, which has its own timeline and process for compliance validation. Visa regions previously issued their own deadlines and validation requirements for card security and data storage. The new mandates require Visa merchants processing more than 6 million annual transactions to validate
PCI complianceby 30 September 2010. By 30 September 2009, merchants and acquirers processing more than 1 million annual transactions must confirm that they did not retain data from magnetic strips, security codes or PIN data. "Hackers are looking for this type of data because of its use in counterfeiting payment cards, and that is why Visa prohibits its storage," said Eduardo Perez, Visa Inc. head of global data security.