Visa CISP
IndiaPay is Recognized by Visa for CISP Compliance
IndiaPay is excited to announce our certification of compliancy with Visa’s Cardholder Information Security Program (CISP). This program establishes a set of 12 requirements for safeguarding sensitive information and controlling data access.
To become certified, organizations must submit to an independent security audit to verify compliance with all twelve requirements. This recognition by Visa underscores our commitment to provide the highest level of security to our merchants and their customers for their card processing needs CISP Requirements:
- Install and maintain a working firewall to protect data
- Keep security patches up-to-date
- Protect stored data
- Encrypt data sent across public networks
- Use and regularly update anti-virus software
- Restrict access by “need to know”
- Assign unique ID to each person with computer access
- Don’t use vendor-supplied defaults for passwords and security parameters
- Track all access to data by unique ID
- Regularly test security systems and processes
- Implement and maintain an information security policy
- Restrict physical access to data
CISP defines a standard of due care for securing Visa cardholder data, wherever it is located. CISP compliance has been required of all entities storing, processing, or transmitting Visa cardholder data.
Members must comply with CISP and are responsible for ensuring the compliance of their merchants and Agents—whether they support Issuing or Acquiring activity—for all payment channels, including retail (brick-and-mortar), mail/telephone-order, and e-commerce.