Visa attempts to limit data vulnerability
July 22, 2010 by Steve HannafordPosted in: Dealers & Channel, In this week's e-newsletter, Latest News & Views, Security
Visa, Inc., recently announced a new payment security plan that it hopes will reduce the risk of data fraud and identity theft in its system of credit and debit cards. That could be good for both Visa and any company that accepts credit card payment.
The point of the move is to minimize the need of merchants to hold card data.
A ComputerWorld article explains the current problem:
“Many must do so because credit card issuing banks and the merchant’s own financial institutions require the full 16-digit primary account number (PAN) in order to resolve refunds, charge backs and other customer disputes. In some cases, large retailers also voluntarily store PAN data, either because they need it internally or because of legacy systems.”
The new Visa initiative will push the companies (mostly banks) that issue Visa cards not to require merchants to hold the full card data. The company has come up with a scheme that will use proxy numbers (so-called “tokens”) in order to be available to resolve any later disputes.
The move is a response to complaints from the NRF (National Retailer Federation). which has been fighting against the necessity of holding and securing full card data, a major problem especially for smaller merchants.
Eduardo Perez, head of global payment system security for Visa, stated: “By reducing the amount of vulnerable data in merchant systems that must be protected from compromise, merchants can see greater security as well as more streamlined compliance needs.”
DocuCrunch.com delivers the latest IT and Imaging news once a week to the inboxes of over 200,000 IT and Imaging professionals.
Click here to sign up and start your FREE subscription to DocuCrunch!
Tags: credit parks, merchants, Visa
Loading ...
