Visa shares best practices to defend against poor implementation, maintenance, and support processes that have resulted in compromises on merchant and agent data. Visa advises payment app acquirers, merchants, agents and providers to approach their licensed integrators and resellers and insist that these best practices be adopted immediately. Merchants and agents should also consider these best practices as a condition of their service level agreements with external integrators and resellers. Visa has identified several malware families (“FindPOS”, “FrameworkPOS” and “rawpos”) used to address the hosting industry, including casinos and resorts. Important points to discuss with your acquirer when you identify the best options for upgrading endpoints on smart cards. Companies that properly implement and execute a tokenization process to support their payment functions can reduce the volume, risks, and costs associated with ongoing compliance with Payment Card Industry Data Security Standards (PCI DSS). Visa previously released a technical analysis on malware, including filenames, malware hashes, and criminal methodology involved in a separate ATM jackpoting incident in the Asia-Pacific region. While there are similarities between the two events, this notification serves to highlight important distinguishing elements, including malware and methods, with respect to the incident in Southeast Asia. A leaflet for accommodation, car rental and cruise merchants, to ensure that authorizing the customer`s money is not inappropriately responsible. Visa exploitation rules establish that all Visa customers, including issuers and acquiring financial institutions, must comply with the Payment Card Industry Data Security Standard (PCI DSS). . .
.