Visa, the leading credit card network, has announced a series of
security guidelines that on-line merchants and ISPs will soon need
to follow if they want to keep accepting the card for web site
transactions.
Visa said its decision was based on combating on-line fraud and
on boosting consumer confidence in e-commerce. The new requirements
will be phased in world wide over the next year. They will be
mandatory for all ISPs assisting Visa transactions by the end of
this year, and for all on-line merchants by the end of 2001.
Although the detail of the requirements is not yet known (it is
expected in a few weeks), they range from educating employees on
security procedures to implementing secure firewall and encryption
technologies. Enforcement is expected to involve fines, restricting
the value of sales that individual merchants can process, or
terminating their Visa membership.
