 |
 |
|
 |
||
|
|||||||
 |
|
In 2001, VISA announced its Cardholder Information Security Program (CISP), and expected all retailers, beginning with Tier 1 retailers (based on credit transaction volume), to be compliant by 2005. In 2004, the CISP requirements were incorporated into an industry standard known as Payment Card Industry (PCI) Digital Security Standard resulting from a collaboration between Visa and MasterCard to create common industry security requirements. Visa USA maintains CISP as the managing program for data security compliance endorsing the PCI Digital Security Standard. According to VISA USA, as of December, 2006, only 36% of the 231 largest merchants have complied with the Payment Card Industry Digital Security Standard (PCI DSS). Another 62% having submitted initial assessment reports, and are working toward compliance If you have questions about PCI Digital Security Standard programs, please contact Dave Hogan, NRF's SVP and CIO, and/or Mallory Duncan, SVP and General Counsel. |
About PCI Digital Security Standard Programs (PCI DSS)