Alerts, Bulletins & Webinars

Alerts, Bulletins & Webinars

Data Security Alerts, Bulletins & Webinars

Visa is committed to helping all payment system participants better understand their responsibilities related to securing cardholder data. As part of this commitment, Visa issues security alerts when vulnerabilities are detected in the marketplace.

The following Visa Data Security Alerts, Bulletins, Best Practices, Third Party Media Articles and Webinars are currently available in PDF format. Click a document/resource title to download.

Data Security Alerts

Document/Resource Downloads  
SSL 3.0 “Poodle” Vulnerability – 29 October 2014 PDF | 115k
“Shellshock” (Bash) Vulnerability – 1 October 2014 PDF | 113k
Fraudulent Credits Trend: ATM Reversals – 14 August 2014 PDF | 130k
U.S. CERT Advisory: Backoff Point of Sale Malware – 31 July 2014 PDF | 967k
Insecure Remote Access and User Credential Management – July 2014 PDF | 143k
OpenSSL “Heartbleed” Vulnerability – April 2014 PDF | 116k
Chewbacca Point-of-Sale(POS) Malware – 6 March 2014 PDF | 129k
Retail Merchants Targeted by Memory-Parsing Malware
– UPDATE – February 2014
PDF | 59k
Retail Merchants Targeted by Memory-Parsing Malware
– UPDATE – August 2013
PDF | 48k
Preventing Memory-Parsing Malware Attacks on Grocery Merchants
– 11 April 2013
PDF | 55k
Dexter Malware Targeting Point-of-Sale (POS) Systems – December 2012 PDF | 48k
Help Protect Cardholder Data From Attacks on PIN Entry Devices – 16 November 2012 PDF | 50k
Visa Warns Merchants of E-mail Phishing Scams – 9 December 2010 PDF | 61k
Criminals Exploit Weak Merchant Credentials to Submit False Credits to Debit Cards – 28 October 2010 PDF | 38k
Key Logger: Key Stroke and Screen Capture – March 17, 2010 PDF | 39k
Targeted Hospitality Sector Vulnerabilities – November 06, 2009 PDF | 78k
POS PIN Entry Device Vulnerabilities – September 23, 2009 PDF | 40k
SQL Injection Attacks – September 1, 2009 PDF | 42k
Letter to Payment Application Vendors – April 15, 2009 PDF | 34k
Malicious Software and Internet Protocol (IP) Addresses – April 1, 2009 PDF | 192k
USSS / FBI Advisory – February 12, 2009 PDF | 40k
Personal Identification Number (PIN) Attacks – February 5, 2009 PDF | 32k
Packet Sniffing Vulnerability – February 2, 2009 PDF | 32k
Hospitality Merchants – January 9, 2009 PDF | 36k
Key Logger Malware – October 6, 2008 PDF | 33k
Debugging Software – Memory Parsing Vulnerability – October 2, 2008 PDF | 44k
Eliminating Storage of Prohibited Data – September 3, 2008 PDF | 44k
Enabling Audit Logging – August 29, 2008 PDF | 36k
Network Vulnerabilities – June 19, 2008 PDF | 36k
Potential Network Vulnerabilities for Financial Institutions – January 25, 2008 PDF | 40k
VoIP Security Vulnerabilities – December 28, 2007 PDF | 40k
New POS Tamper Scheme – November 13, 2007 PDF | 36k
Eliminate Storage of Cardholder Data on POS and ATM Hardware – November 9, 2007 PDF | 40k
Improperly Secured Wireless Networks – October 5, 2007 PDF | 48k
Unnecessary and Vulnerable Services on Servers – April 18, 2007 PDF | 44k
Security Vulnerability: New Social Engineering Schemes Detected – December 18, 2006 PDF | 34k
Risks Affecting Petroleum Merchants – November 17, 2006 PDF | 40k
Improperly Segmented Network Environment – October 31, 2006 PDF | 37k
Unauthorized Access to Automated Fuel Dispenser Card Readers – September 29, 2006 PDF | 31k

