Computeruser.com
Latest News

Visa Program Encourages Merchant Adoption of EMV Chip as Path Toward Dynamic Authentication

SAN FRANCISCO Feb. 9, 2011

the United States March 31, 2011 Europe

Ellen Richey $100

the United States

Bill Sheedy

International merchants may qualify for the program if they have either previously validated PCI DSS compliance, or provided a plan to come into compliance, and if they have not been involved in a recent material breach of cardholder data. Merchants involved in a compromise will be eligible for participation subject to subsequent PCI DSS compliance validation. Merchants that do not meet the program’s EMV terminalization requirements, including merchants whose transaction volume is primarily from eCommerce and MO/TO acceptance channels, are still required to validate their PCI DSS compliance annually in accordance with Visa compliance programs. Qualifying merchants must continue to protect any sensitive data that remains in their care by ensuring their systems do not store track data, security codes or Personal Identification Numbers (PINs), and that they continue to adhere to the PCI DSS standards as applicable. More details about the program, including a full list of eligibility requirements, are available at Visa.com/CISP.

Jim McCarthy

Background

As a result of increased focus on data security, the commercialization of new security technologies such as encryption and tokenization, and growing global EMV chip adoption, many merchants are seeking guidance to ensure they are investing for the future when they upgrade their acceptance environments. Because Visa recognizes the security benefits of dynamic authentication, enabled by chip, it is offering tangible benefits to merchants who shift or expand their POS infrastructure to become chip enabled. As part of the terminal refresh cycle or when incorporating new security technology like encryption or tokenization, Visa encourages all merchants to move toward dynamic data through the adoption of dual contact/contactless terminals.

Globally, Visa continues to support a range of cardholder verification methods (CVMs) including signature, PIN and no-signature for low-value, low-risk transactions, maintaining interoperability across those methods with technical standards, business rules and compliance programs. PIN usage will continue to depend on merchant terminal adoption, issuer activation and cardholder choice at the point of sale.

Layered Approach to Data Security

Visa has taken a comprehensive and layered approach to payments security with a dual focus: protecting card data wherever it is found in the payment eco-system, and making strategic investments in technologies that enable stakeholders to respond to compromises and prevent fraud. Examples include:  

  • Data Protection
    • Drive global PCI DSS compliance. More than 76 percent of the world’s largest retailers have validated compliance with the security standard.  
    • Execute an effort to ensure that merchants do not store prohibited data elements, including card security codes and PIN data. Today, almost all Level 1 and 2 merchants globally have conformed to this practice.
    • Support the adoption of contact EMV chip to introduce dynamic data used for authentication, thereby reducing data available for fraudulent use.
    • Publish best practices on PAN elimination/truncation, tokenization and encryption, which are available at Visa.com/CISP.
  • Technology Investments
    • Develop the 3D-Secure payment infrastructure that is the backbone of Verified by Visa and is now used by American Express, JCB and MasterCard to facilitate dynamic authentication.  
    • Innovate network technology such as Visa Advanced Authorization, which uses transactional data to provide an instant risk-score to card issuers – right in the authorization message.
    • Invest in CyberSource to deliver best-in-class fraud management services globally. CyberSource’s suite of products provides online retailers with tools to better manage and stop fraud before it happens.

Visa will provide technical guidance over the coming months to further support merchants, acquirers, processors and issuers as they consider adopting EMV chip technology.  

About Visa Inc.: www.corporate.visa.com

December 22, 2010

SOURCE Visa Inc.

Leave a comment

seks shop - izolasyon
basic theory test book basic theory test