Visa USA gets serious about merchant/customer security

Visa USA says it has earmarked a whacking 20 million dollars to help merchants become PCI-DSS compliant during 2007.

PCI stands for the Payment Card Industry Data Security Standard and seeks to ensure that merchants do not store customers' card details in any shape or form.

The gameplan so far is for all of Visa's Level 1 and 2 merchants - defined as 1,200 of the biggest mail order and online retailers in the US - to become PCI-DSS compliant by the end of August, 2007.

Visa claims that current PCI-DSS compliance among Level 1 merchants is 36 per cent, whilst among Level 2 merchants it is around 15 per cent.

Those Level 1 and 2 merchants that comply with the requirements will receive a one-off payment, as well as access to reduced card transaction processing fees.

And woe betide any retailer that doesn't comply, as Visa says they will be fined between $5,000 and $25,000 a month if they have not validated themselves by September 30th and December 31st, respectively.

Sounds like a sensible approach to card security if you ask me...