David BicknellCredit card company Visa has introduced "10 commandments" for
its online merchants to try and cut credit card fraud.
Under the mandate, merchants could face fines or have Visa
membership revoked if they refuse to comply. This is likely to
force merchants to install firewalls, keep security patches up to
date, encrypt stored and transmitted data, and regularly update
anti-virus software.
The move comes as online credit card fraud races ahead of
offline card fraud, with some estimates putting the percentage of
online card fraud at 90%.
Initially, Visa's new plan will only apply in the US, but it
could eventually be applied to UK merchants. Visa in Europe
recently introduced its own programme, which promotes
authentication as a way to prevent fraud.
The solution, which uses the Secure Electronic Transaction (SET)
protocol, has been dubbed the Three Domain Model because it
provides options to authenticate the payment online, protect
privacy of transmissions, and ensure that data in transmission
remains unchanged.
Visa said the model would also work with new payment products
and channels, including chip cards, mobile phones, PDAs and set-top
boxes. Visa hopes it will reduce Internet transaction disputes by
up to 50%.