September 6, 2006, 12:00 AM

Visa warns retailers about improper storage of card data

Visa has issued a security alert to merchants not to store magnetic stripe data, card verification values, PINs and other card-related data elements after a transaction is authorized. Visa says there have been recent data breaches involving such data.

 

Visa U.S.A. has issued a security alert to merchants not to store magnetic stripe data, card verification values, PINs and other card-related data elements after a transaction is authorized. The card association says it is issuing the alert because of recent data breaches involving improper storage of such data.

Under Visa regulations, retailers may store specific data from the magnetic stripe only to support card acceptance: cardholder’s name, primary account number, expiration date and service code. All data should be stored in accordance with the Payment Card Industry Data Security Standard, Visa says. All retailers, including online merchants, must be PCI compliant.

“Merchants can also decrease their risk by only storing cardholder data if it is needed to perform their business functions,” Visa says. “”If you don’t need it, don’t store it.”

Visa is advising retailers to make sure that their point-of-sale systems don’t store prohibited data, and to expunge any such data from their systems. Retailers also should verify that their POS software is compliant with Visa Payment Application Best Practices available on the Visa web site, the association says.

 

comments powered by Disqus

Advertisement

Advertisement

Advertisement

From IR Blogs

FPO

James Green / E-Commerce

Four critical digital marketing tactics for the 2015 holidays

Lessons from 2014 can help retailers start now to plan their marketing campaigns for the ...

FPO

Zach Blatt / E-Commerce

Why one shampoo brand is Head and Shoulders above the rest

An analysis of online reviews shows that the pleasing smell of the anti-dandruff shampoo is ...

Advertisement