Planet Payment, Inc. - WikiLeaks Planet... · Description of Controls and User Control...

Planet Payment, Inc. Report on Controls Placed in Operation and Tests of Operating Effectiveness Relating to Application and General Computer Controls January 1, 2010 through December 31, 2010

PLANET PAYMENT, INC.

REPORT ON CONTROLS PLACED IN OPERATION AND TESTS OF OPERATING EFFECTIVENESS

TABLE OF CONTENTS

SECTION ONE PAGE

Independent Service Auditors’ Report ............................................... i-ii

SECTION TWO

Description of Controls and User Control Considerations Provided by Planet Payment, Inc.

I. Overview of Services ................................................................. 1

II. Elements of the Control Environment ....................................... 3 III. Description of Application Controls ..........................................

On-line/Off-line Transaction Processing ................................... 10 10

IV. Description of General Computer Controls ............................... A. Systems Infrastructure and Security .................................. B. Infrastructure and Information Systems Operations .......... C. Information Security .......................................................... D. Application Systems Implementation and Maintenance ....

13 13 13 15 17

V. User Control Considerations ...................................................... 20

SECTION THREE

Information Provided by the Service Auditor, Except for Control Objectives, Controls in Subsections IV Provided by Planet Payment, Inc.

I. Introduction ................................................................................ 22

II. Elements of the Control Environment ....................................... 23 III. Tests of Operating Effectiveness ............................................... 24 IV. Control Objectives, Controls, Tests of Controls and Test

Results: Application Controls ........................................................ General Computer Controls .............................................

25 35

SECTION FOUR

Supplemental Information Provided By Planet Payment, Inc.

I. Business Continuity Planning .................................................... 61 II. Data Center Services .................................................................. 63

III. Payment Card Industry (PCI) Data Security Requirements ..... 65 IV. Planet Payment Overview .......................................................... 65 V. What We Do .............................................................................. 65

VI. How We Earn Revenue .............................................................. 66 VII. Our Products .............................................................................. 66

VIII. Relationship Management ......................................................... 69 IX. Customer Support ...................................................................... 69

SECTION ONE

INDEPENDENT SERVICE AUDITORS’ REPORT

i

INDEPENDENT SERVICE AUDITORS’ REPORT Planet Payment, Inc. Long Beach, New York We have examined the accompanying description of the controls of Planet Payment, Inc. (“Planet Payment”) related to Planet Payment’s credit card transaction processing applications and systems and related general computer controls (Section Two and Section Three - subsection IV). Our examination included procedures to obtain reasonable assurance about whether (1) the accompanying description presents fairly, in all material respects, the aspects of Planet Payment’s controls that may be relevant to a user organization’s internal control as it relates to an audit of financial statements; (2) the controls included in the description were suitably designed to achieve the control objectives specified in the description, if those controls were complied with satisfactorily and user organizations applied those aspects of internal control contemplated in the design of Planet Payment’s controls; and (3) such controls had been placed in operation as of December 31, 2010. The control objectives (included in Section Three - subsection IV) were specified by Planet Payment management. Our examination was performed in accordance with standards established by the American Institute of Certified Public Accountants and included those procedures we considered necessary in the circumstances to obtain a reasonable basis for rendering our opinion.

Planet Payment receives transaction data from merchant services firms, Value Added Resellers (“VARs”), gateways, banks, processors, and credit card associations (e.g., Visa and MasterCard). Planet Payment utilizes Verizon Business Collocation Premium Data Centers (“Verizon”) and Cable and Wireless to host certain production computer equipment. In addition, Verizon also performs nightly tape backup procedures for the systems hosted in their data center. The accompanying description includes only those control objectives and related controls of Planet Payment and does not include control objectives and related controls at the merchant services firms, VARs, gateways, banks, processors, credit card associations (e.g., Visa and MasterCard), Verizon, and Cable and Wireless. Our examination did not extend to controls of the merchant services firms, VARs, gateways, banks, processors, credit card associations (e.g., Visa and MasterCard), Verizon, and Cable and Wireless. Our examination was conducted for the purpose of forming an opinion on the description of Planet Payment’s controls related to their credit card transaction processing applications and systems and related general computer controls (Section Two and Section Three - subsection IV). Information about Planet Payment’s description of Business Continuity Planning, Data Center Services, Payment Card Industry (PCI) Data Security Requirements, Planet Payment Overview, What We Do, How We Earn Revenue, Our Products, Relationship Management, Customer Support included in Section Four is presented by Planet Payment to provide additional information to user organizations and is not a part of Planet Payment’s description of controls. The information in Section Four has not been subjected to the procedures applied in the examination of the aforementioned description of Planet Payment’s controls related to their credit card transaction processing applications and systems and related general computer controls, and accordingly, we express no opinion on the description of Business Continuity Planning, Data Center Services, Payment Card Industry (PCI) Data Security Requirements, Planet Payment Overview, What We Do, How We Earn Revenue, Our Products, Relationship Management, and Customer Support.

Deloitte &Touche LLP Two World Financial Center New York, NY 10281-1414 USA Tel: +1 212 436 2000 Fax: +1 212 436 5000 www.deloitte.com

Member Of Deloitte Touche Tohmatsu

ii

In our opinion, the accompanying description of the aforementioned controls of Planet Payment (Section Two and Section Three - subsection IV) presents fairly, in all material respects, the relevant aspects of Planet Payment’s controls that had been placed in operation as of December 31, 2010. Also, in our opinion, the controls, as described, are suitably designed to provide reasonable assurance that the specified control objectives (included in Section Three - subsection IV) would be achieved if the described controls were complied with satisfactorily and user organizations applied those aspects of internal control contemplated in the design of Planet Payment's controls. In addition to the procedures that we considered necessary to render our opinion as expressed in the previous paragraph, we applied tests to specified controls, listed in Section Three-subsection IV, to obtain evidence about their effectiveness in meeting the related control objectives described in Section Three - subsection IV, during the period from January 1, 2010 to December 31, 2010. The specific control objectives, controls, and the nature, timing, extent, and results of the tests are listed in Section Three - subsection IV. This information has been provided to user organizations of Planet Payment and to their auditors to be taken into consideration, along with information about the user organization’s internal control, when making assessments of control risk for user organizations. In our opinion, the controls that were tested, as described in Section Three - subsection IV, were operating with sufficient effectiveness to provide reasonable, but not absolute, assurance that the control objectives specified in Section Three - subsection IV were achieved during the period from January 1, 2010 to December 31, 2010. However, the scope of our engagement did not include tests to determine whether control objectives not listed in Section Three - subsection IV were achieved; accordingly, we express no opinion on the achievement of control objectives not included in Section Three - subsection IV. The relative effectiveness and significance of specific controls at Planet Payment and their effect on assessments of control risk at user organizations are dependent on their interaction with the internal control, and other factors present at individual user organizations. We have performed no procedures to evaluate the effectiveness of internal control at individual user organizations. The description of controls at Planet Payment is as of December 31, 2010 and information about tests of the operating effectiveness covers the period from January 1, 2010 to December 31, 2010. Any projection of such information to the future is subject to the risk that, because of change, the description may no longer portray the system in existence. The potential effectiveness of specific controls at Planet Payment is subject to inherent limitations and, accordingly, errors or fraud may occur and not be detected. Furthermore, the projection of any conclusions, based on our findings, to future periods is subject to the risk that (1) changes made to the system or controls, (2) changes in processing requirements, or (3) changes required because of the passage of time may alter the validity of such conclusions. This report is intended solely for use by management of Planet Payment, its user organizations, and the independent auditors of such user organizations.

March 23, 2011

SECTION TWO

DESCRIPTION OF CONTROLS AND USER CONTROL CONSIDERATIONS PROVIDED BY

PLANET PAYMENT, INC.

Planet Payment, Inc. Overview of Services

CONFIDENTIAL 1

DESCRIPTION OF CONTROLS PROVIDED BY PLANET PAYMENT

I. OVERVIEW OF SERVICES

Planet Payment is the trade name for Planet Payment, Inc. [LSE: AIM: PPTR and PPT for Reg S and unrestricted common shares respectively] [OTCQX: PLPM].

Further information on Planet Payment can be found at: www.planetpayment.com

Planet Payment is a multi-currency payment data processor, enabling acquiring banks, transaction processors, gateways, POS solution providers, and their merchants to accept, process, and reconcile credit card transactions in multiple currencies. Planet Payment’s systems also enable it to provide enhanced data reporting and data management to merchants who are using multiple systems in different countries.

The Planet Payment business was established in 1999. Planet Payment is headquartered in Long Beach, New York and has offices in New Castle, DE, Atlanta, GA*, the United Kingdom*, Singapore*, Bermuda*, Hong Kong*, Shanghai* and Beijing*.

Planet Payment’s services and solutions help businesses sell to foreign customers, with increased revenues and reduced costs on the underlying transaction. Planet Payment’s solutions include multi-currency processing and Pay in Your Currency (PYC), as well as domestic processing. Multi-currency processing allows merchants to target foreign customers with localized pricing specifically set to each market. PYC is a service in which a credit card transaction is converted in real time at the POS from the currency in which the merchant offers its goods into the currency in which the customers’ credit card is billed in accordance with the card associations. Planet Payment also provides acquirers with payment card authorization, clearing, settlement, reconciliation and reporting services for domestic, single currency transactions, as well as its multi-currency services, in the same way as other third party payment processors.

Planet Payment’s services do not require an acquiring bank to grant control over transaction proceeds to any third party.

In Planet Payment’s multi-currency solutions, the acquirer dedicates one or more BIN(s) and ICA(s) to the program, and the currency conversion occurs within the transaction messages for authorization and settlement prior to transmission to the card association, with the post-settlement financial reporting and reconciliation performed

* These entities are not in the scope of this report. Internal controls related to these offices have intentionally been excluded from this report. Any information related to these offices has been included for informational purposes only.

Planet Payment, Inc. Overview of Services

CONFIDENTIAL 2

for the acquirer by Planet Payment. For the services and solutions offered by Planet Payment, proceeds continue to be paid directly from the card associations to the particular acquiring bank. Planet Payment does not have access to the settlement proceeds.

The iPay payment gateway technology is used by merchants to facilitate the acceptance of credit and debit cards as payment for goods and services, principally sold over the Internet, or in other non-face-to-face transactions. The Internet payment gateway and related technology, also provides a web-based merchant transaction reporting module, and credit card chargeback management system.

Planet Payment, Inc. Elements of the Control Environment

CONFIDENTIAL 3

II. ELEMENTS OF THE CONTROL ENVIRONMENT

The control environment sets the tone of an organization and influences the control consciousness of its people. It is the foundation for all components of internal control, providing both discipline and structure.

The control environment influences the way business actions are structured, objectives are established, and risks are assessed. It also influences control activities, information and communication systems, and monitoring procedures. The control environment is largely shaped by an entity’s history and management culture. Effectively controlled entities strive to instill an enterprise-wide attitude of integrity and control consciousness, set a positive “tone at the top,” and employ competent people. These entities establish controls that foster shared values and teamwork in pursuit of the organization’s objectives.

Elements of the control environment include:

A. Integrity and Ethical Values B. Commitment to Competence C. Audit Committee and the Board of Directors D. Management’s Philosophy and Operating Style E. Organization Structure F. Personnel Policies and Practices G. Assignment of Authority and Responsibility H. Risk Assessment I. Information and Communication J. Monitoring

A. Integrity and Ethical Values

An environment that demands integrity and ethical values is critical to building and maintaining an effectively controlled organization. Similarly, the effectiveness of internal controls is rooted in the values of the people who create, administer, and monitor them. Planet Payment has programs and policies designed to provide integrity and ethical values throughout the organization. Its policies cover areas such as standards of performance, professionalism, ethics, and conduct. These policies are published, accessible to employees, and are enforced. Periodically, management communicates the importance of these policies and ethics standards to the employees.

Planet Payment provides its employees with an Employment Handbook describing employee responsibilities, working conditions, employee benefits and policies and procedures. Employees are encouraged to read and familiarize themselves with the provisions in the Handbook. It is the responsibility of employees to perform his or her duties in an efficient, honest and courteous manner and to obey the laws and


CONFIDENTIAL 4

regulations of all jurisdictions where such duties are performed. In carrying out assigned duties, Planet Payment expects employees to observe the highest standards of business and personal ethics while promoting the objectives and interests of the Company. Employees are made aware that unethical actions, or even the suggestion of unethical actions, are not acceptable.

B. Commitment to Competence

Competence should reflect the knowledge and skills needed to accomplish tasks that define an individual’s job. Through consideration of an entity’s objectives and the strategies and plans for achievement of those objectives, management must determine how well these tasks need to be accomplished. Management needs to specify the competence levels for particular jobs and to translate those levels into requisite knowledge and skills.

