USA ePay is proud to be Visa CISP compliant. Through
the CISP program Visa has certified that USA ePay is
up to date with the current security regulations
assigned by 3rd party assessors as well Visa itself. |
| |
What
is CISP?
The Visa U.S.A. Cardholder Information
Security Program (CISP) defines a standard of due
care and enforcement for protecting sensitive
information. Because the payment industry places a
high priority on maintaining the confidentiality and
integrity of account and personal data, the CISP
requirements are directed to all entities that
store, process, or transmit cardholder information.
The program ensures the annual validation of
merchants and all service providers on both the
Issuing and Acquiring side of the business. |
| |
CISP
Requirements
- Install and maintain a working
firewall to protect data
- Keep security patches up-to-date
- Protect stored data
- Encrypt data sent across public
networks
- Use and regularly update anti-virus
software
- Restrict access by "need to
know"
- Assign unique ID to each person with
computer access
- Don't use vendor-supplied defaults for
passwords and security parameters
- Track all access to data by unique ID
- Regularly test security systems and
processes
- Implement and maintain an information
security policy
- Restrict physical access to data
|
|
| |
How
CISP Works
CISP currently applies to any entity (meaning
Merchant or Service Provider) that stores, processes
or transmits Visa cardholder information. All
eligible Merchants and Service Providers regardless
of size must
comply with the 12 basic CISP requirements.
Compliance actions, however, are scaled to a level
of risk that is based on the number of accounts
stored or processed. |
| |
More
Information
You can find more information on the Visa CISP
compliance programs we well as all its regulations
by visiting the official Visa
CISP website. |
| |
| |
