Cardholders   Commercial   Merchants   Value of Visa   Media Center      South Asia  
Search:

Navigation

    Card Acceptance Account Info Security Payment Applications Chip Technology Travellers Cheque Acceptance Merchant Education

Account Information Security (AIS)

In Case of Compromise


This section helps you to understand what you should do to prepare for and what action to take, should your organization suffer an information security breach. 

Incident response procedure for account compromise

The risk of theft or data compromise is an ongoing challenge. As 100 percent security cannot be guaranteed, it is necessary to have an incident response plan in place that is tailored to your business environment, in order to minimize disruption or losses to business operations in the event of an incident.    
 
The 'What To Do If Compromised' is a useful guide containing: information on the steps needed to develop and implement effective security response procedures; how to define and quantify a security breach; the actions to take; and whom to contact.
 
 
  Download the 'What To Do If Compromised' document 
 
By adhering to the appropriate security standards as defined in Visa's Account Information Security (AIS) program, the risk of security incidents occurring may be minimized.
 
 
Remember should a leak of account information occur you must
advise your acquirer and Visa immediately. Visa and your
acquirer will help you minimize the potential for your
customers' accounts being used fraudulently
 
 

Back to top

What you should do

If you experience a suspected or confirmed security breach, you should: 
 
1.  Immediately contain and limit the exposure
To prevent the further loss of data, conduct a thorough investigation of the suspected or confirmed loss or theft of account information within 24 hours of the compromise.
 
To facilitate the investigation:
 
  • Do not access or alter compromised systems (i.e., don't log on at all to the machine and change passwords, do not log in as ROOT)
  • Do not turn the compromised machine off. Instead, isolate compromised systems from the network (i.e., unplug cable)
  • Preserve logs and electronic evidence
  • A backup should also be performed on the system to maintain the current state of the system to facilitate the post-mortem and forensic investigation later
  • Log all actions taken
  • If using a wireless network, change SSID on the AP and other machines that may be using this connection (with the exception of any systems believed to be compromised)
  • Be on HIGH alert and monitor all Visa systems.
2.  Contact Visa International Fraud Control & Investigations
E-mail: VIFraudcontrol@visa.com

Back to top

  • Printable Page

Quick Links

 

External Links

 
 
Home | About Visa | Careers | Site Map | Legal | Privacy Policy | Hyperlink Guidelines | Global Sites | Asia Pacific Sites
© Copyright Visa. All Rights Reserved.