Visa offers to help e-merchants meet new security guidelines

By Maria Trombly

March 2, 2001 12:00 PM ET

Computerworld - Visa U.S.A. Inc. this week said it and the banks that issue credit cards under its name are launching a program to help online retailers and other Internet-based merchants comply with a set of security guidelines due to take effect in May.

Online retailers are required to take steps such as installing firewalls, encrypting stored data and using antivirus software under the new guidelines, which were detailed last year (see story). Foster City, Calif.-based Visa announced on Wednesday that it will offer training sessions, interactive reviews and consulting on compliance and monitoring, in addition to handing out information on third-party firms that specialize in security testing.

An Internet-based training program should be rolled out to the company's member banks within the next two weeks, said a Visa U.S.A. spokeswoman. The banks will then provide their merchant clients with access to the training, which is being developed as part of Visa's Cardholder Information Security Program (CISP) initiative.

John Shaughnessy, senior vice president of risk management at Visa, said in a statement that the CISP effort is aimed at giving shoppers using the Internet "the same security online that they have come to expect in the physical world." He described the requirements developed by Visa as "a virtual deadbolt."

The new guidelines also require the top 100 e-commerce merchants based on their Visa transaction volumes to have their online security procedures evaluated by an outside accounting or Internet security firm. Other online retailers will be subject to random security reviews by Visa, the company's spokeswoman said.

Related stories:

Web site upgrades leave some customer data vulnerable, Feb. 22, 2001

Protesters hack World Economic Forum's computers, Feb. 5, 2001

Banks announce release of Visa 'smart' cards, Sept. 14, 2000

American Express offers disposable credit card numbers for online shopping, Sept. 7, 2000

Recommend Digg Twitter ShareThis

Email Print Send Feedback Reprints

Additional Resources

POLL RESULTS

Leading IT Pros Weigh In on Top IT Issues

Accelerate your knowledge of the IT world you inhabit by viewing the results of a series of polls taken by your IT peers. These polls of 100+ IT professionals each are available for full viewing. They cover key topics such as virtualization, processor performance, green IT, cloud computing and many others. Be a part of the buzz.

WHITE PAPER

For Best Results, Think Beyond the Box

Technology is complex. Keeping it running productively shouldn't be. To that end, you want to minimize the number of solutions needed in-house to simplify operations, maintenance, and support. Kodak offers a best-practices model. One company provides support for both scanner and software, for fast problem resolution without vendor finger-pointing. Download now!

WHITE PAPER

Accelerating the Path to Demand Intelligence with a Demand Signal Repository

Utilizing demand intelligence improves the precision of pricing, product assortments, channel/store placement, and promotion, which are all essential for sustainable revenue management performance. Learn more, download this free whitepaper today.

White Papers & Webcasts

Sustaining SOX Compliance: Best Practices to Mitigate Risk, Automate Compliance, and Reduce Costs
Since the adoption of SOX, much has been learned about IT compliance. Discover how to make SOX efforts more effective in "Sustaining Sox...

Data Protection and Disaster Recovery with iSCSI and VMware
Data protection and disaster recovery are top of mind for any IT manager, and the challenges of complexity and cost remain as obstacles....

IDC White Paper: CCM for IT Compliance and Risk Management
Learn from industry analysts how IT organizations are using configuration management to meet compliance requirements and instill best practices. Find out how these...

Usability Is Everything
Learn what sets Workday's HR and Payroll solutions apart from the competition....

Keep it Clean: Maintaining the Integrity of your CMDB through Change Detection
Learn how configuration drift can challenge configuration management database (CMDB) integrity and how a configuration audit tool and an effective change management process...

The Value of Real SaaS at Workday
Cost savings, speed to value, and innovation brought to the enterprise by Workday's software-as-a-service solutions for HR and Payroll....

The Tripwire HIPAA Solution: Meeting the Security Standards Set Forth in Section 164
HIPAA requires businesses that handle personal health information (PHI) to set up strong controls to ensure the security and integrity of that information....

SaaS at Flextronics, Inc.
Dave Smoley, CIO of Flextronics, discusses the real value of software-as-a-service and why he chose Workday for his HR solution....

Configuration Assessment: Choosing the Right Solution
Configuration assessment lets businesses proactively secure their IT infrastructure and achieve compliance with important industry standards and regulations. Learn why configuration assessment is...

Why Compliance Pays
This OnDemand webcast explores the relationship that firms with best compliance records have higher revenue, greater customer retention, lower financial losses from data...

All White Papers | All Webcasts