Visa clients must comply with the Payment Card Industry Data Security Standard (PCI DSS), a comprehensive security standard intended to help organizations proactively protect customer account data. Visa acquirers that are directly connected to VisaNet and/or
who process on behalf of other Visa clients must demonstrate PCI DSS compliance to Visa every 12 months. Visa has discretion to require any acquirer or its service providers to demonstrate compliance.
Visa is simplifying PIN security compliance
Visa acquirers must ensure that their acquiring third party agents who participate in the Visa PIN program perform their compliance validation no later than December 31, 2015.
Acquirers play a critical role within the global payments infrastructure, and we are in a unique position to offer services, solutions and insights that contribute to your success. We work with you to expand your merchant portfolio, increase acceptance and reduce merchant attrition.
Visa acquirers are required to register all third party agents they use, or their merchants use, to ensure compliance with Visa Rules and policies regarding the use of Third Party Agents (TPA). The TPA Registration Program helps Visa and acquirers better manage TPA relationships.
Visa acquirers must perform due diligence prior
to using any TPA and must ensure they have policies and procedures in place to
ensure proper oversight and control of the TPA regarding their Visa program.
Visa developed the Payment Facilitator and Marketplace Risk Guide for acquirers to use and share with the payment facilitators and marketplaces they sponsor. This guide contains risk management information designed to assist those new to the payment system as well as seasoned organizations.
Visa provides valuable information regarding the latest data security trends, data breaches and attack vectors, best practices, and Visa compliance programs through an on-going series of conferences, webinars and training sessions.