This is hot topic nowadays. The Payment Card Industry (PCI) Data Security Standard was created by major credit card companies to safeguard customer information. Visa, MasterCard, American Express, and other credit card associations mandate that merchants and service providers meet certain minimum standards of security when they store, process and transmit cardholder data.
When customers offer their bankcard at the point of sale, over the Internet, on the phone, or through the mail, they want assurance that their account information is safe. That’s why Visa USA has instituted the Cardholder Information Security Program (CISP). Mandated since June 2001, CISP is intended to protect Visa cardholder data–wherever it resides–ensuring that members, merchants, and service providers maintain the highest information security standard.
In 2004, the CISP requirements were incorporated into an industry standard known as Payment Card Industry (PCI) Data Security Standard resulting from collaboration between Visa and MasterCard to create common industry security requirements. Visa USA maintains CISP as the managing program for data security compliance endorsing the PCI Data Security Standard.
Sources: Visa, MasterCard, American Express and VeriSign websites.