SAN FRANCISCO, Calif.– Merchants that process the most credit and debit card transactions have until Sept. 30, 2009 to prove they no longer store any consumers' sensitive card data on their systems, according to Visa Inc.'s announcement of the most recent card data security standards.


The payment card industry data security standards are developed and promulgated by the Data Security Council, an open industry body with representatives from all the major card brands that sets card data security standards for the entire card payments system. The deadline impacts merchants which process more than 1 million card transactions per year (called level 1 and 2 merchants).


Merchants found not in compliance after that date can be fined and face other enforcement measures, Visa said. Previously, Visa has suggested the majority of the biggest merchants are already compliant with the data security standards.

Complete your profile to continue reading and get FREE access to, part of your ALM digital membership.

  • Critical information including comprehensive product and service provider listings via the Marketplace Directory, CU Careers, resources from industry leaders, webcasts, and breaking news, analysis and more with our informative Newsletters.
  • Exclusive discounts on ALM and CU Times events.
  • Access to other award-winning ALM websites including and

© 2024 ALM Global, LLC, All Rights Reserved. Request academic re-use from All other uses, submit a request to [email protected]. For more information visit Asset & Logo Licensing.