A Thing
The Green SheetGreen Sheet

Thursday, November 1, 2007

More mandates coming from Visa

Visa logo Visa Inc. will issue a series of five security mandates pertaining to payment applications starting Jan. 1, 2008. In a bulletin issued Oct., 23, 2007, Visa stated the mandates "require acquirers to ensure their merchants and agents do not use payment applications known to retain prohibited data elements and require the use of payment applications that adhere to Visa's Payment Application Best Practices (PABP)."

The mandates take effect over three years. Visa provided a summary of each:

  • Jan. 1, 2008: Newly boarded merchants must not use known vulnerable payment applications, and VisaNet Processors (VNPs) and agents must not certify new payment applications to their platforms that are known vulnerable payment applications.

  • July 1, 2008: VNPs and agents must only certify new payment applications to their platforms that are PABP-compliant.

  • Oct. 1, 2008: Newly boarded level 3 and 4 merchants must be Payment Card Industry (PCI) Data Security Standard (DSS) compliant or use PABP-compliant applications.

  • Oct. 1, 2009: VNPs and agents must decertify all vulnerable payment applications.

  • July 1, 2010: Acquirers must ensure their merchants, VNPs and agents use only PABP-compliant applications.

To download Visa's full Oct. 23 bulletin, visit www.greensheet.com/mc/visacisp_oct2007.pdf . For a list of PABP-validated applications, visit www.visa.com/pabp . end of article

The Green Sheet Inc. is now a proud affiliate of Bankcard Life, a premier community that provides industry-leading training and resources for payment professionals. Click here for more information.

Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.

2020 2019 2018 2017 2016 2015 2014 2013 2012 2011 2010 2009 2008 2007
A Thing