Visa and Mastercard say "prove it!"
An increasing number of businesses have been spotted sporting a button on their Web sites asserting their sites to be hack-proof. These buttons are made available to sites that have been scanned for vulnerabilities by independent security auditors, and serve two purposes; they prove compliance if the issuing auditor is certified by Visa/MC to do the appropriate testing procedures, and they may serve to give site visitors a little peace of mind.
Visa and Mastercard have been mandating heightened security for merchants for a while now, but the Visa Cardholder Information Security Program (CISP) has been updated recently, so it's time to check your compliance.
If you store customer credit card information, you need to be aware of Visa CISP and Mastercard Data Security Standard (.pdf). Fines and account termination are possible consequences for noncompliance. A big thanks goes to Corey Bryant of Card Service International for bringing this to my attention.
As a quick aside, I recently participated in an online discussion about a merchant who used a non-secure form to send credit card information as plain text to her email address to be processed manually. Her justification was thieves target sites with secure certificates on them, and by not installing SSL and using proper processing procedures, she was avoiding their detection. If this leaves you in awe, you're not alone!
###
==========[ MORE ABOUT PAUL ]==========
PaulHirsch.com . International Web Developers Network . Web Hosting Talk . Equentity Host