Planet Payment management has defined and analyzed the tasks comprising particular jobs, including such factors as the extent to which individuals must exercise judgment and the extent of related supervision. In addition to this, the knowledge and skills required to perform particular jobs have also been determined by Planet Payment management and are communicated to personnel.

Planet Payment also employs a professional training curriculum. New employees participate in an orientation program introducing them to Planet Payment operations, its functions, and job-specific training. The employee’s job responsibilities are reinforced through on-the-job training and specialized development programs such as supervisory skills training. In order to provide uninterrupted service during high volume periods, cross training of employees is also performed. Employees are provided with measurable objectives and are subject to periodic performance reviews to provide competence.

C. Audit Committee and the Board of Directors

The Board of Directors and Audit Committee have a major influence on the control environment. Planet Payment’s commitment to an effective control system starts with its Audit Committee positioned within its Board of Directors. The Audit Committee is comprised of two independent directors who are financially literate and have executive management and industry experience. The Board has defined specific duties and a responsibility for the Audit Committee related to the oversight of company management, corporate governance and financial reporting and the independent auditor, who meets regularly and makes regular reports to the Board.

D. Management’s Philosophy and Operating Style

A management’s philosophy and operating style significantly affect the way the entity is run including the types of business risks it accepts. Planet Payment emphasizes the importance of ensuring that the integrity of processing is management’s priority, including controls to mitigate risk. Management is also structured to deliver a high level of integrity and efficiency in client support and transaction processing.


CONFIDENTIAL 5

Management control is implemented at various levels at Planet Payment. The Planet Payment information technology controls are administered and implemented by the CIO and CTO/SVP Product Development. While there are various constructs used to define the respective role of the CTO and CIO, at Planet Payment Inc the CTO has “product responsibility” which consists of all systems software applications research and development, while the CIO is responsible for the delivery of information through a worldwide technology infrastructure which includes network operations, security, quality assurance, and card association systems. Weekly information technology management meetings are held to direct and control various activities that affect the functional and performance-related behavior of the software and hardware systems employed in the corporate production-processing environment. Specifically, these meetings cover the following: the software development schedule and queue, bug reports and new feature requests are reviewed and presented, software release target dates are set, and progress is tracked.

E. Organizational Structure

An entity’s organizational structure provides the framework for achieving entity-wide objectives that are planned, executed, controlled, and monitored. Two critical aspects of establishing an organizational structure are defining key areas of authority and responsibility, and establishing lines of reporting.

Planet Payment is comprised of separate functional groups, under the direct responsibility of the CEO, designed to facilitate effective operational capability and to provide segregation of duties between functions. The company consists of the following functional groups:

Information Technology – The Information Technology (IT) function is carried out by the following groups, in support of Planet Payment’s business objectives.

Application Development Groups

− MAS Engineering, under the direction of the CTO and Senior Vice-President Research & Development is responsible for the development of the Planet Payment Merchant Accounting System (“MAS”) software applications and software development lifecycle.

− The Technology Services Group, under the direction of the CTO and Senior Vice –President of Front-End Systems, is responsible for the development of software solutions, services and the software development lifecycle for the Planet Payment Planet Switch POS terminal and web-service driver.

− Gateway Development Group, under the direction of the CTO and Director of Application Development is responsible for the development of the iPay gateway software applications and the software development lifecycle.


CONFIDENTIAL 6

Infrastructure & Security Groups

− The Systems Infrastructure Group, led by the CIO and SVP Infrastructure & Security, is responsible for all the physical, hardware components and architecture of the Planet Payment systems including data centers, facilities, servers, global telecom and information networks, interfaces and related components.

− Network Security & Operations Group, led by the CIO and SVP Infrastructure & Security is responsible for information systems operations relating to the design, maintenance, and monitoring of network solutions and devices such as hosts (administration, user management, application installation and configuration, service management), routers (configuration), firewalls (configuration), switches (usage), and data communications links. The group is also responsible for network security relating to the design, implementation, and enforcement of security controls such that the IT environment is consistent with the Planet Payment Information Security Plan. This specifically impacts items such as password policies, user account permissions, VPN configuration, and security event alerts.

Software Quality Assurance Group, under the direction of the CIO and Director Quality Assurance is responsible for the testing of all software applications internally developed by Planet Payment’s Research and Development and Technology Services Groups

Card Association Systems, under the direction of the CIO is responsible for the operation and maintenance of the Extended Access Server (EAS) (formerly called VAP - VisaNet Access Point) and the MasterCard Interface Processor (MIP). The Extended Access Server (EAS) is Visa International’s equipment and software used by members to access the Visa BASE I system (the VisaNet data processing systems, networks, and operations that provide authorization and authorization-related services to Visa members) and BASE II systems (the VisaNet data processing system, networks, and operations that provide clearing, settlement, and other interchange-related services to Visa members). The MasterCard Interface Processor (MIP) is the processor that interfaces with MasterCard’s Global Payment System (GPS) communication network which conducts the authorization and settlement of member MasterCard transactions as well as other services.

Project Management Office (PMO) * – The Project Management Office, under the direction of the Senior Vice-President Business Operations & Project Management is responsible for the successful completion of projects throughout the organization through the use of standardized methods, processes, and tools.

* These groups are not in the scope of this report. Internal controls related to these groups have intentionally been excluded from this report. Any information related to these groups has been included for informational purposes only.


CONFIDENTIAL 7

Client Implementations* – Also under the direction of the Senior Vice-President Business Operations & Project Management, with support from the CIO and SVP Infrastructure & Security, this group manages the implementation of new client integrations or updates as defined in contracts resulting from business development efforts.

Business Systems Operations & Reporting Group* – The Business Systems Operations & Reporting Group, under the direction of the Senior Vice-President Business Operations & Project Management, provides daily monitoring of system hardware and application alerts, foreign exchange rate fluctuations, client implementation, acquirer and merchant set-up, and other services to facilitate the day-to-day operations of the company’s clientele.

Business Development Group* – Under the direction of several Senior Vice-Presidents Planet Payment’s Business Development function encompasses Sales, Relationship Management & Marketing.

The Sales Group* is responsible for finding and closing on clients that generate revenue to Planet Payment.

The Relationship Management Group* is responsible for customer accounts and manages ongoing relationships and all customer communication, as well as managing bank, gateway & VAR implementations in conjunction with the PMO.

The Marketing Group* is responsible for creating and delivering all messaging, advertisement, or positioning copy for Planet Payment’s products and services as well as sales collateral materials for customers and their merchants.

Finance, Accounting & Risk*– The Company’s finance, accounting and risk management functions, under the direction of the CFO is comprised of the following groups

The Financial Analysis & Reporting Group* is responsible for internal profitability, pricing and related reporting as well as client revenue accounting.

The Accounting Group* is responsible for the maintenance of the group’s general ledger, accounting records and systems, the daily reconciliation of the groups chart of accounts, the preparation of internal and external financial reporting, managing the accounts receivable, accounts payable, payroll, financial internal controls, investment and equity accounting.

* These groups are not in the scope of this report. Internal controls related to these groups have intentionally been excluded from this report. Any information related to these groups has been included for informational purposes only.


CONFIDENTIAL 8

Risk Management – Risk Management is responsible for the company’s global enterprise risk management. Risk Management is responsible for financial, operational, and compliance risk mitigation.

Legal Department* – The Legal Department, under the direction of the SVP/General Counsel is responsible for reviewing and authoring legal contracts and documents and providing advice on the day-to-day legal, regulatory, and corporate governance matters.

Human Resources* – The Human Resources group is responsible for personnel issues such as compensation, benefits, recruiting, and training and the development, implementation, and maintenance of the company’s personnel policies and practices

F. Personnel Policies and Practices

Employees receive regular communication about the levels of integrity, ethical behavior, and competence expected. Such communications relate to practices such as hiring, orientation, training, evaluation, counseling, promotion, compensation, and remedial actions, and business methods, procedures, and practices

Planet Payment has formal hiring practices designed to ensure that new employees are qualified for their job responsibilities. Applicants undergo an interview process that assesses their qualifications for the position’s responsibilities. Planet Payment conducts pre-employment reference checks based on information provided on the application. In addition, Planet Payment conducts pre-hire and post-hire background investigations of past employment history, credit record, and any criminal activity. For access to information of certain classification levels to be granted, the requestor must pass a background check. Human Resources perform this background check as part of the post-hiring process, or any time a previously unchecked person transfers into an area of responsibility.

Planet Payment is committed to a Performance Management Process in which the guiding principles include:

The acceptance of personal accountability for development and performance management results

Striving for operational excellence and continuous improvement

The joint accountability between manager and associate for setting expectations, reviewing current performance and development

Rewarding those who achieve results that contribute to the success of the department and Planet Payment


CONFIDENTIAL 9

G. Assignment of Authority and Responsibility

The control environment is influenced significantly by the extent to which individuals recognize that they will be held accountable. At Planet Payment, this includes the Chief Executive Officer (“CEO”), the Chief Financial Officer (“CFO”), the Chief Technology Officer (“CTO”), the Chief Information Officer (“CIO”) and Senior Vice-Presidents who share responsibility for all activities including the internal control system. Planet Payment has considered corporate governance practices and the importance of segregation of duties as part of the assignment of authority and responsibility for operating activities, and the establishment of reporting relationships and authorization protocols. To carry out duties, policies are regularly communicated on appropriate business practices.

H. Risk Assessment

For a control environment to be effective, the importance placed on controls must be evident at the most senior levels of the organization. Planet Payment’s management has placed into operation a risk assessment process to identify and manage risks that could affect Planet Payment’s ability to provide services to its clients. This process requires management to identify significant risks within Planet Payment and to implement measures to address these risks. Management meets regularly to review risk areas.

I. Information and Communication

Information and communication is integral to the continual competitiveness of an organization. Planet Payment management have policies and procedures in place to initiate, record, process, and report entity transactions and to communicate and distribute relevant information, whether manual or automated in order to maintain accountability for related assets, liabilities, and equity. Both management and associates through various training courses are provided with an understanding of their individual roles and responsibilities pertaining to internal controls.

Employees are obligated to safeguard and prevent disclosure of sensitive, proprietary, confidential, privileged, or trade secret information. Planet Payment has various policies in place governing associates obligations regarding the safeguard and disclosure of sensitive, proprietary, confidential, privileged or trade secret information such as protection of Planet Payment, client, or merchant information.

J. Monitoring

Each group is responsible for ongoing monitoring of risks in their respective areas/business units. There is an ongoing process to analyze risks including internal control issues. In addition, management has established procedures to periodically assess the risks associated with the significant relationships such as outsourced service providers, suppliers, and customers. Risks associated with any proposed change in Planet Payment’s business structure are assessed by management.

Planet Payment, Inc. Description of Application Controls

CONFIDENTIAL 10

III. DESCRIPTION OF APPLICATION CONTROLS

The following section describes the application systems utilized by Planet Payment to support its business. The general flow of transactions as discussed herein provides a description of the flow of transactions through various systems.

On-line/Off-Line Transaction Processing

Credit card authorizations and transmission files are received by Planet Payment production systems from merchant services firms* including acquirers, Value Added Resellers (“VARs”)*, gateways*, processors*, partners* and banks* in a number of ways including the following: 1) IPSec Virtual Private Network (“VPN”) tunnel, 2) Private point-to-point leased line, 3) ISDN-BRI on-demand line. The lower-bandwidth ISDN-BRI lines are used primarily as backup communication channels.

The iPAY Gateway serves as a payment gateway for Credit, Debit and Electronic (ACH) Payment, supporting major credit and signature debit cards. The gateway handles different National Automated Clearing House Association “NACHA” supported Automated Clearing House “ACH” methods, including prearranged payment and deposit, cash concentration and disbursement, telephone-initiated entry, internet-initiated entry, and handles the image capture of the checks themselves. Merchants interface with the iPay Gateway via the Payment Solutions Portal (“PS Portal”). The PS Portal is a web-based terminal offering online payment functionalities. It manages transactions in real-time or via batch processing and generates online reports. In addition, merchants can manage subscription billing and customer notices in real-time through PS Portal. It is used to add customer payments and billing information, define payment schedules, offer trial periods, and track other billing parameters. PS Portal generates subsequent transactions based on the schedule provided, and sending alerts as defined.

