Visa is the world’s largest payment system, with more volume than all other major payment cards combined. Visa-branded cards generate over £1 trillion in annual volume.
According to the company, as on-line volume grows, the initiative will enhance Visa’s global payment system and is expected to reduce internet transaction disputes by up to 50 percent.
The global initiative includes two major components. First, the Payment Authentication Program is designed to reduce the risk of unauthorised use of a cardholder account and to improve customer service for buyers and sellers on the web. Second, the Global Data Security Program establishes standards and best practices for e-commerce merchants allowing them to better ensure the security of cardholder data on their sites.
“Ultimately, we want to bring an extra measure of confidence to the internet by delivering higher levels of security,” said Executive Vice President Philip Yen, head of Visa’s Internet and Access Channels group. “This initiative builds upon many of the security and authentication measures we have already developed for the web.”
The Payment Authentication Program is based on a new “3-Domain” model that provides participants with the confidence that an internet transaction has been conducted by legitimate parties, thus reducing the potential for disputes. It was deployed yesterday in the European Union marketplace, with full implementation scheduled for 2001.
“While there are good security solutions in the marketplace today, the Payment Authentication Program will provide an even higher level of confidence,” Yen said. “By providing better protection for buyers and sellers on the internet, we expect to reduce fraud and significantly decrease disputes.”
The 3-Domain model provides options to authenticate the payment online, protect the privacy of transmissions, and ensure that data in transmission remains unchanged. The model will also work with new payment products and channels, including chip cards, mobile phones, personal digital assistants and set-top boxes.
The second half of the Visa initiative will enhance the protection of transaction information on a merchant web site. The Global Data Security Program, to be rolled out later this year, will include a series of standards and guidelines for e-commerce transactions that both buyers and sellers should follow. Additionally, a self-certification tool will be available to help merchants evaluate and improve the security of their sites. Businesses will be hoping that these standards do not conflict with other proposals in this area (see links below).
The self-certification tool, standards and guidelines will all be available to merchants on the Web later this summer. Additionally, technology to upgrade merchant sites once the self-certification has been completed will be available from a variety of Visa approved vendors via direct links on the web.