Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Visa Inc.
January 2014
TABLE OF CONTENTS
1.0 Document Overview ...................................................3
1.1
Audience ........................................................................................................... 3
1.2
Introduction ....................................................................................................... 3
1.3
1.4
1.5
2.2
Enrollment ......................................................................................................... 6
3.2
Scheduling ........................................................................................................ 6
3.3
3.4
Enrollment ......................................................................................................... 7
4.2
Scheduling ........................................................................................................ 8
4.3
4.4
4.5
4.6
5.2
5.3
5.4
Audience
This document is for vendors that develop and implement components according to the
3-D Secure specifications. There are two types of testing addressed in this document,
Systems Testing and Compliance Testing. In this document vendor refers to (Member,
Merchant or Vendor).
Readers should review this policies and procedures document in its entirety before
starting 3-D Secure Systems and Compliance Testing.
Disclaimer
The policies and procedures in this document may be changed at any time. Visa
reserves the right to make changes. Visa will provide enrolled vendors with reasonable
notice of all changes. Current documents are posted on the Visa website at
https://technologypartner.visa.com/Library/.
Successful completion of 3-D Secure Compliance Testing does not guarantee suitability
for a particular purpose, nor does the completion of 3-D Secure Compliance Testing
guarantee complete interoperability with all other products, even if they also have
completed 3-D Secure Compliance Testing.
1.2
Introduction
3-D Secure Payment authentication is the process of verifying cardholder account
ownership during a purchase transaction in an online commerce environment.
Visa has developed the Three-Domain Secure (3-D Secure) protocol to improve
transaction performance online and to accelerate the growth of electronic commerce.
The objective is to benefit all participants by providing Issuers with the ability to
authenticate cardholders during an online purchase, thus reducing the likelihood of
fraudulent usage of Visa cards and improving transaction performance.
1.3
Systems Testing
The 3-D Secure Systems Testing allows vendors to test their 3-D Secure products using
end-to-end component connectivity prior to beginning Compliance Testing. The results
of Systems Testing are available for review during the system test cycle. Systems
Testing serves as a tool to prepare the vendor for 3-D Secure Compliance Testing.
Note: Systems Testing is not a stress test environment. The environment is available to
vendors as a unit and system test environment only. Abuse of the facility will result in
immediate termination of access to the test facility.
Page 3
1.4
Compliance Testing
Compliance Testing is completed using Visas Compliance Test Facility.
To complete Compliance Testing, 3-D Secure vendors must test each of their
components using the compliance test cases supported by the Test Facility. The test
cases exercise a products functionality to determine its conformity with the 3-D Secure
protocol and messaging specifications.
No product may be represented as 3-D Secure compliant until it has completed the
testing described in this document and has received a 3-D Secure compliance letter
from Visa.
1.5
Contact Information
Telephone:
Facsimile:
https://technologypartner.visa.com/Library/
3dcompliance@visa.com
Visa Inc.
3-D Secure Systems and Compliance
Testing Office
(M4-3B)
Post Office Box 8999
San Francisco, CA 94128-8999
United States
+1-650-432-2441
+1-650-432-2408
Compliance Test
Facility contact:
E-mail:
http://www.3dsecuretestfacility.com
cthsupport@visa.com
2.2
Testing. Therefore, Systems Testing gives you the advantage of assessing your
products readiness prior to entering Compliance Testing.
3.1
Enrollment
To enroll in 3-D Secure Systems Testing, a vendor must:
o
o
o
Review and sign the Visa Inc. 3-D Secure Systems and Compliance Testing
Agreement,
Complete the Visa Inc. 3-D Secure Systems and Compliance Testing Exhibit A:
Request For Testing Services Form,
Complete, sign and email both documents in PDF format to Visa Inc.
(3dcompliance@visa.com) along with wiring the Systems Testing fees to Visa
Inc. as described below.
Testing
The Visa Inc. 3-D Secure Systems and Compliance Testing Agreement must be
reviewed and signed by the vendor, and submitted together with the Exhibit A: Request
For Testing Services Form and the Systems Testing fees. The Visa Inc. 3-D Secure
Systems and Compliance Testing Agreement can be downloaded from
https://technologypartner.visa.com/Library/. The Agreement is only required once as long as the
most current agreement is on file.
3.2
Scheduling
To participate in Systems Testing, the vendor must first complete the Visa Inc. 3-D
Secure Systems and Compliance Testing Agreement. The Exhibit A: Request For
Testing Services Form must be completed for each component. This can be obtained
from https://technologypartner.visa.com/Library/. Each product that is enrolled in Systems
Testing will be assigned a position in the testing queue, on a first come, first served
basis. Vendors are assigned dates upon receipt of the completed Exhibit A: Request For
Testing Services Form, Authentication Services Testing Agreement, and the Systems
Testing fee.
Visa Inc. will allocate a consecutive twenty-one calendar day period to the vendor for
Systems Testing, during which the vendor will be able to test their product and receive
technical support during normal business workdays, India Standard Time. There is
limited technical assistance available during the Systems Test period. Each vendor is
allowed five hours of technical support. The Systems Test Facility is available for testing
twenty-four hours a day, seven days a week.
The output results from the Systems Test runs are available for review by the vendor by
downloading them from the Compliance Testing Facility.
If a vendor is not ready to test their product during the twenty-one consecutive calendar
day period allocated by Visa Inc., the vendor will be re-assigned to the end of the testing
queue.
Visa reserves the right to re-allocate time slots as warranted if it is deemed that a vendor
is abusing the queuing system.