PlanetSwitch (“PS”) functions as a POS terminal driver and authorization and data capture host system including end-of-day reconciliation host for credit card transactions. At the time of the sale, credit card transactions are either keyed or swiped at the terminal, which then dials, or by wireless SSL connection or via leased line or frame connection or via internet VPN connects to a centrally located or distributed PS host to process the authorization. Planet Switch is specifically designed for PYC and multicurrency processing. PlanetSwitch supports a variety of interface formats and protocols but most often connects with terminal devices using the ISO 8583 standard and with gateways or other integrated point of sale systems via a Web Service (SOAP, XML). Upon receipt of the POS transactions PS will route the transaction to one of a variety of end points including – specific

* These external entities are not in the scope of this report. Internal controls related to these entities have intentionally been excluded from this report. Any information related to these entities has been included for informational purposes only.


CONFIDENTIAL 11

bank authorization systems, American Express*, Diners*, JCB*, Interac (Canadian debit)*, Visa* and MasterCard*. The Visa interface to the EAS BASE I system is ISO 8583. The interface to the MasterCard MIP is also ISO 8583. PlanetSwitch handles PIN translation to Interac* using Atalla* HSM’s.

Authorization to certain host computer systems, including selected bank and processing partners is routed via what is referred to herein as Foreign Exchange (“FX”) filter. The FX filter is configured to receive authorization requests from Planet Switch and certain internet gateways in Visa standard EIS-1080 format or ISO 8583 format, perform its processing, and then forward the authorization request on to certain host computer systems or bank and processing partners. The FX filter also supports usage as a rate-lookup and conversion engine when it receives such a request from a business partner and then returns these values for an authorization.

Transactions transmitted to the company’s EAS and MIP via private point-to-point VPN connections are verified via the firewall by confirming both IP address and port to ensure authorization. The card systems are configured to accept only transmissions that utilize Strong Encryption to ensure data integrity and IP address and port are confirmed. In addition, Strong VPN tunneling is utilized along with Perfect Forwarding Secrecy (PFS) for secure transmissions.

− A number of security checks are performed to ensure the validity of transaction data such as Bank BIN testing. Planet Payment card systems receives Online Transmission Processing (OLTP) authorization requests. These requests undergo accuracy and completeness checks such as BIN/ICA, Merchant ID (MID), Terminal ID (TID), and Merchant Category Code (MCC). In addition, the card systems receive settlement files from certain clients and Visa/MasterCard. These files undergo validity checks for accuracy and completeness such as, File Date checks, Header/Footer checks, and Duplicate File checks.

− The Settlement Files received from Visa/MasterCard are coded to ensure delivery of reports to the correct entity. An automated script is configured to only send entities’ reports embedded with their code. In addition confirmation messages are automatically sent to clients indicating that files were accepted for processing.

The Planet Payment Merchant Accounting System (“MAS”) provides centralized merchant accounting services. It receives end-of-day clearing files from clients, validates and stores the conversions, calculates participant revenue, serves a bevy of reports, and then submits a Visa EAS and a MasterCard MIP clearing file which provides processing, authorization, clearing, and settlement services. Logic has been added to the MAS clearing file parsing system to validate the submitted

* These external entities are not in the scope of this report. Internal controls related to these entities have intentionally been excluded from this report. Any information related to these entities has been included for informational purposes only.


CONFIDENTIAL 12

clearing file based on heuristic assumptions. Suspect files are systemically set aside and Network Security & Operations personnel are systemically notified via pager and e-mail. Network Security & Operations personnel then call the submitter to confirm file validity. Upon receipt of verbal approval from the submitter, Network Operations releases the file for processing.

After each batch submittal to an external processor, report files are received from the processor providing a summary of submissions, and the results of card association clearing activities. The processor also sends Visa and MasterCard daily foreign exchange rates which may be used to initialize the FX Filter, Planet Switch (“PS”) and MAS for the daily FX conversion activities.

On a daily basis, the business operations group performs the following manual reconciliations:

1. Proof and Verification Balancing to prove that all data capture transmissions

have been processed 2. ACH Balancing to prove all merchant transactions have been processed and

paid 3. Settlement Balancing to prove that the Associations BINs and ICAs have all

been reconciled and that the Associations have processed all transactions sent to them and were correctly funded

4. Monitoring and manual correction of all rejects and exceptions 5. Monitoring and handling of all incoming chargebacks and retrievals (Dispute

Resolution)

Planet Payment, Inc. Description of General Computer Controls

CONFIDENTIAL 13

IV. DESCRIPTION OF GENERAL COMPUTER CONTROLS

A. Systems Infrastructure and Security The Information Technology (“IT”) environment is comprised of multiple network segments, each of which is set at one of two possible security levels. Security Level One is implemented on the “DMZ” network where only production e-mail service (outgoing only) and HTTP servers reside. Security Level Two comprises the private production environment that contains various database servers and application servers used in the processing of credit card transactions. It also provides for routing access points to remote network segments at remote partner sites.

B. Infrastructure and Information Systems Operations There are two primary data centers that host the IT infrastructure supporting the production environment of Planet Payment:

• Verizon Business Collocation Premium Data Centers* (“Verizon”) is a third-party vendor that has been contracted with to provide hosting and limited support services for the production servers for Planet Payment systems. The support services provided by Verizon include workspace and connectivity support and back-up services for servers and systems.

• The data center at Planet Payment’s New Castle, DE, office hosts and supports the production servers for the iPay gateway systems, applications, and databases, as well as test and QA servers for iPay.

In addition to the two above data centers Planet Payment maintains some IT infrastructure at several other locations*.

• In Bermuda, the Cable and Wireless Data Center is a third party vendor that has been contracted with to provide hosting services of the VISA EAS, the MIP equipment as well as the clearing/Settlement servers. These servers and equipment are utilized to process transactions systems and applications.

• Planet Payment’s office in Atlanta, GA houses the development team that develops in-house authorization application.

• Planet Payment’s office in the United Kingdom houses Business offices to cover the EMEA region (Europe, Middle East and Africa).

• Planet Payment’s office in Singapore houses business offices as well as Asia Pacific Local technical team that will support applications during local business hours.

* This external entity or Planet Payment location is not in the scope of this report. Internal controls related to this entity or location have intentionally been excluded from this report. Any information related to this entity or location has been included for informational purposes only.


CONFIDENTIAL 14

• Planet Payment’s Multiplexing- Dialup concentrators Site (“MUX”) in Hong Kong houses dial-up concentrators and other communications equipment which is utilized to provide a centralized hub to channel local merchant transaction volumes to the processing systems located in New York. The Hong Kong offices also act as business offices as well as Asia Pacific local technical team that supports applications during local business hours.

• Planet Payment’s MUX in Shanghai houses dial-up concentrators and other communications equipment which is utilized to provide a centralized hub to channel local merchant transaction volumes to the processing systems located in New York.

• Planet Payment’s office in Beijing houses Business offices to cover the Beijing region.

Scheduled activities are configured primarily in the UNIX job scheduler and both standard output and standard errors are captured to log files. Additions and changes to the job scheduler can only be made via an authorized change request. Management has weekly meetings where changes to the job schedule are approved. Only authorized personnel have access to make changes to the job scheduler. These log files are monitored programmatically by a Big Brother Professional edition, What’s Up Gold and Q Monitor and exceptions are trapped and submitted into a notification system. Network Operations personnel receive pager and e-mail notifications of abnormal job terminations.

Full system tape backups are performed nightly. Management monitors back-ups via e-mails indicating whether or not the back-ups were successful. If a back-up is unsuccessful investigation will be initiated to insure next day backup is completed successfully.

Other items, such as network visibility and availability, are also monitored through activities and adverse results are fed to the e-mail enabled notification system. These monitoring are performed on a15 minute interval using the monitoring tools mentioned above. In the event of significant incidents Planet Payment issues incident reports. Planet Payment Helpdesk monitors problems throughout the environment. Helpdesk personnel record the issue and route it to the appropriate technical personnel based on established escalation procedures. The Helpdesk personnel insure that problems are resolved in a timely manner. We have three separate teams in Client Services: Consumer Services, Merchant Services and Corporate Services. Each team receives and deals with a whole range of processing related issues such as transaction issues, reporting, reconciliation, funding, terminal problems, merchant setups, chargebacks etc.


CONFIDENTIAL 15

Configuration management is performed through a combination of change control request (“CCR”) submissions and approval meetings. A change requestor documents the requested change on a CCR Form and submits to the SVP Infrastructure & Security or his designee for inclusion in the next CCR review meeting, nominally scheduled for twice weekly. CCRs approved at these meetings are scheduled for subsequent deployment.

In addition, weekly meetings are scheduled between the CTO, the Senior Vice President of Infrastructure and Security, and any additional resources needed to review planned activities, status, and work through issues and problems arising out of efforts to meet management goals.

The processing systems of the iPay gateway services hardware structure is a tiered client server environment. Payment, back-end, utility, and web servers utilize Windows 2003 operating systems. Oracle databases store the real-time transaction data. Credit card and account data is encrypted utilizing Ingrian Hardware Encryption devices. Firewalls, routers, and intrusion detection devices monitor the internal and external networks

The Planet Payment clearing software that pre-edits files sent by the Merchant Accounting System (MAS) to Visa, MasterCard and American Express runs on a Sun cluster running Solaris and Oracle with hot-failover capability. Data storage uses a shared disk array and is automatically backed up daily using an auto-loader. Back-up tapes use a 30-day rotation period and are switched out weekly. The day 30 tape is retained from each rotation and stored indefinitely. Back-up tapes are secured at an off-site facility and maintained in a fire proof safe. This process is coordinated by Verizon.

Data and communications systems are isolated in separate network segments and protected by a DMZ using firewalls and VPN crypto-clusters. Production processing data comes in through point-to-point VPN connections using the crypto-cluster and DMZ and other connections or traffic are not permitted. Other traffic (such as e-mail, http, etc.) utilizes a separate firewall and network.

C. Information Security Security controls and procedures are defined and implemented in conformance with Planet Payment Information Security Policies. The Security Policies have been implemented to protect data from unauthorized access. The policies also define actions to help protect data from physical and environmental hazards. In order to enhance security, Planet Payment uses Unix and Windows centralized login, this ensures that all systems uses one unique and secure technology for accessing servers. In addition, multiple security and auditing detection and prevention tools are used to monitor activity and assist in investigations in the event of unauthorized system usage.


CONFIDENTIAL 16

1. Security Policies and Administration

The Planet Payment Security Committee is responsible for authorizing the security policy. The Planet Payment Security Committee reviews the policy and is responsible for authorizing modifications and updates annually. This policy defines the information security roles, controls, information classification and safe practices. Included in this security plan are rules for system username and password policies, user privileges, operating system security and auditing, firewalls, physical security rules, information classification and the rules for treatment of such information, roles and responsibilities, threat identification, and standard operating procedures for security-related matters. The security policy specifically defines the SVP Infrastructure & Security as the role responsible for the implementation of the rules set forth in the security policy.

Access to Planet Payment information security assets is granted through the submission of an IT access request form by the manager of the person requesting access. The form provides for the identification of the requestor and what type and level of access is needed. For access to information of certain classification levels to be granted, the user must pass a background check. This background check is performed by Human Resources as part of the post-hiring process, or any time a previously unchecked person transfers into an area of responsibility.

The submitter’s manager forwards the access request form to the Data Security Administrator, who is responsible for implementing both operating systems access requests as well as access to applications. The policy dictates that users not be added to the system without the properly completed and approved access request form. The role of Data Security Administrator is limited to specially trained personnel only.

When a user leaves the company, a termination process is initiated that includes identification of systems to which the user has access and the subsequent termination of his or her access. As a rule, files are preserved for an indefinite period. In addition, periodic recertification is performed for users to ensure that they have the appropriate access to various systems within the organization

We use several security equipment as prevention and detection in our environment; we have cameras, security card reader, biometric reader in certain restricted areas, all critical data is protected with several UPS, generators, humidity control sensors, flood control sensors, fire suppression controls and motion detection

2. System Security

System security is addressed at multiple levels and is described in detail in the information security policy. The policy includes rules involving the use and protection of account passwords, user accounts, and incident reporting.


CONFIDENTIAL 17

Planet Payment’s information security password policies cover password construction, initial and periodic expiration, changes, and limitation on password reuse. In addition, Planet Payment has implemented password controls that require default passwords to be changed, and procedures related to one-time usage of certain passwords in emergency situations. Planet Payment has also implemented specific procedures for password resetting and access rule violations.

Planet Payment’s information security policies require that users are granted the least privileges necessary for their job functions and are allowed access only to required files. Privileged accounts are granted to a limited number of personnel that require such access for their job functions and in a manner that allows for accountability. User access is logged at the operating system and databases levels and logs are maintained in secure files and are reviewed by the security administrator when a security violation is detected.

