Visa offers to help e-merchants meet new security guidelines

By Maria Trombly

March 2, 2001 12:00 PM ET

Recommended

(1)

Digg

Twitter

Share/Email

Computerworld - Visa U.S.A. Inc. this week said it and the banks that issue credit cards under its name are launching a program to help online retailers and other Internet-based merchants comply with a set of security guidelines due to take effect in May.

Online retailers are required to take steps such as installing firewalls, encrypting stored data and using antivirus software under the new guidelines, which were detailed last year (see story). Foster City, Calif.-based Visa announced on Wednesday that it will offer training sessions, interactive reviews and consulting on compliance and monitoring, in addition to handing out information on third-party firms that specialize in security testing.

An Internet-based training program should be rolled out to the company's member banks within the next two weeks, said a Visa U.S.A. spokeswoman. The banks will then provide their merchant clients with access to the training, which is being developed as part of Visa's Cardholder Information Security Program (CISP) initiative.

John Shaughnessy, senior vice president of risk management at Visa, said in a statement that the CISP effort is aimed at giving shoppers using the Internet "the same security online that they have come to expect in the physical world." He described the requirements developed by Visa as "a virtual deadbolt."

The new guidelines also require the top 100 e-commerce merchants based on their Visa transaction volumes to have their online security procedures evaluated by an outside accounting or Internet security firm. Other online retailers will be subject to random security reviews by Visa, the company's spokeswoman said.

Related stories:

Web site upgrades leave some customer data vulnerable, Feb. 22, 2001

Protesters hack World Economic Forum's computers, Feb. 5, 2001

Banks announce release of Visa 'smart' cards, Sept. 14, 2000

American Express offers disposable credit card numbers for online shopping, Sept. 7, 2000

Read more about financial in Computerworld's Financial Knowledge Center.

Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Jump to comments

Financial

Additional Resources

Microsoft

DirectAccess and UAG: Better Together

Here are some of the key reasons why you would want to run Unified Access Gateway with DirectAccess.

Microsoft

Case Study: Energy Firm Tightens Protection, Simplifies IT Work

Review how one energy firm tightened protection and simplified IT work using business-ready security solutions.

Sybase

NEXT-GENERATION MOBILITY PLATFORMS

In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.

Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.