Visa Asia Pacific Launches Account Information Security

Thursday 29 April 2004 08:21 CET | News

Visa Asia Pacific has launched a program to protect all Visa cardholder account and transaction information by preventing unauthorized disclosure or modification of the data.

Visas Account Information Security (AIS) program is designed for all entities that process, store or transmit Visa cardholder account and transaction information. Merchants, processors and Internet payment service providers in Visas acceptance chain must comply with the AIS program to ensure that their data security measures are robust and stringent enough to safeguard sensitive customer data. To help facilitate compliance with the program, AIS is providing online assessment and validation tools. Through the AIS web site at, merchants and their service providers can assess their own vulnerability to Internet hacking or other security breaches. The online self-assessment tool is free of charge and the business input will be kept confidential with analysis of the self-assessment questionnaire being undertaken by third party information security specialists. The results of the test will help the businesses identify and improve their security and risk management processes to better protect customer data. AIS online accessibility makes it easier for the parties handling Visa cardholder information, to implement and enforce the industry-setting security standards and for Visa’s members to monitor compliance with the program. AIS standards comprise 15 security controls to ensure that a business organizational, physical and logistical areas maintain the confidentiality, availability and integrity of sensitive account and transaction data. The 15 mandatory requirements help protect data throughout the entire life cycle of a transaction, focusing on critical security areas such as human resource, access, firewalls, virus protection, data disposal, encryption and physical security. These requirements are based on industry standards and best practices. Visa has appointed Qualified Security Assessors to help larger merchants and processors review their operations against the AIS standards. The assessors will provide consultancy services and help the larger, more sophisticated merchants and processors validate their compliance. Visa has also engaged a security firm - Dimension Data - to provide vulnerability scanning - a non-intrusive scan that does not disrupt merchants systems, but is able to identify areas where a hacker may possibly penetrate the system. By identifying the vulnerabilities in its network, a merchant or processor can then take the necessary corrective and preventive actions to manage the risk. The test phase of the AIS program in Asia-Pacific began in late 2003, with a key focus on e-commerce merchants. Working with its member financial institutions around the region, Visa is now stepping up the validation and education of processors and service providers which might have greater exposure to possible account compromise.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: ,
Categories: Payments & Commerce | Payments General
Countries: World
This article is part of category

Payments & Commerce