Visa Sets Software Security Deadlines

SAN FRANCISCO — Visa has announced global requirements for financial institutions to ensure merchant customers and agents use secure payment applications.

With the requirements, payment application providers and service providers must not store prohibited data elements and adhere to the Payment Card Industry (PCI) Payment Application Data.

A deadline has been set for July 1, 2010, for U.S. and Canada Visa acquirers to ensure Data Security Standard (DSS) compliant applications are being used.

In Asia Pacific, Central and Eastern Europe, Middle East and Africa, Latin America and the Caribbean Visa acquirers the deadlines for Visa acquires also is July 1, 2010. By July 2012, however, those acquirers must ensure existing merchants and agents in the Visa network use DSS compliant applications.

In a press release, Visa said that vulnerable payment applications are a major cause of credit card fraud.

"Criminals are targeting certain versions of software known to have security vulnerabilities," said Eduardo Perez, Visa’s head of global data security. "It's essential that every business that handles payment card information adhere to the highest data protection standards to protect the security and privacy of their customers' financial information."

The company also said it recommends merchant and agents ask their payment application vendors, resellers or system integrators to confirm that software versions used don’t store magnetic strip data, PIN or security codes.

As a payment service provider CCBill is responsible for maintaining a Level 1 PCI DSS compliance — which is the highest level of compliance.

“With our PCI DSS compliance, we are responsible for an annual onsite audit by a qualified security assessor,” CCBill Vice President of Marketing Laurie Biviano told XBIZ. “During these audits, our auditing firm inspects a range of security initiatives in our systems, process flow, resource pools, infrastructure and facilities.

“CCBill follows a methodology that acknowledges the Visa protocols and the PCI DSS as a foundation to our data security. But to achieve the higher levels of security that we [and our clients] demand of ourselves, we take a more holistic approach and incorporate security into all of our processes, assets and resources, instead of focusing on a ‘checklist.’ Thus, the PCI DSS and Visa protocols are good starting points and an integral part of any security policy.

Internet payment services provider CommerceGate renewed its certification as a Level 1 PCI-DSS compliant merchant in late July.

"We are very proud to continue to operate at the highest level of PCI compliance,” CommerceGate CEO Bjorn Skarlen said in an earlier report. “It makes perfect business sense to us, as we strive to offer the safest and best solutions on the market. Our certification demonstrates our dedication to maximum security and anti-fraud measures, and it is good to be able to show that our hard work is really paying off."

CommereGate also offers 3D Secure, which is used as an optional added layer of security for online credit and debit card transactions. It was developed by Visa to improve the security of Internet payments and is offered to customers as the Verified by Visa service. MasterCard offers a similar service called MasterCard SecureCode.

"The more trust we can inspire in the end user, the better," Skarlen said. "Knowing that their credit card information and money are safe means that customers are more confident signing up and also likely to spend more money per transaction, which in turn improves the profits of our clients."

Copyright © 2024 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More News

Author of UN Report Recommending Worldwide Criminalization of Sex Work, Porn to Speak at NCOSE Summit

Jordanian activist Reem Alsalem — a Special Rapporteur on violence against women and girls at the United Nations Human Rights Council who recently issued a controversial report recommending that governments abolish all forms of sex work, including porn — will be one of the speakers at anti-porn lobby NCOSE’s 2024 summit in August.

Champs Hires Joe Prestia as Senior Account Manager

Champs Trade Shows has hired industry veteran Joe Prestia as its new senior account manager for adult boutiques.

Spicey AI Voice Chat Platform Launches

Spicey AI, a platform that uses artificial intelligence to create interactive voice messages from chatbots based on adult performers, has launched.

Orion Debuts Javida Licking and Thrusting Vibrator

Orion Wholesale has introduced the new Licking and Thrusting Vibrator from its Javida line.

Derek Hay Sentencing Hearing: Performers Give Impact Statements

The first day of the sentencing hearing for LA Direct Models’ Derek Hay, who pleaded guilty in May to one charge of conspiracy to commit pandering and a charge of perjury, took place in Los Angeles Wednesday.

Wicked Sensual Care Debuts 'Tropical Trio' Lube Set

Wicked Sensual Care has introduced the new Tropical Trio personal lubricant set from its Simply line.

Utherverse to Host 8th Annual VirtualCon in September

Virtual reality and metaverse technology company Utherverse will hold the eighth edition of its annual virtual conference, VirtualCon, in September.

The Dungeon Store Debuts 'Shelob' Conductive Flogger

The Dungeon Store has released the Shelob Violet Wand conductive e-stim flogger.

Pornhub Shuts Down Access in Nebraska Over Age Verification

Aylo has blocked access to Pornhub in Nebraska as of last Monday, days before the state’s new age verification law — one of many such bills promoted by religious conservatives around the country — is scheduled to go into effect Thursday.

Orion Intrduces Vibrating Cock Ring From 'Black Velvets' Line

Orion Wholesale has introduced its new, vibrating Cock Ring With RC Butt Plug, from its Black Velvets line.

Show More