Cardholder Information Security Program

Upholding the Highest Cardholder Data Security Standards for Visa Stakeholders

Visa aims to secure Visa cardholder data wherever it resides, requiring that members, merchants, and service providers maintain the highest information security standards.

Quick Links

Visa's Business Guide to Data Security SWF | 500k
PCI Data Security Standards
List of PCI DSS-Compliant Service Providers PDF | 180k
Validated Payment Applications PDF | 468k

Cardholder Data Security Basics

Enforcing compliance with the PCI DSS to secure Visa cardholder data.

For Merchants

Merchants who store, process, or transmit Visa cardholder data.

For Service Providers

Merchants and members must use PCI DSS-compliant service providers.

Payment Applications

Securing third-party payment applications with the Payment Applications Best Practices (PABP).

Validation Requirements & Procedures
Payment Applications Best Practices DOC | 436k

PIN Security and Key Management Program

PIN accepting entities must comply with the PCI PIN Security Requirements.

Visa Approved PIN Entry Devices
Tools and Best Practices for Merchants PDF | 248k

If Compromised

Take immediate action to help prevent additional damage and adhere to the PCI DSS requirements.

Steps for Compromised Entities
What To Do if Compromised PDF | 612k

For non-U.S.-based entities, please visit Visa International Account Information Security (AIS) for validating compliance with the PCI DSS.

Site Utilities

Navigation

Visa Security Training Seminars Offered Throughout 2009