How to practice safe B2B

Thursday, 20 June 2002, 3:12 AM EST

In summer 2000, Visa unveiled its "Digital Dozen," a list of security requirements calling for firewalls, encryption, testing and access policies that its service providers and merchants must have as a condition of doing business with Visa. That's right—if a bank or merchant can't play by these rules, they don't play with Visa.

Visa's merchants and service providers must annually demonstrate compliance, through an online self-assessment for Mom-and-Pop shops and extensive third-party audits for merchants or service providers handling large volumes of cardholder information. And if a merchant refuses to comply, Visa can fine the bank that processes that store's transactions. Then it's up to the bank to punish the merchants. "Eventually, if we don't have proof from an independent third party that you qualify with our requirements, we really don't want you to take the card," says John Shaughnessy, Visa USA's senior vice president of risk management in Tampa, Fla.

[ Read more ]




Spotlight

(IN)SECURE Magazine issue 43 released!

Posted on 16 September 2014.  |  (IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. This issue covers web application security, mobile hacking, certification, Black Hat, and much more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Wed, Sep 17th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //