• Payment security

• Card-not-present security

• Account information security

• AIS: Visa's compliance programme
• Benefits of implementing PCI DSS
• Requirements for all organisations
• Advice for your business
• In case of a compromise
• Downloads and resources

Requirements for all organisations

The industry standard, PCI DSS, includes 12 key requirements for organisations that accept or processes card payments:

1. Install and maintain a firewall configuration to protect data
2. Do not use vendor-supplied defaults for passwords or other security parameters
3. Protect stored data
4. Encrypt the transmission of cardholder data and sensitive information
5. Use and regularly update anti-virus software
6. Develop and maintain securer systems and applications
7. Restrict access to data by business need-to-know
8. Assign a unique ID to each person with computer access
9. Restrict physical access to cardholder data
10. Track and monitor all access to network resources and cardholder data
11. Regularly test security systems and processes
12. Maintain a policy that addresses information security

Advice for your business – we provide further information for acquiring banks, merchants and service providers.

Downloads and resources – a range of tools and documents relating to Visa’s AIS programme.