Visa helps partners comply with security standard
The new service is part of Visa's Account Information Security program, which requires its partner entities that process, store or transmit Visa cardholder account and transaction information to comply with the Payment Card Industry Data Security Standard jointly developed by Visa and MasterCard. Merchants are required to meet PCI requirements by properly safeguarding cardholder data.
Available through the ScanAlert Web site, the service ensures Visa partners' systems are secure via three components. These are a self-assessment questionnaire; a quarterly vulnerability scan of Internet servers and network connection points; and an independent third party onsite review, depending on the monthly volume of transactions they handle.
Visa's acquiring banks may face financial penalties if they do not take the appropriate steps to ensure merchants and processors comply with PCI standards in protecting cardholders' information.
According to the company's Web site, there are over 246 million Visa cards in the Asia-Pacific region, and over US$504 billion worth of transactions are recorded annually.
Edward Lodens, head of Third Party Assurance of Visa Asia-Pacific's Payment Security Services, said in a media statement that the move comes at a time when "cardholders are increasingly concerned about the safety of their personal data" in the electronic payment realm.