Visa To Waive Some PCI DSS Compliance
FINANCIAL PRIVACY—U.S.August 11, 2011
In an effort to encourage chip authentication technology, Visa will allow qualified U.S. merchants to abstain from the requirement to annually validate compliance with the Payment Card Industry Data Security Standard (PCI DSS). Infosecurity reports that as of October 1, Visa will grant the waiver to merchants that support both EMV contact and contactless chip acceptance. However, those merchants will still be required to protect sensitive data by "ensuring their systems do not store track data, security codes or PINs," the report states. A Visa spokeswoman said dynamic authentication is the future of securing payments and shrinks "the battlefield against criminals" by adding a security layer.