3.3
3.4
4.1
Enrollment
To enroll in 3-D Secure Compliance Testing, a vendor must:
Page 7
o
o
o
o
Review and sign the Visa Inc. 3-D Secure Systems and Compliance Testing
Agreement,
Complete the Visa Inc. 3-D Secure Systems and Compliance Testing Exhibit A:
Request For Testing Services Form,
Complete the Visa Inc. 3-D Secure Systems and Compliance Testing
Questionnaire, and
Complete, sign where appropriate and email all three documents in PDF format
to Visa Inc. (3dcompliance@visa.com) along with wiring the Compliance Testing
fees to Visa Inc as described below.
The Visa Inc. 3-D Secure Systems and Compliance Testing Agreement must be
reviewed and signed by the vendor, and submitted together with Exhibit A: Request For
Testing Services Form and the Compliance Testing fees. Visa Inc. 3-D Secure Systems
and Compliance Testing Agreement can be downloaded from
https://technologypartner.visa.com/Library/.
receipt of the completed Exhibit A: Request For Testing Services Form, the Compliance
Testing fee, and the completed questionnaire.
Visa Inc. will allocate a consecutive ten calendar day period to the vendor for
Compliance Testing, during which the vendor will be able to test their product and
receive technical support. There is limited technical assistance available during the
Compliance Test period.
If the vendors component is not available or ready to test their product during the time
slot allocated by Visa Inc., the vendor will be re-assigned to the end of the testing queue.
Visa reserves the right to re-allocate time slots as warranted if it is deemed that a vendor
is abusing the queuing system.
4.3
4.4
4.5
Completion of Compliance
Once a product successfully completes 3-D Secure Compliance Testing, a letter will be
provided by Visa Inc. acknowledging 3-D Secure compliance. This entitles the product:
To be represented as 3-D Secure compliant, and
To be listed on https://technologypartner.visa.com/Library/ as 3-D Secure compliant.
Visa Inc. has the exclusive right to grant a vendor an acknowledgement of 3-D Secure
compliance for a specific product.
Page 9
If changes are made to the 3-D Secure protocol, vendors with products(s)
previously acknowledged by Visa Inc. as compliant must repeat compliance.
USD $5,000
5.3
5.4
Payment Methods
Systems and Compliance Testing fees are due upon enrollment and are to be made
payable to Visa Inc. in US dollars. Payment is to be made electronically via bank wire.
Vendors are responsible for payment of any wire transfer fee levied by the initiating
bank.
Vendors sending wire payments through their bank to Visas bank account should notify
Visa Inc. to expect such payment via e-mail to: 3dcompliance@visa.com. When sending
testing fee payments electronically, vendors should include a description line formatted
as follows: vendorname3Dsecure71112.
Electronic bank wire payments should be sent to:
Bank of America
555 California Street
San Francisco, CA 94137
United States
Account: 14990-02709
ABA #: 121000358
Vendorname3Dsecure71112
SWIFT code: BOFAUS3N
All products submitted for compliance testing are required to be submitted pursuant to
Visa Inc.s 3-D Secure Compliance Testing Policies and Procedures. The compliance
letter is subject in all respects to the terms and conditions of the policies and procedures
document.
Even though this Product was submitted for compliance testing, as described in this
letter, the manufacturer of each product shall be responsible for compliance with all
applicable specifications and for all liabilities resulting from the use or distribution of the
product. Vendors may communicate to Visa Inc. customer banks, financial institutions,
merchants and service providers that the Product has received a letter of compliance,
provided, however, that all written communications referring to Visas letter of
compliance shall contain the following legend:
When granted, Visa Inc.s letter of compliance is provided by Visa Inc. to ensure
certain operational characteristics important to Visa Inc.s systems as a whole,
but Visa Inc.s letter of compliance does not under any circumstances include
any endorsement or warranty regarding the functionality, quality, security or
performance of any particular product or service. Visa Inc. does not warrant any
products or services provided by third parties. This letter of compliance does not
under any circumstances include or imply any product warranties from Visa Inc.,
including, without limitation, any implied warranties of merchantability, fitness for
purpose, or non-infringement, all of which are expressly disclaimed by Visa Inc.
All rights and remedies regarding products and services, which have received a
letter of compliance by Visa Inc., shall be provided by the party providing such
products or services, and not by Visa Inc.
All products submitted for testing are required to be submitted pursuant to an
Authentication Services Testing Agreement supplied by Visa Inc. (the
Agreement). The letter of compliance shall be void and of no effect if you have
not submitted to Visa Inc. an executed Agreement. The approval granted in this
letter is subject in all respects to the terms and conditions of the Agreement.
This letter of compliance does not supersede additional regional program
requirements and/or testing requirements as may be imposed by national testing
bodies, financial institutions, network services providers, or other customers.
Manufacturer is encouraged to ensure that testing requirements from all relevant
parties have been met and approvals granted prior to sale or installation of the
product.
Visa Inc.'s letter of compliance is granted solely in connection with the product tested
and to the submitting vendor. Such letter of compliance may not be assigned,
transferred or sublicensed, either directly or indirectly, by operation of law or otherwise.
Only those 3-D Secure product manufacturers receiving a Visa Inc. letter of compliance
for a product may claim that they have the letter of compliance.
Visa Inc. compliance may be revoked at any time. Because this compliance may be
revoked at any time, no third party should rely on this letter at any time without first
confirming the continued effectiveness of the compliant product with Visa Inc. Visa
Inc.reserves the right to modify the terms or duration of this compliance at its sole
discretion.
3-D Secure product must meet a version of the protocol that is currently supported by
Visa Inc. Products that are compliant with versions of the protocol that are no longer
supported by Visa Inc. are not eligible for renewal.
3-D Secure product must be in compliance with any necessary enhancements published by
Visa Inc. to the protocol version supported.
The above policies are subject to change by Visa Inc. at any time without notice to any
party.
For questions on Visa Inc.s 3-D Secure Compliance Renewal Policy, please contact
3dcompliance@visa.com.