Digi-Key Corporation Successfully Completes AmbironTrustWave MCCP Certification

Digi-Key Corporation Certification Compliance Report

* AmbironTrustWave conducted a Multi-Card Compliance Program (MCCP) audit for Digi-Key Corporation. AmbironTrustWave's MCCP enables acquirers, processors, merchants and other service providers who store, process and/or transmit cardholder information to verify compliance with the card association data security programs.

To successfully complete an MCCP audit, an external vulnerability scan must be conducted by AmbironTrustWave. The report produced from such a scan must not contain High Level risks.

On 01/27/2005, AmbironTrustWave conducted its first vulnerability scan for Digi-Key Corporation. The scan was performed using AmbironTrustWave Vital Signs, a purpose built payment industry compliance system. AmbironTrustWave performed an in-depth security scan of the provided host(s). No High Level risks within the Digi-Key Corporation environment were identified.

This letter certifies that Digi-Key Corporation has successfully completed the AmbironTrustWave MCCP certification, and, as a result, verifies Digi-Key Corporation as compliant with the card association data security programs listed below:

• Discover DISC (Discover Information Security and Compliance)
• MasterCard SDP (Site Data Protection)
• Visa Canada AIS (Account Information Security)
• Visa USA CISP (Cardholder Information Security Program)

Sincerely,

AmbironTrustWave

*  Founded in 2002, AmbironTrustWave is an independent information security advisory firm providing enterprise information security solutions to large and mid-sized businesses. By combining industry-certified experts with best-of-breed technologies, AmbironTrustWave develops and delivers cutting edge solutions that mitigate risk and enhance the bottom line. More about AmbironTrustWave