The public interfaces are protected by internet firewalls with three security zones, public, DMZ, and private. The network segments passing over public paths are secured using IPSEC VPN communication. Applications with user interfaces are secured by two-factor authentication with enforced password composition policies.

Planet Payment maintains its production computer equipment at either a Verizon Business Premium Internet Collocation data center, or at an acquiring bank*. Environmental and physical security of each data center is the responsibility of these entities.

D. Application Systems Implementation and Maintenance

Each major project at Planet Payment is assigned to an experienced project manager. Project Managers orchestrate the numerous interdependent and co-dependent events that are involved in partner integration projects. They provide guidance to business partners on the intricacies of PYC, as well as the technical and business issues that may apply to their particular environment. Project Managers begin the process with a template of typical PYC issues and during the definition phase of the project will identify new requirements that arise from the uniqueness of each of Planet Payment’s partner integrations. These often feed into development requests initiated through the SunBug tracking system. Changes are then controlled using CCR. Changes made to the iPay gateway are tracked and monitored using RT.

* This external entity is not in the scope of this report. Internal controls related to this entity have intentionally been excluded from this report. Any information related to this entity has been included for informational purposes only.


CONFIDENTIAL 18

As a project progresses through the definition and planning phase, Project Managers coordinate with various technical and business resources to confirm that requirements are met in a timely manner. Project Managers arrange regular meetings and conference calls with project participants and “stakeholders”, maintain project reporting and scheduling, and promptly communicate problems or issues to prevent surprises. Projects are tracked using Microsoft Project.

The software life cycle is initiated by the identification and documentation of a bug or feature request as an artifact. These artifacts are then added to the project plan as a place holder and submitted for sizing to the Application Development Group. In parallel, they are prioritized by the CTO. A meeting is convened to review and finalize the artifacts to be included in the upcoming release. The software change is then designed in detail, built, and unit tested by the software development group. Once unit testing is completed, it is deployed to the Quality Assurance environment for independent testing and validation by an associate not involved with the development. Those items completing Quality Assurance validation are then approved as candidates for deployment to production. They are then documented on a CCR and discussed with the configuration manager during the twice weekly CCR review meeting to confirm that the deployment process is fully understood and there is an executable roll-back process in the event that something goes wrong with the deployment. If the CCR meets the approval of the configuration manager, it is then scheduled for deployment during the next available production system maintenance window. Program migration is controlled through the use of Virtual Private Network Software.

1. Software Development and Change Control Methodology

Feature Requests - Each submitted feature request goes through a multi-step process before eventual deployment. The first of these steps is the documented capture of the various elements of the request onto a SunBug feature request form. Once this form is submitted the registered stakeholders are notified via e-mail and that request will be considered in the next scheduled product management review meeting. The details and merits of the feature request are reviewed and a decision of priority is made as an outcome of the meeting. The priorities range from 1 (highest) or 5 (lowest). Items of priority 1 through 3 are then submitted to the manager for the implementing team, usually the Software Development Manager, for analysis, ambiguity review, and effort sizing. Once sized, that information is combined with the relative priority to determine the scheduled start date.

Bugs - Bug reports are documented by the person observing the apparent defect using the artifact bug report form. Once this form is submitted, the various stakeholders are automatically notified via e-mail. One of those stakeholders is the software development manager who then attempts to recreate the conditions where the bug was observed and personally observe it. If the bug can’t be recreated by the Software Engineering Manager, he notifies the initial observer and asks for a demonstration. If the bug can be demonstrated, it is analyzed,


CONFIDENTIAL 19

sized, and submitted to the product review meeting for prioritization. If it cannot be demonstrated, it is closed. Once it is sized and prioritized, the software development manager recommends a deployment schedule for approval by the product review committee.

Once the work has completed development, unit testing, and quality control testing, it is included in a CCR (see below) for deployment.

2. Quality Assurance

Testing must be performed on both the various user interfaces as well as the credit card processing interfaces to confirm that their behavior is consistent with specifications. Quality Assurance testing is performed by development personnel independent of the development team for a particular project. Upon completion of the quality assurance process management reviews results and signs-off on the change. Quality assurance testing includes:

• User Interface Testing - Any specified change to the user interface behavior is tested before being approved for subsequent deployment. This approach enhances the stability of the product and conforms to software development life cycle policies.

• Automated Batch Process Testing - Any specified change to the batch processing environment behavior is validated through the automated batch test system. This confirms that a) the requested changes are made and b) greatly reduces the chance of undesirable side-effects from the change.

3. Source Code Management

The application source code contains the critical information regarding the enterprise. Internally originating source code is managed in the Source Code Management System (“SCM”) which is stored offsite and backed-up to a separate offsite facility, as part of the back-up activities executed by Verizon). The SCM restricts access to source code to only authorized individuals and limits developers to their files only. In addition, the SCM also tracks access and logs changes. Each release is assigned a release number which is easily located in the system. This allows for easy rollback to a previous version if a significant issue is encountered in the latest release. Third-party software customizations are preserved in the respective SCM of the respective provider∗. In cases where Planet Payment does not have contractual source code ownership rights, it retains fail-over access to the code through source code escrow agreements.

∗ These external entities are not in the scope of this report. Internal controls related to these entities have intentionally been excluded from this report. Any information related to these entities has been included for informational purposes only.

Planet Payment, Inc. User Control Considerations

CONFIDENTIAL 20

V. USER CONTROL CONSIDERATIONS

Planet Payment’s application was designed under the assumption that certain internal controls would be implemented by Planet Payment user organizations. In certain situations, the application of specific internal controls at Planet Payment client organizations is necessary to achieve certain control objectives identified in this report.

This section identifies internal controls that Planet Payment believes user organizations should have placed in operation to compliment the service provided. Each user organization’s internal control structure must be evaluated in conjunction with Planet Payment’s controls and testing as summarized in the report. The user organization’s auditors should consider whether the user organizations have placed these controls in operation when understanding and evaluating the internal controls at their respective organizations.

Planet Payment user organizations and their auditors should consider controls that ensure:

• Clients are responsible for reviewing and validating report data.

• Clients are responsible for ensuring their users are authorized and that access to their systems is monitored by appropriate levels of management and users are granted privileges commensurate with their job responsibilities.

• Clients are responsible for notifying Planet Payment of any system problems in a timely manner.

• Clients are responsible for user acceptance testing during initial set-up on Planet Payment systems.

• Clients are responsible for monitoring and responding to error messages related to data transfer.

• Clients are responsible for ensuring that change requests to configuration sent to Planet Payment are authorized before delivery.

• Clients are responsible for having controls in place to ensure transmission files are accurate and delivered to Planet Payment within agreed timeframes.

• Clients are responsible for having controls in place to ensure that risk and fraud monitoring parameters are configured on their system.

The user control considerations presented above should not be regarded as a comprehensive list of all internal controls, which should be employed by the user organizations.

SECTION THREE

INFORMATION PROVIDED BY THE SERVICE AUDITOR, EXCEPT FOR CONTROL OBJECTIVES, AND CONTROL ACTIVITIES IN SUBSECTIONS IV

PROVIDED BY PLANET PAYMENT, INC.

Planet Payment, Inc. Information Provided by the Service Auditor

CONFIDENTIAL 22

I. INTRODUCTION This report on the controls placed in operation and tests of operating effectiveness is intended to provide interested parties with information sufficient to obtain an understanding of those aspects of the Planet Payment controls that may be relevant to a user organization’s internal controls, and reduce the assessed level of control risk below the maximum for certain financial statement assertions. Our examination was limited to selected services provided to users of the aforementioned Planet Payment application and accordingly did not extend to procedures in effect at user organizations. The examination was conducted in accordance with the Statement on Auditing Standards (“SAS”) No. 70 “Reports on the Processing of Transactions by Service Organizations”, as amended, of the American Institute of Certified Public Accountants. It is each user’s responsibility to evaluate this information in relation to controls in place at each user organization. The users’ and Planet Payment’s portions of the control structure must be evaluated together. If effective user controls are not in place, Planet Payment’s controls may not compensate for such weaknesses. Our examination included inquiry of the appropriate management, supervisory, and staff personnel; inspection of documents and records; observation of activities and operations; and tests of controls surrounding and provided by Planet Payment. Our tests of controls were performed on internal controls as existing during the period January 1, 2010 to December 31,, 2010, and were applied to those controls relating to control objectives specified by Planet Payment in Section Three – subsection IV.


CONFIDENTIAL 23

II. ELEMENTS OF THE CONTROL ENVIRONMENT The control environment sets the tone of an organization, influencing the control consciousness of its people. It is the foundation for all other components of internal control, providing discipline and structure. In addition to the tests of operating effectiveness described in the next section, our procedures included tests of the following relevant elements of Planet Payment’s control environment: • Integrity and Ethical Values • Commitment to Competence • Audit Committee and the Board of Directors • Management’s Philosophy and Operating Style • Organization Structure • Personnel Policies and Practices • Assignment of Authority and Responsibility • Risk Assessment • Information and Communication • Monitoring Such tests included inquiry of the appropriate management, supervisory, and staff personnel; inspection of Planet Payment documents and records; and observation of Planet Payment activities and operations. The results of these tests were considered in planning the nature, timing, and extent of our testing of the control activities described in Section Three - subsection IV.


CONFIDENTIAL 24

III. TESTS OF OPERATING EFFECTIVENESS Our tests of the effectiveness of controls included such tests as were considered necessary in the circumstances to evaluate whether the controls, and the extent of compliance with them, is sufficient to provide reasonable, but not absolute, assurance that the specified control objectives were achieved during the period from April 1, 2009 to April 30, 2010. Our tests of the operational effectiveness of controls were designed to cover a representative number of transactions throughout the period of April 1, 2009 to April 30, 2010 for each of the controls listed in Section Three - subsection IV, which are designed to achieve the specific control objectives, listed in Section Three - subsection IV. In selecting particular tests of the operational effectiveness of controls, we considered the (a) nature of the items being tested, (b) the types and competence of available evidential matter, (c) the nature of the audit objectives to be achieved, (d) the assessed level of control risk, and (e) the expected efficiency and effectiveness of the test. Description of Testing Procedures Performed

Tests performed of the operational effectiveness of controls are described below: Test Description Corroborative Inquiry Made inquiries of appropriate personnel and

corroborated responses with other personnel to ascertain the compliance of controls.

Observation Observed application of specific controls. Evidential Material Inspected documents and reports indicating

performance of the controls. Transaction Testing Re-performed application of controls.

Planet Payment, Inc. Control Objectives, Controls, Tests of Controls and Test Results

CONFIDENTIAL 25

IV. CONTROL OBJECTIVES, CONTROLS, TESTS OF CONTROLS AND TEST RESULTS Application Controls

Control Objective/Controls Tests of Controls Test Results

A. ONLINE/OFFLINE TRANSACTION PROCESSING 1. Controls provide reasonable assurance that only authorized transactions are sent from valid merchants and partners. 1.1 All transactions transmitted from clients via Point to Point connections are verified by the Planet Payment firewalls by validating both the IP address and port to confirm proper authorization.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that all transactions transmitted from clients via Point to Point connections are verified by the Planet Payment firewalls by validating both the IP address and port to confirm proper authorization. Observed multiple times a sample rule set on the production environment and confirmed that connections are verified by validating both the IP address and port to confirm authorization.

No relevant exceptions noted.

1.2 Planet Payment’s card systems are configured to accept only transmissions that utilize Strong Encryption.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that Planet Payment’s card systems are configured to accept only transmissions that utilize Strong Encryption. Observed multiple times the Planet Payment systems settings with the Senior Vice President Infrastructure and Security and noted that AES 256 and Perfect Forwarding Secrecy encryption was used for data transmitted via VPN.



CONFIDENTIAL 26


1.3 The Planet Payment’s card systems are configured to enable Strong Virtual Private Tunnel (“VPN”) tunneling with Perfect Forwarding Secrecy (“PFS”), if applicable, for transactions.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that the Planet Payment card systems are configured to enable Strong Virtual Private Tunnel (“VPN”) tunneling with Perfect Forwarding Secrecy (“PFS”), if applicable, for transactions. Observed multiple times the production system settings with the Senior Vice President Infrastructure and Security and noted that AES 256 and Perfect Forwarding Secrecy encryption is used for data transmitted via VPN.


1.4 Transactions submitted to Planet Payment must contain a valid merchant ID. The ID is automatically verified against a database to confirm the transaction is associated with a valid merchant. The Planet Payment system automatically refers to the merchant database for incoming transactions and automatically generates error messages if a transaction is attempted from a non-existing merchant.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President of IT Operations, and confirmed that transactions submitted to Planet Payment must contain a valid merchant ID. The ID is automatically verified against a database to confirm the transaction is associated with a valid merchant. The Planet Payment system automatically refers to the merchant database for incoming transactions and automatically generates error messages if a transaction is attempted from a non-existing merchant. Inspected a sample of invalid merchant ID email alerts and noted the Planet Payment system was programmed to reject transactions that are not associated with a valid merchant ID in the database.



