AIS VISA Mastercard
Security Compliance
These Payment
Card Industry
(PCI) Data Security
Requirements
apply to all
Members,
merchants, and
service providers
that store,
process or transmit
cardholder data.
Additionally,
these security
requirements
apply to all
“system
components”
which is defined
as any network
component, server,
or application
included in,
or connected
to, the cardholder
data environment.
Network components,
include, but
are not limited
to, firewall's,
switches, routers,
wireless access
points, network
appliances,
and other security
appliances.
Servers include,
but are not
limited to,
web, database,
authentication,
DNS, mail, proxy,
and NTP. Applications
include all
purchased and
custom applications,
including internal
and external
(web) applications.
download
available
What is AIS?
Account Information
Security, or
AIS, is a Risk
Management program
sponsored by
Visa and run
by Visa's members.
The AIS program
is a requirement
for all entities
participating
in the Visa
payment system
i.e. those entities
that process,
store or transmit
Visa cardholder
account and/or
transaction
information,
including merchants
and service
providers.
To
establish common
industry standards,
Visa and MasterCard
produced the
Payment Card
Industry (PCI)
Data Security
Standard—a
common set of
industry requirements
to ensure the
safe handling
of Cardholder
information.
The PCI standard
have been developed
to set a ‘minimum
standard’
in the marketplace
with regards
to the protection
of cardholder’s
sensitive account
and transaction
information.
Other global
payment organizations
have also endorsed
the Standard
and plan to
adopt them as
the framework
for their respective
programs.
At
a basic level,
PCI consists
of 12 key requirements
for protecting
Visa cardholder
account and
transaction
information:
