Product Menu
Support Menu
Downloads Menu
Resellers Menu
Developers Menu
Events Menu
Products
Overview
PCCharge
IPCharge
RiTA Server
JCharge
Product Versions

VeriFone Security and Compliance

Visa CISP and Payment Card Industry PABP

In an effort to reign in fraud, provide security guidance to merchants, and give cardholders peace of mind, Visa instituted the Cardholder Information Security Program (CISP). This program is intended to protect Visa cardholder data--wherever it resides--ensuring that members, merchants, and service providers maintain the highest information security standards. CISP compliance is required of all merchants and service providers that store, process, or transmit Visa cardholder data. To achieve compliance with CISP, merchants and service providers must adhere to the Payment Card Industry (PCI) data security standard, a set of guidelines for safeguarding sensitive data for all card brands, including MasterCard, American Express, and Discover.

VERIFONE SOFTWARE VALIDATION / COMPLIANCE

  • PCCharge is a PABP validated application
  • RiTA Server is a PABP validated application
  • JCharge is a PABP validated application
  • IPCharge is Visa CISP compliant

VERIFONE SOFTWARE VALIDATION / COMPLIANCE

There is no formal CISP certification program for payment software applications. However, software vendors may voluntarily submit their applications to Visa for validation against PCI Payment Application Best Practices (PABP). PABP validation is a not a requirement by Visa at this time, although Visa reserves the right to make payment application validation a requirement as needed to support CISP compliance of payment application users.

OUR POSITION

A Proactive Approach to End-to-End Security

We are committed to protecting the confidentiality and integrity of cardholder data whenever cardholders make purchases from merchants using VeriFone payment software applications. We have taken a proactive approach to security, voluntarily contracting Ambiron, a Visa-approved CISP assessor, to evaluate our solutions. As pioneers in the payment software industry, we worked in cooperation with the card associations to develop PABP guidelines.

Our Commitment

Our commitment to security expands beyond PABP application validation. We understand that end-to-end security--protecting every link in the payment chain--is critical to protecting cardholder data. Therefore, we also educate point-of-sale (POS) integrators on the risks associated with storing sensitive information. In November 2004, we hosted a Security & Emerging Technologies Conference, bringing together industry experts and fraud management representatives from Visa, MasterCard, American Express, and Discover to educate POS application developers and resellers on security trends, solutions, and new technologies. This annual event is part of VeriFone’s continuing effort to combat electronic payment fraud. For information on future conferences, contact us at (800) 725-9264.

We encourage all merchants who accept credit cards to abide by the twelve published CISP guidelines, which may be found at www.visa.com/cisp, regardless of their payment application.

How Our Solutions Measure Up - PCCharge, RiTA Server, JCharge, and IPCharge

Our software and middleware solutions have been through the PABP process, including audits by Ambiron to evaluate the security surrounding these applications’ storage and processing of cardholder data. Based upon the results of these assessments, Ambiron found that the use of these applications would not prohibit an entity from meeting CISP requirements. RiTA Server, our highly scalable middleware product, was one of the first applications to be named on Visa’s list of PABP-validated payment applications. IPCharge, our hosted payment solution, has been successfully audited against CISP.
AS/400 Credit Card Payment Software
 
In addition to all the solutions you’ve come to rely on, we now have even more resources to help your business succeed.
Visit VeriFone.com  |  Quick Links  |  Contact Us