of professionalism and attention to detail to all our clients' online transactions," he said.

E-business experts cite alarming statistics about the rapidly-growing prevalence - and cost - of online security breaches. According to figures from the Computer Security Institute's CSI/FBI 2004 Computer Crime and Security Survey published in January 2004, "Computer virus attacks cost global businesses an estimated $55 billion in damages in 2003, a sum that is expected to increase this year." A white paper on data recovery published in 2003 by the National Archives and Records Administration in Washington DC, found that 93 percent of companies that lost their data center for 10 days or more due to a disaster filed for bankruptcy within one year of the disaster. Fifty percent of businesses that found themselves without data management for this same time period filed for bankruptcy immediately.

About eRSVP
Founded in 1998, New York-based eRSVP specializes in Web-based events registration, payments processing and value-added information services for professional events planners. Its event response management tools create an instant Web presence for clients, enabling online invitations, confirmations, e-commerce transactions and scheduling, plus sophisticated campaign management, custom report generation, survey creation and data analysis tools. For more information, visit