SAN FRANCISCO — Visa USA announced it will offer $20 million in financial incentives and create new sanctions in an effort to further merchant compliance with the Payment Card Industry Data Security Standard (PCI DSS).
The new effort, called the Visa PCI Compliance Acceleration Program (PCI CAP), is the first of its kind to provide positive reinforcement to the industry's traditional, fine-only approach. Visa PCI CAP represents one component of Visa's comprehensive strategy to address payment card fraud.
The program targets the acquirers responsible for the largest 1,200 merchants — known as Level 1 and 2 merchants — that each process more than 1 million Visa transactions a year and combined account for approximately two-thirds of Visa's U.S. transaction volume. The initiative's goal is to eradicate the storage of full-track data, CVV2 and PIN data, and grow PCI compliance among this group of merchants. Visa reports current PCI compliance among Level 1 merchants at 36 percent and 15 percent among Level 2 merchants, with the majority in both levels actively working toward compliance.