You are here: silicon.com > Networks > WebWatch

WebWatch

Ecommerce sites face security crackdown

Mastercard and Visa tell traders to prove their houses are in order...

By Will Sturgeon

Published: 20 April 2005 15:05 GMT

Online shops face increasing regulation, with credit card companies handing down strict guidelines on the protection of customer data.

After 30 June, companies selling goods online will be required to apply annually for certification under the new tighter guidelines – providing consumers with greater guarantees of security when transacting online.

Mastercard, Visa and American Express are all involved in the scheme, which is intended to encourage more shoppers to spend online and counter some recent negative publicity relating to the security of data provided online – such as Bank of America's lost accounts, the attempted e-heist at Sumitomo Bank and past data protection issues involving the likes of Argos, B&Q and utility firm Powergen.

Firms processing more than 20,000 transactions per year will be required to scan their networks each quarter and conduct annual audits of their compliance with the standards in order to qualify for certification.

Non-compliance will mean e-tailers will be unable to process transactions with the credit card companies – cutting off their livelihood over night, or forcing them to involve customers in more convoluted processes such as sending cheques or making money transfers – neither of which will appeal to merchant or customer due to extra time, costs and liability associated with such methods.

Christian Robinson, MD of online gadget superstore Firebox.com, told silicon.com: "Firebox.com supports the moves from credit card issuers to tighten security procedures across online merchants. Essentially the new PCI Data Security Standards formalise a set of good working practices that professional online retailers should already be following."

"However, it's worth noting that even merchants strictly following the recommended data security procedures will still ultimately bear the risk of fraudulent transactions - it would be good to see more work being done in this area by card issuers," added Robinson.

  1. Zones
  2. Management
  3. Networks
  4. Software
  5. IT Services
  6. Hardware
  1. Verticals
  2. Public Sector
  3. Financial Services
  4. Retail & Leisure
Read and write about internet access at the airports of the world at atlarge.com. Rate airports, and see what others have to say...


  • Jobs
Senior Security Consultant, PCI DSS QSA, ISO27001, CISSP, CLAS, London

You will provide information assurance and technology consulting, with a particular emphasis on the Payment Card Industry Data Security Standard (PCI ...

IT Security Analyst

Role: Monitor security policy compliance by conducting periodic audits and approved penetration tests.Be able to assess internal and external scan ...

Technical Security Analyst

Essential skills & experience: * CISSP or similar security certification, * 3+ years experience as a System Engineer with expert knowledge of two or ...

Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.





Quick Sitemap Links: