eCommerce malware infections are a continued contributor to global fraud in the Card-Not-Present space. To help merchants combat fraud resulting from these global and persistent attacks, Visa is providing guidance and best practices for merchants to help secure their online stores.
See attached data security bulletin for more information: https://usa.visa.com/content/dam/VCOM/global/support-legal/documents/psi...
Visa regularly posts data security communications on their web site: https://usa.visa.com/support/merchant/library.html
Refund Processing:
Message from UBC PCI Compliance Officer
Please ensure that you regularly verify refund transactions from your credit card process - ecommerce, PIN pad device, payment application, virtual terminal.
We are currently investigating again fraud committed through refund.
We would like to bring to your attention to strengthen controls on who have access to refund, how it is processed and reviewed to avoid fraudulent activity.