Visa playing hardball on PCI compliance

Well, large merchants can no longer say that they were not warned. Visa issued another edict this week making clear its intentions to penalize (with higher fees and hefty penalties) merchants who process credit card payments but do not comply with the Payment Card Industry's (PCI) Data Security Standard by September 30. Visa, and other credit card providers are anxious to build--if not restore--confidence in credit card payments in physical and virtual venues and to stimulate transaction growth in an already mature credit card market. The card processing industry believes that it is leaving digital dollars on the table as a result identity theft fears. Visa, along with MasterCard Worldwide, Discover Financial Services, American Express and Tokyo-based JCB, is mandating compliance with 12 security-related requirements that include: encrypting transmission of cardholder data, periodic network scans, logical and physical access controls and activity monitoring and logging. Non-compliant merchants in these categories will no longer qualify for the best available tiered interchange rates from Visa.

For all the PCI developments:
- read the article in Computerworld