Data Security Bulletins

Document/Resource Downloads  
Visa Introduces Enhanced PCI DSS Enforcement Plan – October 2014 PDF | 516k
Upcoming PCI DSS Compliance Requirements – 18 September 2014 PDF | 152k
Maximize Point-of-Sale PIN-Entry Device Security – 06 May 2013 PDF | 428k
Encrypting PIN Pads Must Be Industry-Approved – 06 December 2012 PDF | 346k
Top Three E-commerce Vulnerabilities and Acquirer Actions to Ensure Their Merchants Protect Online Data PDF | 37k
Visa Recommended Practices for EMV Chip Implementation in the U.S. - 11 July 2012 PDF | 70k
Visa Adopts New Payment Card Industry PIN Security Requirements - 22 March 2012 PDF | 104k
Compromised PIN-Entry Device Listing Updated; Reminder of Upcoming Mandatory Sunset Dates - 1 September 2011 PDF | 123k
Visa Announces Plans to Accelerate Chip Migration and Adoption of Mobile Payments - 9 August 2011 PDF | 42k
Visa Expands Technology Innovation Program for U.S. Merchants to Adopt Dual Interface Terminals - 9 August 2011 PDF | 42k
Visa Sets U.S. Acquirer Processor Mandate for Chip Transaction Processing - 9 August 2011 PDF | 29 k
Visa Announces U.S. Participation in Global Point-of-Sale Counterfeit Liability Shift - 9 August 2011 PDF | 35k
Visa Introduces Technology Innovation Program for Merchants - 9 February 2011 PDF | 39k
Wireless Networks Require Data Security Controls - 9 September 2010 PDF | 31k
U.S. Payment Applications Security Mandates Frequently Asked Questions - November 06, 2009 PDF | 59k
Payment Application Security Mandates Set Across Regions - June 24, 2009 PDF | 120k
Visa PCI DSS Compliance Validation Framework - November 18, 2008 PDF | 68k
Visa's PABP adopted as Security Standard - April 15, 2008 PDF | 37k
Visa Announces New Payment Application Security Mandates - October 23, 2007 PDF | 60k
Level 4 Merchant Compliance Program Requirements - May 14, 2007 PDF | 54k
Top Three POS System Vulnerabilities - November 21, 2006 PDF | 72k

White Papers

Best Practices

Document/Resource Downloads  
Protecting Merchant Point of Sale Systems During The Holiday Season – 7 November 2014 (FS-ISAC, USSS, R-CISC) PDF | 384K
Reducing Counterfeit Fraud Through Acceptance Best Practices – January 2014 PDF | 2.99MB
Global Visa Card-Not-Present Merchant Guide to Greater Fraud Control PDF | 2.54MB
Visa Best Practices - Mobile Payments Acceptance Solutions v3.0 - 11 September 2013 PDF | 1.64MB
Digital Wallet Guidelines for Merchants – 14 March 2013 PDF | 44k
Protect Your Merchant Terminals From Illegal Tampering - 2013 PDF | 768k
Tips and Tools for E-commerce Businesses - 2012 PDF | 1.71mb
Security Tips for Retailers - 2012 PDF | 102k
Visa Best Practices - Payment Application Integrators and Resellers - 28 April 2011 PDF | 27k
Tips and Tools for Small Merchant Businesses - 2010 PDF | 539k
Visa Best Practices - Acquirer Best Practices for Continuity Merchants - 26 August 2010 PDF | 32k
Visa Best Practices - Merchant Best Practices - Continuity - 26 August 2010 PDF | 31k
Visa Best Practices - Top 10 Best Practices for Payment Application Companies v1.0 - 24 August 2010 PDF | 61k
Visa Best Practices - PAN Truncation v1.0 - 14 July 2010 PDF | 39k
Visa Best Practices - Tokenization v1.0 - 14 July 2010 PDF | 50k
Visa Best Practices - Cardholder Data Security Best Practices for VisaNet Processors - 20 April 2010 PDF | 154k
Visa Best Practices - Data Field Encryption v1.0 - 05 October 2009 PDF | 55k
Visa Best Practices - Primary Account Number Truncation on Cardholder Statements - 22 April 2009 PDF | 30k

