Credit card company Visa has introduced "10 commandments" for its online merchants to try and cut credit card fraud.
Under the mandate, merchants could face fines or have Visa membership revoked if they refuse to comply. This is likely to force merchants to install firewalls, keep security patches up to date, encrypt stored and transmitted data, and regularly update anti-virus software.
The move comes as online credit card fraud races ahead of offline card fraud, with some estimates putting the percentage of online card fraud at 90%.
Initially, Visa's new plan will only apply in the US, but it could eventually be applied to UK merchants. Visa in Europe recently introduced its own programme, which promotes authentication as a way to prevent fraud.
The solution, which uses the Secure Electronic Transaction (SET) protocol, has been dubbed the Three Domain Model because it provides options to authenticate the payment online, protect privacy of transmissions, and ensure that data in transmission remains unchanged.
Visa said the model would also work with new payment products and channels, including chip cards, mobile phones, PDAs and set-top boxes. Visa hopes it will reduce Internet transaction disputes by up to 50%.