About us

• Who we are
• What we do
  • Benefits of Visa
  • Products and services
  • Visa Consulting and Analytics
  • Technology
  • Payment security
  • Fees and interchange
• Business insights
• Innovation
• Management and governance
• Visa in Europe
• Annual report
• Corporate responsibility
• Contact us

Payment security

Security is fundamental to Visa Europe's business. By keeping the payments system secure, we protect cardholders, retailers and businesses and our members plus we drive business growth.

Fraud and business risk are constantly changing. This is why we are constantly working to evolve Visa Europe’s security infrastructure, to develop new security-led products and features and to reduce the impact of fraud when it happens.

We do this by working closely with our members, retailers and businesses, developing the tools and support to secure transactions.

Keeping the Visa payment system secure: EMV chip

Visa Europe plays an important industry role in defining the risk and fraud management standards that keep the payments system safe.

EMV chip card technology, for example, has been developed through specifications agreed by Visa, MasterCard and Europay and adds a new layer of protection against fraud. The EMV chip, embedded in the card, has significantly reduced counterfeit fraud, while the use of a PIN to identify the genuine cardholder prevent lost and stolen fraud. In markets where the use of chip and PIN is widespread, these types of fraud are at record low levels.

Our members work closely with the retailers and businesses they represent to ensure they comply with our risk management policies and practices.

Keeping the Visa payment system secure: protecting cardholder data

As fraudsters become more sophisticated, our attention has turned towards protecting not just the physical card, but the data that travels through the payment system.

The Payment Card Industry Data Security Standard (PCI DSS) is a set of global and industry-wide requirements, which are supported by all international payment card systems. PCI DSS was created by Visa and MasterCard in 2004.

PCI DSS is now owned and managed by an independent industry organisation (the PCI Security Standards Council), made up of representatives from all stakeholders in the card industry: banks, service providers, vendors, retailers and businesses.

Today, Visa Europe continues to lead the industry with new guidelines on the adoption of Data Field Encryption solutions to support PCI DSS compliance and keep cardholder data secure. Used properly, Data Field Encryption can rapidly improve security, reduce the cost of achieving and maintaining compliance and offers the flexibility needed to complement existing security measures.

Visa Europe’s Payment System Risk (PSR) programme - formerly the Account Information Security (AIS) programme provides help and advice on implementing PCI DSS to all organisations that accept or process card payments.

Developing new cardholder products and features

As e-commerce continues to grow, Visa cards must make buying goods and services online, as well as over the phone or by mail order, simple but secure.

• A card security code – the CVV2 – is a three-digit security code on the reverse of most types of Visa card that ensures the genuine card is being used when buying online
• Verified by Visa is a password-protected identity checking system, designed to counter online fraud and provide vital information to card issuers in the authorisation process, ensuring greater confidence in the transaction for all participants
• The Address Verification System (AVS) verifies a cardholder's billing address, helping retailers and businesses identify when goods are being dispatched to an unusual location. This is currently only used by retailers and businesses in the UK
• Visa Codesure is a dynamic password authentication that uses chip and PIN technology to generate a ‘one-time code’ which validates the genuine card and cardholder are both present when a transaction is made.

Closing down fraud as it happens

Fraudsters are constantly attacking the payments system. These attacks range from the very small, for example, an individual retailer/business skimming cards at a shop, right through to large-scale attempts to compromise data from a retailer/business or processor’s systems.

Behind the scenes, Visa’s fraud professionals are working constantly to identify patterns of fraud. Because we see fraud data from all of our card issuers, we are better able to ‘join the dots’ and identify where a potential problem exists. If, for example, we see reports of fraud on cards that have all been used in one particular location, we can alert our members to this fact. It is then over to the card issuers to act on this information.

Where substantial evidence exists, we support a process of forensic analysis to identify and shut-down the compromise.

The size of the task may be huge, but we are winning. The level of fraud on Visa Europe’s cards in 2009 remained at less than 6 cents for every €100 spent.

Stopping the fraudster in real time

In 2010, Visa Europe introduced Visa Europe Real Time Scoring – a tool which is expected to improve fraud detection rates by an average of 15% compared to other non real time systems.

Visa Europe Real Time Scoring uses neural network and predictive technologies to identify suspicious transactions in real time. A risk score is generated for each individual transaction as it passes through the Visa payment system, reaching the card issuer in milliseconds and helping them decide whether or not to accept a transaction.

Supporting Europe’s fight against fraud

Visa Europe works closely with both law enforcement agencies and the European Commission on ways to counteract card fraud. These measures have significantly helped to raise awareness of the impact of card crime and contributed to a reduction of fraud levels across Europe.

The European Commission’s Fraud Prevention Action Plan (FPAP) focuses on:

• The security of payment products and systems
• Co-operation between public authorities and the private sector
• Integration of new member states in the EU fraud prevention framework
• Closer ties with neighbouring countries to Europe who affect the fraud situation.

We support the plan and are involved in the fraud prevention expert group, the steering group and various subgroups. These groups play an important role in sharing information and best practice to prevent fraud, especially at cross-border level.