Free Internet Vulnerability Scanning

Thursday, 15 September 2005, 2:21 pm
Press Release: Visa

Visa Asia Pacific Launches First-Ever Free Internet Vulnerability Scanning and Security Assessment Service

Service will help processors and merchants comply more readily with global security standards

AUCKLAND, 15 September 2005 - Visa has taken another step in the fight against payment system fraud by offering the world's first free security assessment service to help boost cardholder data security in the region.

Effective immediately, all parties that handle Visa cardholder data, such as Visa's member financial institutions, Internet Payment Service Providers (IPSPs) and merchants are entitled to access a free self-assessment service and to receive quarterly network vulnerability scans to validate the security of their Internet-connected systems.

The service is another weapon in the armory of Visa Asia Pacific's Account Information Security Program (AIS), which helps protect sensitive cardholder account and transaction information and is mandatory for all parties handling Visa cardholder data.

Visa will partner with ScanAlert, one of the world's largest website security certification companies, to provide the free security assessment and validation service. Under the agreement, ScanAlert will also provide Visa's member financial institutions in the Asia Pacific with a comprehensive reporting system to track the AIS validation status of their merchants and service providers. The service is available at www.scanalert.com.

Visa New Zealand Country Manager, Mr. Iain Jamieson, said, "We recognize that in today's electronic payment environment with the constant threat of criminal minds at work, cardholders are increasingly concerned about the safety of their personal data. When that protection is provided, consumer trust and confidence in the security of the payment business are maintained.

Advertisement - scroll to continue reading

With our free Vulnerability Scanning and Self Assessment service, we can make it easier for all the relevant parties such as merchants and their service providers to be compliant with Visa's global data security standards. The result will be that companies can efficiently and cost effectively validate their compliance and focus on their core business."

ScanAlert has certified thousands of online merchants in the world to the Payment Card Industry (PCI) Data Security Standard, a set of minimum standards and best practices on data confidentiality, online availability and integrity.

"With security being the number one challenge facing online retailing worldwide, ScanAlert is focused on actively ensuring acquirers, processors and merchants in the region are well prepared against intrusion. ScanAlert's vulnerability scanning technology is non-invasive and used by thousands of e-commerce merchants worldwide," said ScanAlert CEO, Ken Leonard.

Card fraud has dropped to three cents for every $100 spent in Asia Pacific (or 0.03 of one percent equaling US$136.5 million in the entire Asia Pacific) of sales volume in the first quarter of 2005. This is less than half what it was in the same period in 2000 and less than half of the current global rate. During this time, transactions on Visa have nearly doubled.

Ensuring cardholder data is kept secure

Visa's Account Information Security (AIS) Program is a globally mandated risk management program sponsored by Visa and run by Visa's members that applies to all entities participating in the Visa payment system. AIS is based on two fundamental principles:
* Do not store cardholder data.
* If you need to store some data, encrypt it.

Depending on the average monthly processing volume, an entity must perform the following tasks to validate compliance with the minimum-security standards of the AIS program:
* Annual testing through a Self-Assessment Questionnaire
* Quarterly vulnerability scanning of Internet-connected systems
* Independent third party onsite review

ScanAlert will provide the online tools to IPSPs and merchants that need to validate their organizations to Visa's AIS standard. These tools include:
* Assistance in completing the Self-Assessment Questionnaire
* Quarterly vulnerability scans of all Internet servers and network connection points
* Unlimited on-demand manual scans to retest systems
* Assistance in preparing an AIS-compliant security policy
* Comprehensive support tools including FAQs, tutorials and best practice recommendations
* Telephone technical support for vulnerability scanning
* Preparation of an AIS Validation Report upon completion of the validation of the completed questionnaire and/or scan.

ENDS

Advertisement - scroll to continue reading

Did you know Scoop has an Ethical Paywall?

If you're using Scoop for work, your organisation needs to pay a small license fee with Scoop Pro. We think that's fair, because your organisation is benefiting from using our news resources. In return, we'll also give your team access to pro news tools and keep Scoop free for personal use, because public access to news is important!

Go to Scoop Pro Find out more

Find more from Visa on InfoPages.

Business Headlines | Sci-Tech Headlines

BUSINESS, SCIENCE & TECH

John Mazenier: Gaffer Tape And Glue Delivering New Zealand’s Mission Critical Services

Every debt, eventually, has to be repaid. Right now, the day of reckoning is fast approaching for one of the most crippling, but least discussed, debts burdening government across New Zealand – technical debt. Technical debt is the cost of generations of incremental investments in legacy technologies to tease additional functionality or life from them.

Earthquake Commission: Ivan Skinner Award Winner Inspired By Real-life Earthquake Experience

Witnessing the human cost of the Canterbury earthquakes inspired Ben Exton to become an earthquake engineer and find solutions to make New Zealand homes more resilient against future seismic events. Exton last week received the Ivan Skinner Award at the New Zealand Society of Earthquake Engineering (NZSEE) annual conference to recognise his innovative work as a practitioner and to support his qu

Reserve Bank: Consultation Opens On A Digital Currency For New Zealand

Te Pūtea Matua is continuing its exploration of a central bank digital currency. “We are calling this ’digital cash’. It would be a new type of money in addition to the banknotes and coins we have today, and the electronic money in your bank account,” Director of Money and Cash – Tari Moni Whai Take Ian Woolford says.

NIWA: Ship Anchors May Cause Extensive And Long-lasting Damage To The Seafloor, According To New Research

NIWA anchored their research vessel in Wellington Harbour and observed in real-time how its anchor changed the surrounding environment. Study leader NIWA geophysicist Dr Sally Watson says they saw broomstick-like scarring on the seabed.

New Zealand Customs Service: A Step Forward For Simpler Trade Between New Zealand And Singapore

The New Zealand Customs Service has signed an arrangement with Singapore that will help to make trade simpler for exporters. The Arrangement on Facilitating Safe and Efficient Trade sets out a framework for developing and strengthening practical cooperation on trade and the use of emerging technology.

Horizon Research: 68% Say Make Banks Offer Fraud Protection

68% (2,785,000 adults) believe the government should regulate to make sure banks offer fraud and cybercrime protection to customers. These are among findings of a new study, conducted in the public interest by Horizon Research, on bank fraud and cybercrime.

Join Scoop Pro

Submit News

Become a Member