Visa is the world’s largest payment system, with more volume
than all other major payment cards combined. Visa-branded cards
generate over £1 trillion in annual volume.
According to the company, as on-line volume grows, the
initiative will enhance Visa’s global payment system and is
expected to reduce internet transaction disputes by up to 50
percent.
The global initiative includes two major components. First, the
Payment Authentication Program is designed to reduce the risk of
unauthorised use of a cardholder account and to improve customer
service for buyers and sellers on the web. Second, the Global Data
Security Program establishes standards and best practices for
e-commerce merchants allowing them to better ensure the security of
cardholder data on their sites.
“Ultimately, we want to bring an extra measure of confidence to
the internet by delivering higher levels of security,” said
Executive Vice President Philip Yen, head of Visa’s Internet and
Access Channels group. “This initiative builds upon many of the
security and authentication measures we have already developed for
the web.”
The Payment Authentication Program is based on a new “3-Domain”
model that provides participants with the confidence that an
internet transaction has been conducted by legitimate parties, thus
reducing the potential for disputes. It was deployed yesterday in
the European Union marketplace, with full implementation scheduled
for 2001.
“While there are good security solutions in the marketplace
today, the Payment Authentication Program will provide an even
higher level of confidence,” Yen said. “By providing better
protection for buyers and sellers on the internet, we expect to
reduce fraud and significantly decrease disputes.”
The 3-Domain model provides options to authenticate the payment
online, protect the privacy of transmissions, and ensure that data
in transmission remains unchanged. The model will also work with
new payment products and channels, including chip cards, mobile
phones, personal digital assistants and set-top boxes.
The second half of the Visa initiative will enhance the
protection of transaction information on a merchant web site. The
Global Data Security Program, to be rolled out later this year,
will include a series of standards and guidelines for e-commerce
transactions that both buyers and sellers should follow.
Additionally, a self-certification tool will be available to help
merchants evaluate and improve the security of their sites.
Businesses will be hoping that these standards do not conflict with
other proposals in this area (see links below).
The self-certification tool, standards and guidelines will all
be available to merchants on the Web later this summer.
Additionally, technology to upgrade merchant sites once the
self-certification has been completed will be available from a
variety of Visa approved vendors via direct links on the web.