CONFIDENTIAL 27


2. Controls provide reasonable assurance that activity transmitted by merchants and partners is captured completely and processed accurately and timely.

2.1 The Payment FX Filter and Planet Switch systems automatically time out and automatically send a message to management if a transmission response from a processor is not received within 60 seconds to confirm that transactions are received in a complete and timely manner.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operationsand confirmed that the Payment FX Filter and Planet Switch systems automatically time out and automatically send a message to management if a transmission response from a processor is not received within 60 seconds to confirm that transactions are received in a complete and timely manner. Observed multiple times with the Senior Vice President, Infrastructure and Security, the transmission response timeout threshold settings on a sample production server and noted it was configured to timeout within 60 seconds. Inspected a sample email alert for a transmission response timeout and noted tan automated email notification is generated and distributed to management when the configured transmission response threshold is reached.



CONFIDENTIAL 28


2.2 Upon receipt of transaction settlement files from the Gateway and partners certain validity checks are systemically performed by the Merchant Accounting System (MAS) to ensure the accuracy and completeness of the files received. These validity checks include: •File Date checks •Header Footer •Duplicate File Check If a validity check fails, an automated alert is generated to the SYSOPS group for follow-up and resolution. In addition, confirmation messages that indicate that files were accepted for processing are automatically generated and sent to clients.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that upon receipt of transaction settlement files from the Gateway and partners certain validity checks are systemically performed by the Merchant Accounting System (MAS) to ensure the accuracy and completeness of the files received. These validity checks include: •File Date checks •Header Footer •Duplicate File Check If a validity check fails, an automated alert is generated to the SYSOPS group for follow-up and resolution. In addition, confirmation messages that indicate that files were accepted for processing are automatically generated and sent to client. Observed multiple times, with the Senior Vice President Infrastructure and Security the MAS system settings configured to check for header and footer count batch totals for the merchant transactions in a transmission and noted that header and footer counts are automatically read by the system to confirm completeness of the transmission and confirmation messages are sent to clients. Inspected an automated notification email alert for a file date and duplicate file validity check and noted the SYSOPS group was notified upon failure of the check.



CONFIDENTIAL 29


2.3 Planet Payment receives online authorization requests. These requests undergo the following validation checks by the Planet Switch, FX Filter or Payment applications: • BIN/ICA • MID • TID (if applicable) • Minimum/maximum processing amount • Transaction type • Encryption If checks are not correct, the transaction is halted and not processed.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that Planet Payment receives online authorization requests. These requests undergo the following validation checks by the Planet Switch, FX Filter or Payment applications: • BIN/ICA • MID • TID (if applicable) • Minimum/maximum processing amount • Transaction type • Encryption If checks are not correct, the transaction is halted and not processed. Observed multiple times a sample of validity checks (BIN/ICA, MID, TID, Minimum/maximum processing amount, and transaction type) and noted if an error occrrs during a validity check, a failure would be captured by the application and the transaction would not be processed.



CONFIDENTIAL 30


2.4 A batch file is automatically run every morning on the Merchant Accounting System (MAS) to obtain the most recent exchange rates from Visa/MasterCard. If the file is not received an alert is sent via pager and e-mail notifying management for resolution.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that a batch file is automatically run every morning on the Merchant Accounting System (MAS) to obtain the most recent exchange rates from Visa/MasterCard. If the file is not received an alert is sent via pager and e-mail notifying management for resolution. Observed multiple times the job scheduled to load VISA and Master Card rates on MAS and noted the job was configured to run daily to obtain the exchange rates from the card associations. Inspected a sample email alert notification for a failed rate upload job and noted an email alert was generated and distributed to management. In addition, noted the failure was tracked through the resolution process timely.



CONFIDENTIAL 31


2.5 The Merchant Accounting System automatically applies the most current exchange rate determined by the date of the transaction.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that the Merchant Accounting System automatically applies the most current exchange rate determined by the date of the transaction. Observed multiple times with Senior Vice President Infrastructure and Security, for a sample transaction, that the Merchant Accounting System automatically applied the current exchange rate determined by the date of the transaction.


2.6 The Merchant Accounting System is configured to automatically generate and transmit settlement files to clients. In the event that a file is not generated, an alert is sent notifying management for resolution.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that the Merchant Accounting System is configured to automatically generate and transmit settlement files to clients. In the event that a file is not generated, an alert is sent notifying management for resolution. Inspected the job scheduler and noted a job is scheduled and conifigured to generate and transmit settlement files to clients.to clients and confirmed that the Merchant Accounting System was configured to automatically generate settlement files. Inspected a sample email alert notification and noted an email alert was generated and distributed to management in the event of an error in the generation and transmission of settlement files. In addition, noted the error was tracked through the resolution process timely.



CONFIDENTIAL 32


2.7 An automated report is generated by the FX Filter application listing foreign exchange details of the rates loaded by the application and distributed daily to notify the SYSOPS group.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that an automated report is generated by the FX Filter application listing foreign exchange details of the rates loaded by the application and distributed daily to notify the SYSOPS group.. Inspected a sample automated email report and noted the report included details on changes in foreign exchange rates.


2.8 In the event of a client impacting processing incident Operations personnel generate an IT Incident Report which is then distributed to the IT Distribution Group for research and resolution. Management utilizes the report to track issue status and ensure proper and timely resolution.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that in the event of a client impacting processing incident Operations personnel generate an IT Incident Report which is then distributed to the IT Distribution Group for research and resolution. Management utilizes the report to track issue status and ensure proper and timely resolution. Inspected a sample of IT Incident Reports impacting the production environment and noted incidents were tracked through the resolution process timely.


2.9 A manual reconciliation is performed daily for ACH and Credit Card settlement files by iPay Business Operations personnel in order to identify any discrepancies with the in-house settlement data. Identified discrepancies are investigated by the iPay Business Operations personnel for resolution.

Performed corroborative inquiry with Vice President, IT Operations and Senior Vice President Infrastructure and Security and confirmed that a manual reconciliation is performed daily for ACH and Credit Card settlement files by iPay Business Operations personnel in order to identify any discrepancies with the in-house settlement data. Identified discrepancies are investigated by the iPay Business Operations personnel for resolution. Selected a sample of days and noted the ACH and credit card pre-settlement reports were generated and reconciliations were performed by Business Operations. I n addition, noted identified discrepancies were investigated.



CONFIDENTIAL 33


3. Controls provide reasonable assurance that activity transmitted by merchants and partners is routed by the Merchant Accounting System to the appropriate third party service provider or appropriate Associations/Networks in a complete, accurate, and timely manner.

3.1 The system automatically assigns a unique identifier to each transaction for tracking during the transaction processing lifecycle. If during the processing lifecycle a transaction tagged as having been processed is identified as repeating a processing step the system will automatically ignore the transaction.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that the system automatically assigns a unique identifier to each transaction for tracking during the transaction processing lifecycle. If during the processing lifecycle a transaction tagged as having been processed is identified as repeating a processing step the system will automatically ignore the transaction. . Inspected the MAS system and noted transactions were assigned with a unique identifier for tracking during the transaction processing lifecycle.


3.2 A systemic process in the Merchant Accounting System (MAS) generates an alert for each unprocessed transaction. Management monitors the buildup of unprocessed transactions and will further investigate in the event the number of alerts exceeds a preset threshold in order to ensure complete processing of transactions.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that a systemic process in the Merchant Accounting System (MAS) generates an alert for each unprocessed transaction. Management monitors the buildup of unprocessed transactions and will further investigate in the event the number of alerts exceeds a preset threshold in order to ensure complete processing of transactions. Selected a sample of unprocessed transaction alert notification emails and noted management investigated and tracked the error through the resolution process timely..



CONFIDENTIAL 34


3.3 Settlement Files received from VISA/MC are systemically coded by acquirer ID. An automated script is configured on the Merchant Accounting System (MAS) to send to each acquirer those files with that acquirer’s ID code embedded.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that settlement Files received from VISA/MC are systemically coded by acquirer ID. An automated script is configured on the Merchant Accounting System (MAS) to send to each acquirer those files with that acquirer’s ID code embedded. Inspected the settings on the MAS application with the Senior Vice President Network OPS and Security and noted that settlement files received from the card associations are coded by acquirer ID. In addition, noted an automated script is configured to send to each acquirer those files with that acquirer’s ID code embedded.



CONFIDENTIAL 35

General Computer Controls:


A. INFORMATION SYSTEMS OPERATIONS 4. Controls provide reasonable assurance that all production programs needed to process batch and on-line transactions and prepare

settlement files are executed to normal completion and deviations are identified and resolved. 4.1 Automated job scheduling routines and procedures have been established using the cron utility to confirm that jobs are run in the correct order, at the proper time, and use the correct versions of program and data files.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operations and confirmed that automated job scheduling routines and procedures have been established using the cron utility to confirm that jobs are run in the correct order, at the proper time, and use the correct versions of program and data files. Inspected the Planet Switch, FX Filter and Merchant Accounting System (MAS) job scheduler and noted pre-defined procedures and routines were established for jobs to be scheduled to run at pre-set times. Inspected the iPAY job scheduler via the Oracle and Unix root cron utility and noted jobs were scheduled to run automatically at pre-set times.



CONFIDENTIAL 36


4.2 The Merchant Accounting System, FX Filter, Planet Switch, Payment, Settlement and PS Portal systems are configured to automatically detect any failures or abnormal job terminations and if one is detected alerts are sent to management and resolved. timely.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President IT Operations and confirmed that the Merchant Accounting System, FX Filter, Planet Switch, Payment, Settlement and PS Portal systems are configured to automatically detect any failures or abnormal job terminations and if one is detected alerts are sent to management and resolved. Selected a sample of failed jobs, tracing them to supporting documentation to ascertain that the failed jobs were tracked through the resolution process timely.


4.3 The cron job scheduler is logically protected from unauthorized access. Access to the job schedule is limited to Operations Personnel authorized by the Senior IT Personnel

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President IT Operations and confirmed that the Planet Payment system’s job scheduler is logically protected from unauthorized access. Inspected the list of users with update access to the cron job scheduler and noted their access was appropriate based on job function and inquiry with Senior IT Personnel.


4.4 Job changes are reviewed by management at a weekly change management meeting and impacted parties are notified of such changes so that appropriate actions can be taken to minimize system failures.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operations and confirmed that job changes are reviewed by management at a weekly change management meeting and impacted parties are notified of such changes so that appropriate actions can be taken to minimize system failures. Inspected the meeting minutes for a sample of weeks and ascertained that meetings were held on a weekly basis to discuss open issues and upcoming system changes. Inspected the recurring meeting invite and noted a meeting is scheduled weekly to discuss open issues and upcoming system changes.



CONFIDENTIAL 37


4.5 Changes to the cron job schedule are approved by management prior to their implementation into production in order to prevent unauthorized changes to the job schedules.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operations and confirmed that changes to the cron job schedule are approved by management prior to their implementation into production in order to prevent unauthorized changes to the job schedules. Inspected the change log related to the cron job schedule and noted no changes to the job schedule were implemented during the examination period.

No relevant exceptions noted


CONFIDENTIAL 38


5. Controls provide reasonable assurance that the network and application systems are monitored and problems are identified and resolved in a timely manner.

5.1 An exception monitor is used to record the status of the network and the application systems. Alerts are forwarded to pagers and e-mail boxes of management. The exception monitor maintains thresholds and sends alerts to the console when thresholds are exceeded.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President IT Operations and confirmed that an exception monitor is used to record the status of the network and the application systems. Alerts are forwarded to pagers and e-mail boxes of management. The exception monitor maintains thresholds and sends alerts to the console when thresholds are exceeded. Observed multiple times the Big Brother, What’s Up Professional and Q Monitor tools and confirmed that the status of the network and application systems was monitored and thresholds were maintained Inspected a sample network alert email notification and noted an email was generated when pre-configured thresholds were reached. Inspected a sample of IT Incident Reports impacting the production environment and noted incidents were tracked through the resolution process timely

No relevant exception noted.

5.2 In the event of a client impacting processing incident Operations personnel generate an IT Incident Report which is then distributed to the IT Distribution Group for research and resolution. Management utilizes the report to track issue status and ensure proper and timely resolution.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that in the event of a client impacting processing incident Operations personnel generate an IT Incident Report which is then distributed to the IT Distribution Group for research and resolution. Management utilizes the report to track issue status and ensure proper and timely resolution. Inspected a sample of IT Incident Reports impacting the production environment and noted incidents were tracked through the resolution process timely.



