At Visa, we are committed to connecting and protecting the digital payments system and its users through a multi-layered approach.
For annual programmatic and progress updates, please see our ESG Resources page for our latest ESG Report.
At Visa, we are committed to connecting and protecting the digital payments system and its users through a multi-layered approach.
For annual programmatic and progress updates, please see our ESG Resources page for our latest ESG Report.
We aim to increase transaction approvals so that businesses can thrive while customers are protected and satisfied—no matter where or how they pay or are paid.
At Visa, security is composed of three key areas:
The Visa Intelligent Security framework offers our ecosystem partners dynamic, data-rich solutions that help balance fraud reduction and dispute prevention. The Intelligent Security framework spans the entire transaction lifecycle:
Visa helped prevent an estimated $27 billion in fraud in 2022.
Recognizing that the cyber threat landscape continues to evolve, Visa is committed to championing cybersecurity within our operations. We use an established risk assessment methodology and framework to identify cybersecurity risks and associated business impacts.
At Visa, we build and use AI to detect and secure cyber threats. We approach cybersecurity with a layered defense-in-depth strategy. We further advance our capabilities based on our core areas of focus, including enhancing our architecture, expanding our data security program to include unstructured data, and conducting continuous security and efficacy efforts.
We leverage the following components to enact our cybersecurity strategy across the business:
Our cybersecurity approach is supported by robust governance processes that involve regular reporting to management- and Board-level committees responsible for risk management and cybersecurity oversight. We provide regular updates to the full Board, including an annual in-depth review.
Over the past several years, Gartner Consulting assessed Visa’s security posture and assigned Visa its highest rating among peer companies for the overall maturity of our cybersecurity program.
Building trust begins with a commitment to privacy and security, which instills confidence in our employees and clients, protects our brand and allows us to innovate responsibly. We also recognize that data is a powerful tool that can fuel innovation, improve customer experiences, safeguard consumers from fraud and deliver new value to consumers.
Our focus is simple: to use the data entrusted to us in a responsible manner to benefit consumers and help businesses and economies grow. We embed these and other practices through a robust privacy program that allows us to measure and monitor organizational practices. We strive to be transparent about our data practices. To learn more about how Visa collects, uses and shares Personal Information, as well as the privacy choices we offer, please refer to our Visa Global Privacy Notice.
Visa’s Global Privacy Office, composed of dozens of privacy professionals around the world, is led by Visa’s Chief Privacy Officer and closely coordinates with several cross-functional teams and governance bodies, including the Cybersecurity team and Global Data Office.
The Corporate Risk Committee and the Visa Inc. Audit and Risk Committee oversee the Global Privacy Program and the risks related to data privacy, including our compliance with current and emerging data protection laws around the world.
When it comes to data at Visa, our focus is simple: to use the data entrusted to us to enable individuals, businesses and economies to thrive. Visa relies on data to improve the security and value of the Visa network, better serve our clients and partners, protect consumers from fraud and drive positive impact for communities and economies around the globe.
We recognize consumers are concerned about how their data is collected, used, shared and kept secure.
At Visa, we have adopted policies and practices designed to embed accountability for data practices throughout the organization and enable responsible execution through the expertise of dedicated security, privacy and data professionals working around the world on these topics.
Security: Individuals and businesses should have confidence that Visa payment data is safe. There is no higher priority for Visa than safeguarding those who use our products, services and network.
Control: Visa will always strive to provide simple explanations regarding how data may be used and to empower individuals with easy processes to manage use of their data.
Value: Data use at Visa should benefit individuals, businesses and economies. We strive to do this by delivering greater security, financial inclusion and consumer convenience.
Fairness: Visa’s application of data and data-driven insights aims to be fair, inclusive and avoid discrimination. Visa will strive to make our models explainable, accurate and safe.
Accountability: Visa’s approach to data use should be consistently applied at all levels of the organization and be embedded through process, training, and management responsibilities.
The application of these principles may evolve over time, adapting to new privacy and data-related regulations and standards that may emerge, based on the needs of consumers, businesses and economies. As Visa’s business moves into new technologies, payment flows and value added services, we are committed to engaging with policymakers and regulators worldwide to participate in the development and harmonization of data focused laws, regulations and standards.
Security: In pursuit of innovation, Visa strives to deploy AI systems with confidentiality, integrity, and reliability to help ensure robust levels of security and safety for the individuals, businesses, and partners participating in its payments ecosystem. Through appropriate audit and monitoring across the lifecycle of AI systems, Visa aims to uphold quality, prevent misuse, protect data privacy and security, and detect and respond to potential adverse events.
Control: Visa aspires for transparency and appropriate consumer choice and control over data in its AI systems, including explaining the purpose, design, inputs, and outcomes of its AI systems. Visa works to deploy AI systems that respect privacy by design, with controls and governance to create a trusted, confidence-inspiring, ecosystem for individuals, businesses and partners.
Value: Visa invests in and employs AI to drive innovation and support its mission to uplift everyone, everywhere by being the best way to pay and be paid. Visa seeks to create value for individuals, businesses, and economies by innovatively deploying AI systems that promote financial inclusion, consumer convenience, and benefits across the payments ecosystem.
Fairness: In developing AI systems, Visa pursues programs to promote responsible innovation and the ethical use of AI, protect individual rights, and build societal confidence in AI. Visa aims to deploy fair AI systems by reviewing potential risks, unanticipated biases, and adverse impacts throughout the AI lifecycle. Visa strives to act ethically and minimize the risk of unfair outcomes through human oversight of design, data, production output and intended purpose of all AI systems.
Accountability: While striving towards the full potential of AI systems, Visa works to align decisions made or informed by AI with the organization's values and clearly define roles and responsibilities across technology, operational and management stakeholders. Visa is accountable for its use of its ecosystem participants’ data in AI systems and strives to utilize privacy-enhancing techniques to safeguard all stakeholders’ privacy. Visa educates and trains employees to drive responsible AI use and innovation to uphold Visa’s commitment to responsible AI.
Visa connects the world through the most innovative, reliable and secure payments network—enabling individuals, businesses and economies to thrive. Visa is committed to maintaining the integrity of our payment system. We do not tolerate the use of our network and products for illegal activity, and we are vigilant in our efforts to deter illegal activity on our network.
The Visa Integrity Risk Program establishes a set of ecosystem controls, requirements and capabilities that seek to deter, detect and remediate noncompliant transactions across our network. This framework helps network participants that support merchants in legal businesses that are at higher risk for illicit activity maintain proper controls and oversight processes to identify and deter unlawful transactions from entering the Visa payment system.
As part of the Program, Visa: