| Monetra® Security and Compliance |
The Visa® Cardholder Information Security Program (CISP) is intended to ensure that merchants and service providers maintain the highest information security standards for protecting sensitive cardholder account data. Visa regulations require CISP compliance for all merchants and service providers that store, process, or transmit credit card information.
The newer Payment Card Industry (PCI) Data Security Standard is the result of a collaboration between Visa and MasterCard and is designed to create common industry security requirements that incorporate the CISP requirements. PCI offers a single approach to safeguarding sensitive data for all card brands, and consists of the following basic requirements:
• Build and Maintain a Secure Network
• Protect Cardholder Data
• Maintain a Vulnerability Management Program
• Implement Strong Access Control Measures
• Regularly Monitor and Test Networks
• Maintain an Information Security Policy
|
Payment Application Best Practices (PABP)
The goal of the Payment Application Best Practices program is to help software vendors create secure payment applications. To be considered secure, these applications must not retain full magnetic stripe data or CVV2 data and must support a merchant's ability to comply with CISP/PCI requirements.
Merchants must always provide verification of CISP compliance for their own systems. Depending on annual transaction volume, CISP requirements range from completing a self-assessment questionnaire to engaging an independent security assessor for conducting annual on-site security audits.
Visit www.visa.com/cisp and contact your bank, processor, or acquirer for more information.
|
|
|
|
|
