Cardholders Commercial Merchants Value Of Visa Media Center
What is Account Information Security
Introduction   |   What is AIS   |   AIS benefits   |   How AIS works   |   How to get started   |   Downloads and resources   |   In case of compromise
Account Information Security, or AIS, is a Risk Management program sponsored by Visa and run by Visa's members. The AIS program is a requirement for all entities participating in the Visa payment system i.e. those entities that process, store or transmit Visa cardholder account and/or transaction information, including merchants and service providers.To establish common industry standards, Visa and MasterCard produced the Payment Card Industry (PCI) Data Security Standard—a common set of industry requirements to ensure the safe handling of Cardholder information. The PCI standard have been developed to set a ‘minimum standard’ in the marketplace with regards to the protection of cardholder’s sensitive account and transaction information. Other global payment organizations have also endorsed the Standard and plan to adopt them as the framework for their respective programs.
Who does AIS program apply to?
The AIS program is a requirement for all entities participating in the Visa payment system i.e. those entities that process, store or transmit Visa cardholder account and/or transaction information, including merchants, processors and Internet payment service providers.
What are the PCI requirements?
At a basic level, PCI consists of 12 key requirements for protecting Visa cardholder account and transaction information: 
 
  1. Install and maintain a firewall configuration to protect data
  2. Do not use vendor-supplied defaults for system passwords and other security parameters
  3. Protect stored data
  4. Encrypt transmission of cardholder data and sensitive information across public networks
  5. Use and regularly update anti-virus software
  6. Develop and maintain secure systems and applications
  7. Restrict access to data by business need-to-know
  8. Assign a unique ID to each person with computer access
  9. Restrict physical access to cardholder data
  10. Track and monitor all access to network resources and cardholder data
  11. Regularly test security systems and processes
  12. Maintain a policy that addresses information security
 
The PCI Standards offered by the AIS program are designed to protect the confidentiality, availability and integrity of customer data.
 
The Standards represent the key requirements for handling or managing of Visa account information.
  Back to top
DOWNLOADS
e-Commerce Merchant Best Practice Guide (pdf | 301kb)
Visa Asia Pacific's e-Commerce Merchants' Guide to risk management contains useful tips for running your business with a risk management focus.
Print this page   |
Tell a friend   |
Get a card
Home  |   About Visa  |   Careers  |   Sitemap  |   Legal  |   Privacy Policy  |   Hyperlink Guidelines  |   Global Sites  |   Asia Pacific Sites