ATM Locator

• Why accept Visa?
  
• Accepting
  chip cards
  
• When cards are not present
  • Selling on-line
  • Mail and telephone order
  • Recurring payments
  
• Everyday retailing
  • Supermarkets
  • Fuel service stations
  
• Quick-service restaurants
  
• Travel and entertainment
  
• Data Security
  
• Programmes and partnerships
  

When customers offer their payment card at the point of sale, over the Internet, on the phone, or through the mail, they want assurance that their account information is safe. This is why Visa CEMEA has instituted the Account Information Security programme (AIS).

Visa leads the way
In 2000, Visa was the first to come up with a set of security standards and best practices designed to protect the confidentiality, availability and integrity of customer account and transaction data. The Account Information Security (AIS) Programme was globally mandated in 2001. This programme helps you as merchants, payment processors and service providers to take the necessary steps to store the account and transaction information of a Visa cardholder safely.

Who does AIS apply to?
Any organisation processing, storing or transmitting Visa cardholder account and/or transaction information must adhere to the requirements of the AIS Program. This includes acquirers, merchants, processors, gateways and Internet payment service providers, plus other third party service providers such as network providers, data consolidators, media back-up companies and web hosting companies.

Industry collaboration
Recently Visa and MasterCard have aligned Visa’s AIS and MasterCard's Site Data Protection (SDP) programmes to create a worldwide standard to protect consumer data across the payment industry. This is known as the Payment Card Industry (PCI) Data Security Standard.

The PCI Data Security Standard consists of 12 key requirements for protecting Visa cardholder account and transaction information:

PCI Data Security Standard
Build and Maintain a Secure Network	1. Install and maintain a firewall configuration to protect data 2. Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data	3. Protect stored data 4. Encrypt transmission of cardholder data and sensitive information across public networks
Maintain a Vulnerability Management Program	5. Use and regularly update anti-virus software 6. Develop and maintain secure systems and applications
Implement Strong Access Control Measures	7. Restrict access to data by business need-to-know 8. Assign a unique ID to each person with computer access 9. Restrict physical access to cardholder data
Regularly Monitor and Test Networks	10. Track and monitor all access to network resources and cardholder data 11. Regularly test security systems and processes
Maintain an Information Security Policy	12. Maintain a policy that addresses information security