Visa U.S.A.'s new program targeted to improve data security at the nation's smallest businesses demonstrates the industry's continued commitment to universal implementation of the Payment Card Industry (PCI) Data Security Standard.
With this effort, Visa expects acquiring financial institutions to better identify and remedy risk among merchant customers categorized as level 4, a group consisting of smaller retailers.
Previously, card Association enforcement of PCI was trained on level 1 merchants. After all, they are the big kahunas of the retailing world, and they account for the majority of yearly transaction dollar volume. However, while less than 5% of potentially exposed accounts are stolen from level 4 merchants, 80% of identified compromises since Jan. 1, 2005, have occurred at this level.
"Data security breaches involving payment card information occur at small businesses more frequently than at all other merchant levels combined," said Michael Smith, Visa's Senior Vice President, Enterprise Risk and Compliance.
Often small-business owners are focused on day-to-day concerns and unaware that their payment processing procedures could be putting them at risk of data security breaches.
Help is on the Web
Visa's new program targets both acquirers and merchants. As of Aug. 1, 2007, Visa and the National Federation of Independent Business will offer on the Web site www.nfib.org a wide range of free educational materials and tools, including communications, webinars, training and support to help educate smallbusiness owners.
Announced in May and effective July 31, 2007, Visa will require all acquirers to submit to the card Association a summary of their small merchant compliance plans. With this new program, Visa is also asking acquirers to provide data-security education and tools to its smallbusiness customers.
"While small merchants may have limited access to sophisticated security analysis and tools, even small changes can dramatically improve security for them, their customers and the payment system," Smith said.
Notice to readers: These are archived articles. Contact names or information may be out of date. We regret any inconvenience.Prev Next