Cardholders   Commercial   Merchants   Value of Visa   Media Center      South Asia  
Search:

Navigation

    Card Acceptance Account Info Security Payment Applications Chip Technology Travellers Cheque Acceptance Merchant Education

Account Information Security (AIS)


What is the Account Information Security (AIS) program?

Account Information Security, or AIS, is a Risk Management program designed to protect sensitive account and transaction information in the Visa payment system. It protects the interests of all payment participants, including Visa issuers and acquirers, merchants and cardholders - in both the physical and virtual worlds. 
 
In 2004, the AIS requirements were incorporated into an industry standard known as Payment Card Industry (PCI) Data Security Standards, or PCI DSS, resulting from a co-operative effort between Visa and the other major payment card brands to create common industry security requirements.
 
Effective September 2006, the PCI Security Standards Council ("PCI SSC") owns, maintains and distributes the PCI DSS and all its supporting documents. However, Visa maintains the AIS program as the managing program for data security (based on PCI DSS) compliance enforcement and validation initiatives.

Who does AIS program apply to?

The AIS program is a requirement for all entities participating in the Visa payment system i.e. those entities that process, store or transmit Visa cardholder account and/or transaction information, including merchants, processors and payment service providers.

What are the benefits of the AIS program?

By implementing and adhering to the Payment Card Industry Data Security Standards (PCI DSS) requirements, you will be taking an important step towards protecting your customers' information from potential security breaches and fraud.  
 
As well as protecting your customers, appropriate data security measures limit your risk exposure and minimizes the potential losses and operational expense that stem from compromised cardholder account information.
 
The AIS program can help you:

Promote your brand's integrity and boost consumer confidence in your business
Boost sales and business due to increased consumer confidence
Protect you against potential security breaches and unwanted investigative and legal costs
Reduce the risk of data compromise, fraud and the resulting unwanted media attention
Provide you with greater awareness of security measures and preventative options available
Reduce cardholder disputes and associated costs

What are the Payment Card Industry Data Security Standards (PCI DSS) requirements?

PCI DSS compliance is required of all merchants and service providers that store, process, or transmit Visa cardholder data and applies to all payment channels, including retail (brick-and-mortar), mail/telephone order, and e-commerce. 
 
At a basic level, PCI DSS consists of 12 key requirements for protecting Visa cardholder account and transaction information: 
 
Install and maintain a firewall configuration to protect cardholder data
Do not use vendor-supplied defaults for system passwords and other security parameters
Protect stored cardholder data
Encrypt transmission of cardholder data across open, public networks
Use and regularly update anti-virus software or programs 
Develop and maintain secure systems and applications
Restrict access to cardholder data by business need-to-know
Assign a unique ID to each person with computer access
Restrict physical access to cardholder data
Track and monitor all access to network resources and cardholder data
Regularly test security systems and processes
Maintain a policy that addresses information security
 
The PCI DSS was designed to protect the confidentiality, availability and integrity of customer data. The Standards represent the key requirements for handling or managing Visa account information.
 
Please click here for the complete PCI DSS.

How do I validate PCI DSS compliance?

To check whether your organization meets the PCI DSS requirements, you should complete the following validation tasks: 

 

  • Printable Page

Quick Links

 
 
 
Home | About Visa | Careers | Site Map | Legal | Privacy Policy | Hyperlink Guidelines | Global Sites | Asia Pacific Sites
© Copyright Visa. All Rights Reserved.