Visa demands online merchants tighten security
Visa is introducing minimum standards of security for Internet retailers using its services. The move is designed to boost confidence for online shoppers.
Online merchants who have taken a casual approach to Web security may have to knuckle down.
Visa International has unveiled a self-assessment test that the merchants must pass in order to keep accepting Visa cards. It's part of a wider effort by the company to boost consumer confidence in Internet shopping.
Merchants can download the test from Visa's Web site (www.visa.com/secured) and use it to see if they meet Visa's standards for security readiness--from hiring practices to their use of encryption technology, firewalls, and network- and database-security software.
Compliance is mandatory as of Nov. 15 in the US for new merchants, while those already accepting Visa have until Oct. 1, 2001, to comply.
"Better security overall will increase consumer confidence and increase sales," says Frank Prince, an analyst at Forrester Research covering E-business infrastructure. The test is the first of its kind to be required by a payment organization, he says. Visa will also insist that Web retailers prominently display privacy policies and information about online security capabilities.