Electronic Payment Providers
CISP Compliance
payment processing software
Electroinic Payment Providers EPPHistory
AAP Payment ProccessorsExecutive Team
Industry PartnersStrategic Partners
Careers at EPPCareers
SAVVIS SecuritySecurity
Electronic Payment QuestionsFAQ
Get More InfoGet More Info
See a DemoSee a Demo
Contact UsContact Us
 
Visa

Electronic Payment Providers® (EPP) is proud to operate on Visa CISP compliant gateways. Through the CISP program, EPP's payment gateways are certified under Visa to be up-to-date with the latest security regulations assigned by third-party assessors as well as Visa itself.

The Definition of CISP
The Visa U.S.A. Cardholder Information Security Program (CISP) defines a standard of due care and enforcement for protecting sensitive information. Because the payment industry places a high priority on maintaining the confidentiality and integrity of account and personal data, the CISP requirements are directed to all entities that store, process, or transmit cardholder information. The program ensures the annual validation of merchants and all service providers on the issuing and the acquiring side of the business.

CISP Requirements
  • Install and maintain a working firewall to protect data
  • Keep security patches up-to-date
  • Protect stored data
  • Encrypt data sent across public networks
  • Use and regularly update anti-virus software
  • Restrict access by "need to know"
  • Assign a unique ID to each person with computer access
  • Do not use vendor-supplied defaults for passwords and security parameters
  • Track all access to data by a unique ID process
  • Test security systems and processes regularly
  • Implement and maintain an information-security policy
  • Restrict physical access to data
The Way that CISP Works
CISP currently applies to any entity (meaning merchant or service provider) that stores, processes, or transmits Visa cardholder information. All eligible merchants and service providers (regardless of size or in the case of service providers, whether they support issuing or acquiring activity) must comply with the twelve basic CISP requirements. Compliance actions, however, are scaled to a level of risk that is based on the number of accounts stored or processed.

More Information
You can find more information on the Visa CISP compliance program as well as all of its regulations by visiting the official Visa CISP website.

Customer Relationship Management Software
Industry Solutions    |   Products    |   Company    |   Success Stories    |   News & Events    |   Payment Gateway   |  Privacy  

© Copyright 2007, 2008 Electronic Payment Providers, Inc. All Rights Reserved

Click to Verify Domain