CONFIDENTIAL 39


5.3 Problems that are reported to the Help Desk are recorded and routed to the applicable data processing or technical personnel based on established escalation procedures and resolved in a timely manner.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operations and confirmed that problems that are reported to the Help Desk are recorded and routed to the applicable data processing or technical personnel based on established escalation procedures and resolved in a timely manner. Inspected the Help Desk Procedures and noted a process was in place to record, report, and track incidents through the resolution process. Selected a sample of production incident RT tickets and noted issues impacting production were tracked through the resolution process timely.


5.4 A weekly meeting is held to discuss both network and application issues and follow-up on problems identified by management so that appropriate actions can be taken to minimize system failures.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that a weekly meeting is held to discuss both network and application issues and follow-up on problems identified by management so that appropriate actions can be taken to minimize system failures. Obtained the meeting minutes for a sample of weeks and noted the meetings were held to discuss open issues Inspected the recurring meeting invite and noted a meeting is scheduled weekly to discuss open issues.



CONFIDENTIAL 40


6. Controls provide reasonable assurance that data backup procedures are in place to monitor the data backup process.

6.1 A daily batch is run to back-up the transactions database and an alert is sent to management to indicate the success or failure of the back-up on Planet Payment platform. If the backup fails, management follows up to ensure complete and timely resolution.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operations and confirmed that a daily batch is run to back-up the transactions database and an alert is sent to management to indicate the success or failure of the back-up on Planet Payment platform. If the backup fails, management follows up to ensure complete and timely resolution. Inspected a sample of backup status emails and noted management was notified of the backup status on a daily basis. For backup failures noted, inspected the next day backup status emails and ascertained the backup ran successfully to evidence resolution of prior day’s issue.



CONFIDENTIAL 41


C. INFORMATION SECURITY7. Controls provide reasonable assurance that logical security tools and techniques are implemented, configured and administered to

enable restriction of access to programs, data, and other information resources.

7.1 Internal users are assigned a unique login ID. Users are authenticated to the UNIX and Windows environments by the use of passwords. The following password parameters are enforced: •Password Expiration •Password Complexity •Minimum Password Length •Password Lockout

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President IT Operations and confirmed that internal users are assigned a unique login ID. Users are authenticated to the UNIX and Windows environments by the use of passwords. The following password parameters are enforced: •Password Expiration •Password Complexity •Minimum Password Length •Password Lockout . Inspected the password settings on the production domain controller for password expiration, minimum password length, password complexity and password lockout and noted password parameters were configured per Company policy. Inspected the list of all production domain, application, database and operating system users and noted all users are assigned unique user IDs.



CONFIDENTIAL 42


7.2 A file integrity script runs daily to determine if changes have been made to critical files and directories on production servers. The script generates an alert e-mail to management if changes are detected. Management reviews these changes to ensure they are appropriate.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operations and confirmed that a file integrity script runs daily to determine if changes have been made to critical files and directories on production servers. The script generates an alert e-mail to management if changes are detected. Management reviews these changes to ensure they are appropriate. Observed multiple times that the file integrity scripts were scheduled to run on the application servers on a daily basis. Inspected a sample email file integrity alert notification and noted automated alerts were generated when changes were made to critical files.


7.3 System access is automatically recorded via security logs that track access violations such as inappropriate password and multiple login attempts leaving an audit trail for management to research violations

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that system access is automatically recorded via security logs that track access violations such as inappropriate password and multiple login attempts leaving an audit trail for management to research violations Inspected the domain audit settings and audit log for the coverage period and noted access violations were recorded for management to review on an as needed basis. Inspected a sample email notification for an access violation on the production domain and noted that an automated mechanism is configured to alert system administrators when an access violation occurred.



CONFIDENTIAL 43


7.4 A limited number of individuals, as approved by the Senior IT Personnel have responsibility for system administration in the UNIX and Windows NT environment.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operations and confirmed that a limited number of individuals, as approved by the Senior IT Personnel have responsibility for system administration in the UNIX and Windows NT environment. Obtained a system list of domain, Planet Switch, FX Filter, Merchant Accounting System (MAS) Payment, Settlement and PS Portal administrators and ascertained with Senior Vice President Infrastructure and Security and Vice President, IT Operations, that the administrators were appropriate as per job responsibility. In addition, compared administrators to the company organization chart and noted that administrative access was appropriate based on job function. Inspected a system list of users with access to the UNIX root account and ascertained with Vice President, IT Operations that such access is restricted to appropriate individuals based on their job responsibilities. In addition, compared administrators to the company organization chart and noted that root access was appropriate based on job function.



CONFIDENTIAL 44


7.5 The Data Security Administrator is responsible for setting up and changing existing user privileges based on an access request forms received from Human Resources. The forms are approved by the authorized individuals and user access is granted accordingly on the system by the administrators.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that the Data Security Administrator is responsible for setting up and changing existing user privileges based on an access request forms received from Human Resources. The forms are approved by the authorized individuals and user access is granted accordingly on the system by the administrators. For a sample of new users selected from the HR New Hire Report, inspected the corresponding user access request forms for system access and noted users are approved prior to gaining access to the system.. In addition, noted users’ access was set up in accordance with what was documented on the user access request form.


7.6 Upon termination of an employee a notification email is sent by HR notifying the Data Security Administrator of the terminated employee’s change of status whereupon system access is removed completely and timely.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operations and confirmed that upon termination of an employee a notification email is sent by HR notifying the Data Security Administrator of the terminated employee’s change of status whereupon system access is removed completely and timely. Reviewed a system list of current users with access to in-scope systems, cross matching to an HR termination listing and noted no active accounts belong to terminated employees.


CONFIDENTIAL 45


7.7 Firewalls are in place between Planet Payment and the Card Associations to restrict connectivity.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operations and confirmed that firewalls are in place between Planet Payment and the Card Associations to restrict connectivity. Observed multiple times the network diagram and confirmed that firewalls are placed between the Card Associations and Planet Payment to restrict connectivity.


7.8 User access privileges to the application, database and operating systems are periodically reviewed by the system owners to ensure access privileges remain appropriate.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operations and confirmed that user access privileges to the application, database and operating systems are periodically reviewed by the system owners to ensure access privileges remain appropriate. Inspected a sample user access review and noted system owners recertify user access at the application, database and operating system layers that user access privileges were appropriate.



CONFIDENTIAL 46


8. Controls provide reasonable assurance that physical access restrictions to the Long Beach office, Delaware datacenter and the Elmsford datacenter facilities are implemented and administered to ensure that only authorize individuals have the ability to access or use information resources.

8.1 Physical access to Long Beach office, the Delaware datacenter, and the Elmsford datacenter is recorded via the use of closed circuit security cameras 24 hours/7days per week.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operations and confirmed that physical access to Long Beach office, the Delaware datacenter, and the Elmsford datacenter is recorded via the use of closed circuit security cameras 24 hours/7days per week. Observed multiple times the Long Beach office, the Delaware datacenter, and the Elmsford datacenter and noted that security cameras were in place.


8.2 New access requests to the Delaware datacenter are approved by a Vice President or above via a Security Access Request form.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President IT Operations and confirmed that new access requests to the Delaware datacenter are approved by a Vice President or above via a Security Access Request form. For a sample of new users selected from the HR New Hire Report, inspected the corresponding Security Access Request Forms for datacenter access and noted access was approved by a Vice President or above.



CONFIDENTIAL 47


8.3 New access requests to the Elmsford datacenter are communicated to the Senior Vice President Infrastructure and Security or the Network Security Engineer who review the request prior to granting physical access.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operations and confirmed that new access requests to the Elmsford datacenter are communicated to the Senior Vice President Infrastructure and Security or the Network Security Engineer who review the request prior to granting physical access. Reviewed the HR New Hire Report and noted that zero users listed on the report were granted access to the Elmsford Data Center as such no further testing was performed.


8.4 Upon termination of an employee a notification email is sent by HR notifying the Data Security Administrator of the terminated employees change of status whereupon physical access is removed completely and timely from the Long Beach office and Delaware and the Elmsford datacenters.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operations and confirmed that upon termination of an employee a notification email is sent by HR notifying the Data Security Administrator of the terminated employees change of status whereupon physical access is removed completely and timely from the Long Beach office and Delaware and the Elmsford datacenters.. Compared a sample of users from the termination report to the user access listing for the Long Beach office, and Delaware and Elmsford datacenters and noted that access was removed for terminated employees. Reviewed a system list of current users with access to the Long Beach office, Delaware Data Center, and Elmsford Data Center, cross matching to an HR termination listing and noted no active accounts belong to terminated employees.



CONFIDENTIAL 48


8.5 Access to the Long Beach office, Delaware datacenter, and Elsmford datacenter is restricted via card key readers and biometric reader when applicable.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operations and confirmed that access to the Long Beach office, Delaware datacenter, and the Elmsford datacenter is restricted via card key readers and biometric reader when applicable. Observed multiple times the Long Beach office and the Elmsford datacenter and noted that access to the building was restricted via a card key reader. Observed multiple times the Delaware datacenter and noted that access to the datacenter was restricted via a card key reader. Also noted that access to the server room was restricted via a biometric reader.


8.6 All visitors are required to log-in with the receptionist prior to being granted access to the Long Beach office, Delaware datacenter, and Elmsford datacenter.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operations and confirmed that all visitors are required to log-in with the receptionist prior to being granted access to the Long Beach office, Delaware datacenter and the Elmsford datacenter. Observed multiple times that visitors are required to log in with the receptionist prior to being granted access to the Long Beach office, Delaware datacenter, and Elmsford datacenter. Inspected a copy of the log book and confirmed that visitors sign in prior to being granted access to the Long Beach office, Delaware datacenter, and Elmsford datacenter.



CONFIDENTIAL 49


9. Controls provide reasonable assurance that the Elmsford and Delaware datacenters are environmentally protected.9.1. Smoke/fire detection and suppression mechanisms have been implemented at the Elmsford and Delaware datacenters.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operations and confirmed that smoke/fire detection and suppression mechanisms have been implemented at the Elmsford and Delaware datacenters. Observed multiple times the Elmsford and Delaware datacenters and noted that smoke/fire detection and suppression mechanisms were installed.


9.2 Environmental conditions of the Delaware data center and Elmsford datacenter (e.g., temperature, humidity) are monitored and regulated.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operations and confirmed that environmental conditions of the Delaware data center and Elmsford datacenter (e.g., temperature, humidity) are monitored and regulated. Observed multiple times the Delaware datacenter and the Elmsford datacenter and noted that environmental conditions such as temperature and humidity were monitored and regulated.



CONFIDENTIAL 50


9.3 Management provides alternate sources of power (e.g., uninterruptible power supply, generators) at the Delaware datacenter and Elmsford datacenter.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operations and confirmed that management provides alternate sources of power (e.g., uninterruptible power supply, generators) at the Delaware datacenter and the Elmsford datacenter. Observed multiple times the Delaware datacenter and Elmsford datacenter and noted that alternative sources of power such as uninterruptible power supply and generators were in place.



CONFIDENTIAL 51


D. APPLICATION SYSTEMS IMPLEMENTATION AND MAINTENANCE 10. Controls provide reasonable assurance that changes to existing application system software and implementation of new application system software are authorized, tested, and approved in a complete and timely manner.

10.1 Changes are reviewed by management at a weekly change management meeting and impacted parties are notified of changes in order to minimize the likelihood of system disruption.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that changes are reviewed by management at a weekly change management meeting and impacted parties are notified of changes in order to minimize the likelihood of system disruption. Obtained the meeting minutes for a sample of weeks and noted that the meetings were held to discuss open issues. Inspected the recurring meeting invite and noted a meeting is scheduled weekly to discuss open issues.


10.2 For the Merchant Accounting System, FX Filter and Planet Switch applications and databases, once a change is authorized, it is sent to the development manager who then assigns it to a developer. The developer then completes the change in an environment that is logically separated from the production environment.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that for the Merchant Accounting System, FX Filter and Planet Switch applications and databases, once a change is authorized, it is sent to the development manager who then assigns it to a developer. The developer then completes the change in an environment that is logically separated from the production environment. Observed multiple times the production and development environments for the Merchant Accounting System, FX Filer and Planet Switch applications and databases and noted that the production and development environments were logically separated.



CONFIDENTIAL 52


10.3 Once developer testing is complete, the Merchant Accounting System, FX Filter and Planet Switch application or database change is deployed to the Quality Control environment for independent testing and validation by an associate not involved with the development.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that once developer testing is complete, the Merchant Accounting System, FX Filter and Planet Switch application or database change is deployed to the Quality Control environment for independent testing and validation by an associate not involved with the development. Selected a sample of changes to the Merchant Accounting System, FX Filter and Planet Switch applications and databases and noted that changes were tested in the Quality Control environment.


10.4 For the Merchant Accounting System, FX Filter and Planet Switch application or database changes the developer then submits a Change Control Request (“CCR”) which is reviewed in the CCR meeting and approved by the Senior VP of Operations or Senior VP of Risk Management. Once approval has been granted the change is migrated to the production environment by the System Administrator.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that for the Merchant Accounting System, FX Filter and Planet Switch application or database changes the developer then submits a Change Control Request (“CCR”) which is reviewed in the CCR meeting and approved by the Senior VP of Operations or Senior VP of Risk Management. Once approval has been granted the change is migrated to the production environment by the System Administrator. Inspected the Change Control Request (CCR) for a sample of changes to the Merchant Accounting System, FX Filter and Planet Switch applications and databases and noted that the CCR was created and was approved by the Senior VP of Operations or Senior VP of Risk Management.


CONFIDENTIAL 53


10.5 For the Payment, Settlement and PS Portal applications and databases, once a change is prioritized and scheduled, it is sent to the development manager who then assigns it to a developer. The developer then completes the change in an environment that is logically separated from the production environment.

Performed corroborative inquiry with Vice President, IT Operations and Director, Application Development and confirmed that for the Payment, Settlement and PS Portal applications and databases, once a change is prioritized and scheduled, it is sent to the development manager who then assigns it to a developer. The developer then completes the change in an environment that is logically separated from the production environment. Observed multiple times the production and development environments for the Payment, Settlement and PS Portal applications and databases and noted that the production and development environments were logically separated. .


10.6 Once testing is complete, the Payment, Settlement and PS Portal application or database change is deployed to the QA environment for independent testing and validation by an associate not involved with the development. Once testing is completed in the QA environment the change is migrated to the UAP environment where it is tested by the Production Support group if applicable.

Performed corroborative inquiry with Vice President, IT Operations and Director, Application Development and confirmed that once testing is complete, the Payment, Settlement and PS Portal application or database change is deployed to the QA environment for independent testing and validation by an associate not involved with the development. Once testing is completed in the QA environment the change is migrated to the UAP environment where it is tested by the Production Support group if applicable. Selected a sample of changes to the Payment, Settlement and PS Portal applications and databases and noted that changes were tested in the Quality Control environment and in the UAP environment if applicable.



CONFIDENTIAL 54


10.7 Once testing is completed for the Payment, Settlement and PS Portal application or database change the developer then submits a RT ticket, which will be approved or declined by a technical manager or a business manager. Once approval has been granted the change is migrated to the production environment.

Performed corroborative inquiry with Vice President, IT Operations and Director, Application Development and confirmed that once testing is completed for the Payment, Settlement and PS Portal application or database change the developer then submits a RT ticket, which will be approved or declined by a technical manager or a business manager. Once approval has been granted the change is migrated to the production environment. Selected a sample of changes to the Payment, Settlement and PS Portal applications and databases and noted that an RT Ticket was created and approved prior to production migration.


10.8 The Production Support group has responsibility for the deployment of changes into the production environment. Developers are appropriately restricted from making changes to production environment.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that developer access to production is restricted through the use of Virtual Private Network Software. In order for a developer to gain access to the production servers, he must get an approved from the Senior IT Personnel. Compared the list of developers as defined by their titles on the Organization Chart to a system list of users with access to the Production environment and noted developers do not have update access to production.


10.9 Management maintains a source code escrow agreement for the processing systems software for the FX Filter application.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that management maintains a source code escrow agreement for the processing systems software for the FX Filter application. Inspected the source code escrow agreement and noted that management maintains a source code escrow for the FX Filter application.



CONFIDENTIAL 55


10.10 Back-out and emergency procedures are established for all application and database changes and upgrades and are available for reference in the event that problems arise during or after the migration to production.

Performed corroborative inquiry with Senior Vice President, Network OPS and Vice President, IT Operations and confirmed that back-out and emergency procedures are established for all application and database changes and upgrades and are available for reference in the event that problems arise during or after the migration to production. Selected a sample of application and database changes and noted back-out procedures were documented within the change ticket.



CONFIDENTIAL 56


11. Controls provide reasonable assurance that changes to existing hardware and systems software and implementation of new hardware and system software is authorized, tested, approved, properly implemented and documented in a complete and timely manner.

11.1 Changes are reviewed by management at a weekly change management meeting and impacted parties are notified of changes in order to minimize the likelihood of system disruption.

Performed corroborative inquiry with the Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that changes are reviewed by management at a weekly change management meeting and impacted parties are notified of changes in order the minimize the likelihood of system disruption. Obtained the meeting minutes for a sample of weeks and noted that the meetings were held to discuss open issues. Inspected the recurring meeting invite and noted a meeting is scheduled weekly to discuss open issues


11.2 For Planet Payment, the decision to upgrade and/or make changes to system software is made by the Senior Network and Security Engineer. Once the change is authorized it is deployed to the Quality Control environment for independent testing.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that for Planet Payment, the decision to upgrade and/or make changes to system software is made by the Senior Network and Security Engineer. Once the change is authorized it is deployed to the Quality Control environment for independent testing. Selected a sample of system software changes for Planet Payment and noted changes were independently tested in the Quality Control environment.



CONFIDENTIAL 57


11.3 A Change Control Request (“CCR”) or RT Ticket is created for the system software change, which is reviewed in the change meeting and approved by the Senior VP of Operations or Senior VP of Risk Management. Once approval has been granted the change is migrated to the production environment.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that a Change Control Request (“CCR”) or RT Ticket is created for the system software change, which is reviewed in the change meeting and approved by the Senior VP of Operations or Senior VP of Risk Management. Once approval has been granted the change is migrated to the production environment. Inspected the Change Control Request (CCR) or RT Ticket for a sample of system software changes and noted the CCR/RT Ticket was approved by the Senior VP of Operations or Senior VP of Risk Management.


11.4 For Planet Payment, the decision to upgrade and/or make changes to hardware is made by the Senior Network and Security Engineer. Once the change is authorized, it is deployed to the Quality Control environment for independent testing if applicable.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that for Planet Payment, the decision to upgrade and/or make changes to hardware is made by the Senior Network and Security Engineer. Once the change is authorized, it is deployed to the Quality Control environment for independent testing if applicable. Selected a sample of hardware changes for Planet Payment and noted changes were independently tested in the Quality Control environment.



CONFIDENTIAL 58


11.5 A Change Control Request (“CCR”) is created for the hardware change, which is reviewed in the CCR change meeting and approved by the Senior VP of Operations or Senior VP of Risk Management. Once approval has been granted the change is implemented in the production environment.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Senior Vice President, R&D and confirmed that a Change Control Request (“CCR”) is created for the hardware change, which is reviewed in the CCR change meeting and approved by the Senior VP of Operations or Senior VP of Risk Management. Once approval has been granted the change is implemented in the production environment. Inspected the Change Control Request (CCR) or RT Ticket for a sample of hardware changes and noted the CCR/RT Ticket was approved by the Senior VP of Operations or Senior VP of Risk Management.


11.6 iPay gateway’s system software changes are documented in the RT automated ticketing system that includes a description of the change, reason or purpose for the change. The business impact and rollback plans are included if applicable. The RT ticket is sent to a technical manager and/or a business manager for approval. Once approved the change is implemented in the production environment.

Performed corroborative inquiry with Vice President, IT Operations and Senior Vice President Infrastructure and Security and confirmed that iPay gateway’s system software changes are documented in the RT automated ticketing system that includes a description of the change, reason or purpose for the change. The business impact and rollback plans are included if applicable. The RT ticket is sent to a technical manager and/or a business manager for approval. Once approved the change is implemented in the production environment. Inspected the RT Ticket for a sample of system software changes and noted the RT Ticket was created and approved by a technical manager and/or a business manager.



CONFIDENTIAL 59


11. 7 Modifications to iPay’s systems software are tested in non production environment before migrating it to production.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operations and confirmed that modifications to iPay’s systems software are tested in non production environment before migrating it to production. Selected a sample of system software changes for iPay and noted changes were tested in the Quality Control environment.


11.8 iPay gateway’s hardware changes are documented in the RT automated ticketing system that includes a description of the change, reason or purpose for the change. The business impact and rollback plans are included if applicable. The RT ticket is sent to a technical manager and/or a business manager for approval. Once approved the change is implemented in the production environment.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operations and confirmed that iPay gateway’s hardware changes are documented in the RT automated ticketing system that includes a description of the change, reason or purpose for the change. The business impact and rollback plans are included if applicable. The RT ticket is sent to a technical manager and/or a business manager for approval. Once approved the change is implemented in the production environment. Inspected the RT Ticket for a sample of hardware changes and noted the RT Ticket was created and approved by a technical manager and/or a business manager.


11.9 Back-out and emergency procedures are established for all system software changes and upgrades and are available for reference in the event that problems arise during or after the migration to production.

Performed corroborative inquiry with Senior Vice President Infrastructure and Security and Vice President, IT Operations and noted that back-out and emergency procedures are established for all system software changes and upgrades and are available for reference in the event that problems arise during or after the migration to production. Selected a sample of system software changes and noted back-out procedures were documented on the change ticket.


SECTION FOUR

SUPPLEMENTAL INFORMATION PROVIDED BY PLANET PAYMENT, INC.

Planet Payment, Inc. Supplemental Information Provided by Planet Payment, Inc.

CONFIDENTIAL 61

I. Business Continuity Planning Operating disruptions can occur with or without warning, and the results may be predictable or unknown. Therefore, it is important that Planet Payment’s business operations are resilient and the effects of disruptions in service are minimized in order to maintain client trust and confidence. Business continuity planning (BCP) is the process whereby a company ensures the maintenance or recovery of operations, including services to customers, when confronted with adverse events such as natural disasters, technological failures, human error, or terrorism.

A disaster recovery plan deals with recovering Information Technology (IT) assets after a disastrous interruption, implies a stoppage in critical operations and is reactive. On the other hand, business continuity planning is a proactive process. BCP is forethought to prevent loss of operational capacity, while Disaster Recovery (DR) is a process of recovery/resumption of business. Planet Payment’s Disaster Recovery Plan is a component of its overall Business Continuity Plan.

Planet Payment’s BCP endeavors to ensure that critical operations continue to be available, 24/7/365, by developing and documenting arrangements and procedures that enable an organization to respond to any type of an event that lasts for an unacceptable period of time and procedures to return to providing critical products and services to clients on a continuous basis without further interruption.

Planet Payment is committed to the continuous delivery of critical services that avoid severe disruptions to the company and its clients, and continuous risk management that lowers the risk of disruption and assesses the potential impact of disruptions when they may occur. Continuous risk management also provides the company an opportunity to evaluate its current risk management strategies and compensating controls, and modify or enhance those strategies and compensating controls as needed based on ever changing events and circumstances.

Management believes that its BCP provides a logistical plan for how it will recover and restore interrupted critical service delivery within a predetermined time after a disaster or extended disruption.

Planet Payment’s Business Continuity Planning Process

Planet Payment’s management initially conducted a threat analysis and determined that the following categories of internal and external threats must be mitigated by the business continuity plan:

• Malicious activity

• Natural and environmental disasters

• Technical disasters

Management then defined the critical business services and maximum allowable error/downtime based on existing service level standards and the critical business functions that require immediate recovery to maintain continuous service delivery.


CONFIDENTIAL 62

Threats in each category were prioritized based on the severity of the threat’s impact to Planet Payment’s service delivery and business operations as well as the probability of the threat’s occurrence.

Lastly, management assessed the threat’s risk for each critical business service and each critical business process or function under each of the following scenarios, taking into consideration existing risk mitigation strategies or compensating controls:

• Critical personnel are not available

• Critical buildings, facilities, or geographic regions are not available or accessible

• Production and non-production equipment malfunctions (hardware & telecommunications operating equipment)

• Software application bugs/failure

• Corrupt or not accessible data

• Vendor assistance not available

• Service provider/consultant not available

• Utilities are not available (power and telecommunications)

• Critical documentation and/or records are not available

Business Continuity Plan Testing & Monitoring Changing business processes, technology and new threat scenarios will require Planet Payment to maintain updated business continuity plans. It is Planet Payment’s policy to regularly subject its BCP to internal audit review and update, if necessary at least annually or more frequently if circumstances warrant.