Third Party Media Articles

Document/Resource Downloads  
Common Payment Card Security Myths Dispelled – Hospitality Upgrade, Fall 2013 PDF | 4.13MB
Mobile Evolution Securing the Next Wave of Payment Innovation – Hospitality Upgrade, Summer 2013 PDF |1.15MB
Security Options to Future-proof Merchant Investments – Hospitality Upgrade, Spring 2013 PDF |1.08MB
Protecting Corporate Networks – Hospitality Upgrade, Fall 2012 PDF | 805KB
U.S. Chamber of Commerce's Internet Security Essentials for Business 2.0 – October 2012 PDF | 3.31MB
Vet Vendors to Keep Out Unwanted Guests - Hospitality Upgrade, Summer 2012 PDF | 572k
Keep Data In And Hackers Out: What Every Restaurant Owner Should Know – Fast Casual, May 2012 PDF | 119k
Coming to America: EMV Chip Technology - Hospitality Upgrade, Spring 2012 PDF | 715k
Avoid Giving Credits When None Are Deserved - Hospitality Upgrade, Fall 2011 PDF | 2146k
Managing The Risks And Security Threats Of Mobile Payments - Lydian Journal, February 2011 PDF | 1627k
Five Security Issues All Hotel Operators Need To Know - Hospitality Upgrade, Spring 2011 PDF | 186k
Wireless Networks - A Customer Loyalty Dream Can Become A Security Nightmare - Hospitality Upgrade, Fall 2010 PDF | 2,428k
Every Key You Make, Every Stroke You Take, They'll Be Watching You - Hospitality Upgrade, Summer 2010 PDF | 341k
Encryption The New Buzzword in Data Security - Hospitality Upgrade, Spring 2010 PDF | 1.9mb
Better Business Bureau and Visa's Data Security - Made Simpler - January 2010 PDF | 1.8mb
Ellen Richey Interview - Risk Professional, December 2009 PDF | 1.4M
Targeted by Data Thieves - Hospitality Upgrade Fall 2009 PDF | 4.6mb
Visa Guidance on Data Encryption - American Banker, 07 October 2009 PDF | 61k
PCI Standard Still the Best Answer to Fraud - American Banker, 26 June 2009 PDF | 73k
Ellen Richey Interview - Card and Payments, June 2009 PDF | 2.9mb

Webinars

Document/Resource Downloads  
BlackPOS Malware Deconstructed – 10 December 2014 PDF | 350kB
Strategies to Effectively Manage Data Compromise Events – 12 November 2014 PDF | 659kB
Fraud Prevention Strategies for Merchants – 15 October 2014 PDF | 353kB
Identifying, Containing, and Mitigating the "Backoff" Malware – 24 September 2014 PDF | 304kB
2014 North America Payment Card Security and Technology Symposium Recap – 20 August 2014 PDF | 447kB
Pharmaceutical Guidelines Overview - 5 August 2014 PDF | 1.5MB
Preventing ATM Skimming (Spanish) - 19 February 2014 PDF | 1.9MB
Mitigating Large Merchant Data Breaches – January 2014 PDF | 4.38MB
Skimming and Fraud Protection for Petroleum Merchants – 14 November 2013 PDF | 2.02MB
Strengthening Processor Security – 16 October 2013 PDF | 984k
Encryption and Tokenization: Protecting Customer Data – 18 September 2013 PDF | 1.71Mb
Mitigating Large Merchant Breaches and Leveraging Technology to Secure the Future – 28 August 2013 PDF | 638k
Payment Processing Threats Impacting Grocery Store Merchants – 24 April 2013 PDF | 580k
Merchant PIN Security Compromise Trends and Best Practices (English) – 13 February 2013 PDF | 1.25Mb
Merchant PIN Security Compromise Trends and Best Practices (Spanish) – 12 February 2013 PDF | 1.67Mb
NFIB: Data Security Essentials Every Small Business Should Know – 16 November 2012 PDF | 770k
USHCC: Data Security Essentials Every Small Business Should Know – 15 November 2012 PDF | 747k
NCFTA: Rewards Points Hijacking – 13 November 2012 PDF | 1.58MB
SBEC: Data Security Essentials Every Small Business Should Know – 9 November 2012 PDF | 761k
Responding to Security Breaches at Franchises with Multiple Locations – 17 October 2012 PDF | 564k
Global Data Security Landscape and Payment System Security Best Practices (2012 SF ISACA Fall Conference) – 16 October 2012 PDF | 1.01Mb
Top E-commerce Vulnerabilities and Actions to Protect Online Data – 18 September 2012 PDF | 408k
2012 U.S. Data Security and Authentication Symposium – 6 June 2012 PDF | 5.25Mb

For more information

To learn more about Visa’s compliance programs, contact Visa via email at AskVisaUSA@Visa.com.