Disaster Recovery Plan Planet Payment’s disaster recovery plan, which is a component of its BCP, provides a description of the roles, responsibilities, and escalation process should an information system disaster occur. It also provides guidance on the standard operating procedures for addressing information systems failures and service outages, including but not limited to:

• Power loss

• Database, critical system, and application file corruption

• Intrusion

• Network failures from ISP, VPN failure, and/or frame-relay failure

• Disk failure

• Server failure, including primary database and application server failure


CONFIDENTIAL 63

Data Backup Policy

A. Primary Production Environment – New York As part of its Premium Internet Collocation Data Center services, Verizon Business is contracted by Planet Payment Inc to provide optional backup and restoration services. All authorization and settlement data replication and synchronization for the OLTP and batch processing databases occurs in real-time daily, seven days a week. Planet receives daily from Verizon an email that reports all successful and unsuccessful backups. If a backup fails, a trouble ticket is automatically generated to Verizon’s backup team. Restoration of backup data is initiated and performed by Planet’s Network Operations Group. B. iPay Gateway & Disaster Recovery Environment - Delaware

Planet Payment Inc. has a contract with Iron Mountain (NYSE: IRM) to provide Record Management & Storage Solutions for all iPay Gateway authorization and settlement databases and all Planet production Disaster Recovery databases housed in its Delaware facility. Iron Mountain is an S&P 500 Company and is Ranked 644 of the Fortune 1000 companies. On a daily basis, seven days a week, all databases are replicated and backed-up first to disks and then to tapes. The backup tapes are picked-up by Iron Mountain three times a week (Monday-Wednesday-Friday) and stored at an Iron Mountain storage facility

II. Data Center Services

A. Primary Production Environment – NY

Verizon Business hosts Planet Payment Inc.’s production infrastructure at its Premium Internet Collocation Data Centers located in New York. Verizon Business is an operating unit of Verizon Communications (NYSE:VZ) and provides Planet Payment with a secure, dedicated managed environment to co-locate Planet’s hardware. Verizon Business does not control any of Planet Payment’s hardware, operating systems, databases or applications nor does it access any Planet Payment’s systems at the operating system, database, or application levels. Verizon provides network connectivity and power for the environment and manages the environmental safeguard systems. All of Planet Payment’s production hardware is located in a dedicated locked cage. Planet is responsible for building/staging its own infrastructure. The Verizon Business hosting service includes providing the following physical security and environmental safeguards:


CONFIDENTIAL 64

Summary of Verizon Business Physical Access and Environmental Controls

Physical Access Controls Environmental Controls 24/7 Uniformed Guard Pre-Active Sprinkler System 24/7 Video Surveillance Smoke and Heat Detection System Standardized Entrance & Delivery Procedures Fire Extinguishers Biometric Scanning Devices Uninterruptible Power Supply (UPS) systems Badge Access Systems Power Distribution Units (PDU) Exit and Entry Log Maintenance Diesel Power Generators Dedicated Planet Payment Secure Area (24/7) Automatic Transfer Switches Planet Payment Cage Secured By Tumbler Locks Environmental Alarm System Cage Keys Secured By Key Tags Raised Floor User ID and Password Required To Extract Keys Independent Redundant HVAC units Only Pre-Listed Authorized Staff & Guests Granted

Access Moisture Detectors

B. iPay Gateway & Disaster Recovery – Delaware The iPay Gateway and Disaster Recovery environments are hosted in the company owned data center. The Delaware data center has the following access controls: Dual badge access and bio-metric hand reader access controls; security panel with monitoring screens and 24/7 video surveillance. Environmental controls include raised floors with motion sensors; Independent redundant HVAC units; FM200 Clean Agent fire suppressors; uninterruptible power supply (UPS) system; diesel power generator; smoke and heat detection system; motion detectors throughout; and an environmental alarm and alerting systems.

III. Payment Card Industry Data Security Standards (“PCI”) 1 The major Card Associations, Visa and MasterCard International, require all service providers, like Planet Payment, Inc., that store, process, or transmit cardholder data to annually certify compliance with The Payment Card Industry Data Security Standards. To determine compliance, Planet Payment undergoes a PCI assessment by an independent third-party approved by the Associations. The PCI assessment process focuses solely on the security of Cardholder data, whether Planet Payment Inc. has effectively implemented information security policies and processes, and if there are adequate security measures to comply with the requirements to protect Cardholder data. Additionally, the assessment reviews whether Planet Payment Inc is employing payment industry data security best-practices.

The most recent assessment, dated May 2010 determined that, Planet Payment, Inc was compliant with PCI. A list of PCI compliant service-providers, including Planet Payment, Inc is available on the Visa USA web-site in pdf format.

1 The above statement regarding the independent third-party’s assessment of Planet Payment Inc’s PCI compliance is not covered within the scope of this SAS 70 examination and is included in this report for informational purposes only


CONFIDENTIAL 65

IV. Planet Payment Overview Planet Payment, an international payment and data processor, provides banks and merchants with innovative solutions for processing credit and debit card and other electronic payment transactions. We facilitate international commerce by allowing acquiring banks and merchants to accept process and reconcile transactions in multiple currencies.

We leverage our proprietary technology to “power” acquiring banks and processors, and provide them with new value-added solutions that they do not currently offer. Our position within the payment card transaction flow gives us the opportunity to develop and deploy innovative payment solutions for banks and merchants on an international basis, whether for transactions completed in the domestic currency, or the currency of the international cardholder.

Planet Payment has strategic partnerships with leading international acquiring institutions and processors in the United States, Canada, Europe, Asia Pacific, including Greater China, the Middle East and South Africa. The Company is headquartered in New York, with offices located in Atlanta, Beijing, Bermuda, Delaware, Hong Kong, London, Shanghai and Singapore. Planet Payment’s shares are traded on the AIM market of the London Stock Exchange (LSE: PPT and PPTR for unrestricted and Reg S shares, respectively) and on the OTCQX market tier operated by Pink OTC Markets Inc in the United States.

V. What We Do

. Planet Payment is a third party payment processor registered with Visa, MasterCard, American Express, JCB and Discover to process credit and debit card transactions and electronic funds transfers, on behalf of acquiring banks, processors and merchants. Planet Payment can deliver secure transaction data received from the point of sale (or a VAR, gateway or processor) through to the relevant Card Association or network via its own direct interfaces to those Associations. We can also deliver the data to other processors as required by the customer.

Planet Payment has developed a proprietary transaction processing platform which is scalable and currency-neutral. This enables us to support our customers wherever they and their merchants require our payment processing services. Multi-national merchants with international locations can process their transactions in different currencies on our single, global platform, receiving common reporting while using their preferred point-of-sale technology.

Our solutions work within the credit card infrastructure and integrate with acquiring banks, processors, and point-of-sale technology providers. Our proprietary technology also provides merchants with in-depth reporting of their payment transactions—giving them the data they need to enhance their service offering and improve their sales.


CONFIDENTIAL 66

VI. How We Earn Revenue

Planet Payment generates recurring revenue from processing transactions. We earn a share of the margin generated by the conversion from one currency to another, as well as fees for processing payment transactions and transaction data.

We also earn fees for additional services, which we provide to acquirers and merchants. The integration of Planet Payment’s systems with its partners’ processes enables the Company to generate recurring revenue from our partners’ transaction streams.

VII. Our Products Planet Payment offers a suite of innovative payment processing and data services that operate anywhere, anytime and in any currency.

Our domestic and multi-currency products are available through a variety of Internet payment gateways and point-of-sale applications. This allows merchants to offer Pay In Your Currency and Multi-Currency Pricing through their existing infrastructure. Our point-of-sale technology offerings include support of terminal applications in more than 15 countries including the United States, Canada, Asia-Pacific region, Middle East, South Africa and Europe. We also support integrated POS solutions in a range of industry verticals in those regions.

Planet Payment solutions are regularly upgraded and enhanced to support new payment technologies, including EMV, “chip and pin” smart cards and 3D secure solutions for e-commerce in a variety of business and technology environments.

Pay In Your Currency (PYC) PYC, a customer service feature where a credit or debit card purchase, initially priced in the merchant’s local currency is converted, in real-time, at the point-of-sale into the cardholder’s home currency. This service creates a personalized shopping experience for international customers, while merchants still receive reporting and settlement in their local currency. For example, a Hong Kong hotelier can help international guests from Australia feel at home by allowing them to pay for their stay in Australian Dollars, while still getting paid in Hong Kong dollars. FX Assured® FX Assured couples the convenience and certainty of Pay In Your Currency with the added benefit of a “Best Rate Guarantee’. With FX Assured, cardholders using their card at participating merchants receive an individualized exchange rate, which is calculated to be better than the effective rate charged by their issuing bank. If the rate happens to be higher, Planet Payment will refund 150% of the difference to the cardholder. This offering relies on the ability to mark-up individual transactions in real time using Planet Payment’s point-of-sale patent-pending technology.


CONFIDENTIAL 67

Multi-Currency Pricing (MCP) MCP is an important sales tool that helps e-commerce and mail/telephone order merchants target international consumers. With MCP, cardholders around the world can view merchants’ pricing and pay in their home currency, while the merchant still gets paid in its domestic currency.

For example, a US e-commerce merchant may target British and Japanese customers with pricing in Pounds Sterling in Japanese Yen, while still getting paid in US dollars.

MCP is also offered in the POS environment to enable retailers (such as duty free stores) to display pricing and offer their goods in multiple currencies.

iPAY Gateway In 2008 Planet Payment purchased assets comprising the iPAY® gateway and related business. The iPAY global gateway merchants to participate in e-commerce with a robust payment application that processes online retail payments, subscription management and recurring billing, at any time and in any currency. The gateway can also be used as a “virtual terminal” for merchants offering mail order or telephone order sales, for example at a call center.

Transaction Switching Our proprietary PlanetSwitch technology enables us to receive and transmit payment transactions between a wide variety of technology environments. This enables us to switch transactions from integrated POS systems to various payment processors and networks, as well as support switching of transactions for different card types in different countries such as JCB and American Express.

Global Consolidated Reporting and Data Analytics Reporting and Data Analytics is a key component of our transaction processing service. We process transactions through a single currency-neutral platform that allows for the reconciliation of different transactions types, completed in different currencies, at various times, across multiple regions, and diverse point-of-sale devices. The reporting at transaction-level and hierarchy level consolidated activity is provided through a single-user interface.

Our consolidated reporting capability provides transparency into credit card activity details irrespective of the acquirer, settlement currency, or point-of-sale system. Our reporting hierarchy allows the users to view their activity in a variety of different ways, including as a graphical summary—our Merchant Dashboard. Acquirers can view their results according to sales channels, merchants, and regions. Merchants can view their activity segmented along brands and locations, from a corporate chain summary to an individual property level.


CONFIDENTIAL 68

Merchant Dashboard

Buy Voice™ Buy Voice is our new mobile-commerce line of voice-recognition enabled mobile shopping and payment solutions. BuyVoice turnkey solutions are based on the premise that voice is prevalent across all mobile or landline phones and thus do not require any software downloads or additional technology to be present on the phone. Our mobile payment product, Payment BuyVoice™ lets merchants securely accept credit cards anywhere, anytime using any telephone at hand.


CONFIDENTIAL 69

VIII. Relationship Management Two major implementation issues handled as part of Relationship Management are merchant set-up and training. Merchant setup, whether through an automated file transfer or via faxed paperwork, requires understanding and accurate communication of numerous parameters that reflect the flexibilities offered by the Planet Payment MAS.

It is the responsibility of the Relationship Manager to ensure that Planet Payment partners understand how they can use Planet Payment’s web-based reporting in supporting each of a customer’s operational departments. On an on-going basis Relationship Managers are the first point of contact with partners supporting the full range of partner’s operational functions and issues, as well as new feature requests.

IX. Customer Support Planet Payment support services to individual merchant customers are driven by the merchant acquirer with whom the merchant has a primary relationship. The extent to which an individual merchant is aware of Planet Payment, has direct contact with Planet Payment, or has access to Planet Payment supplied online support tools is determined by that acquirer. As such, it is expected that Planet Payment will mostly serve as a secondary or tertiary support source (after their VAR or Gateway and Acquirer) for merchants experiencing problems. In contrast, Planet Payment will provide primary support services for customers including VAR’s, Gateway’s, Acquirers and Processors.

Direct support for problems identified as ‘Crisis’ or ‘Major’ is available 24 hours per day, 7 days per week, and 365 days per year. Problems with a lesser degree of urgency will be addressed during normal business hours (8AM – 6PM EST). The figure below presents a high level overview of the entry points to Planet Payment’s support process.

Planet Payment, Inc. - WikiLeaks Planet... · Description of Controls and User Control...

Documents

Transcript of Planet Payment, Inc. - WikiLeaks Planet... · Description of Controls and User Control...