International Operators Seminar. Bem-vindo! Bienvenidos! Bonjour! Croeso! Foon ying! Hujambo! Velkomen! Welkom! Welcome!

Transcription

1 International Operators Seminar Bem-vindo! Bienvenidos! Bonjour! Croeso! Foon ying! Hujambo! Velkomen! Welkom! Welcome!

2 Introductions Hiring & Training Rates Payment Cards Technology Tools GDS Affiliation Q & A Networking Reception

3 Hiring & Training Jim Davis & Tom Sabol

4 Hiring and Training We don t hire to fire We train and retain

5 Hiring Before we can train our employees, we need to hire the right people. Always review your legal responsibilities prior to proceeding with the hiring process Here are some Best Practices for hiring.

6 Best Practices Applicants The Job The Interview Review and Select

7 Applicants How do you gather applicants? Referrals Media Internet Schools Temp services

8 The Job Step 1: Analyze the job Step 2: What are the job functions Step 3: Describe the job Step 4: The job is not limited to the description Step 5: Finalize the job description

9 The Interview Plan ahead Set the applicant at ease Ask all the same questions Avoid Yes or No questions Take notes throughout Observe body language

10 Review & Select Review legal responsibilities Use Evaluation Form Transfer rankings from interview Compare applicants Make selection Offer the Job

11 Training Me? Train? But I m not a trainer

12 Training Always offer Core training New Hire Product Knowledge Sales Customer Service

13 Training Needs Analysis Make sure training is the solution. What is the desired outcome? What does success look like? How will you measure results? What tools and reports do you need to determine need and measure results?

14 Training Six Keys to Successful Training: 1. Knowledge bites 2. Stick to One Idea 3. Make training part of continuous improvement 4. The rule 5. Plant training seeds 6. Start the class before the class and end the class after the class

15 Training Knowledge bites Short knowledge bites are easier to digest than long form seminars. Conduct frequent, short training sessions rather than longer sessions.

16 Training Stick to One Idea No more than three takeaways. Most of us can t implement the 123 new strategies that we picked up in the last training session. Too may tasks or goals mean employees won t focus on any of them.

17 Training Make training part of continuous improvement Treat training like a workout regimen Training must reflect your culture Check for potential conflict between work groups

18 Training The rule Adults pay attention for 90-minutes. Adults only learn for 20-minutes out of the 90. Involve them every 8-minutes in discussion, activities and planning to keep the learning relevant and to keep them engaged.

19 Training Plant training seeds I learn more in the break room than I do in training Plant seeds for conversation after the training class Create discussion opportunities to foster idea exchange

20 Training Start the class before the class and end the class after the class Use technology to communicate and discuss training topics before class starts (Twitter, instant messaging). Challenge the audience as they arrive to undertake activities or dialog with other members. Get the audience buzzing before you start.

21 Training Mix and mingle with the classroom audience as they arrive. Let them get to know the trainer/facilitator as early as possible. Identify any issues/questions they may have. Follow up with technology, contests and incentives to communicate and discuss what was covered.

22 Contact Information Tom Sabol Jim Davis

23 Rate Management & Pricing for Profit Michael DeLorenzo Vice President and General Manager March 2011

24 Rate Management & Pricing for Profit A Very Common Pricing Strategy: I ll just set my prices $1 less than my competitor.

25 Rate Management & Pricing for Profit Leads to A Very Common Pricing Result: I m just not making any money

26 Understandyour Cost Structure Components of Vehicle Fixed Cost Per Vehicle Per Month 1- Depreciation Amount - $ Interest $ Insurance $ Franchise / Other Cost $ 40. Monthly Cost Per Vehicle $560

27 Choose a Gross Profit Objective Monthly Cost Per Vehicle $560. Objective 100% Mark Up $560 $1120. Average Revenue Per Vehicle Per Month Required to Achieve Objective

28 Historical Utilization Full Size Car Utilization for March 2010 was 78%. multiply 31 Days by 78% = You will average days on rent if you achieve your desired utilization.

29 Calculate the Average Rate Required Objective: Average Monthly Revenue Per Vehicle $1120. Less 15% Optional Item Sales $168. Net Required Revenue $952. Divided By Average Rate Required -----$39.37 to Achieve Objective per day

30 Average Rate Required Average Rate Required$39.37 to Achieve Objective per day 3 Day Weekend minimum $39.37 * 3 days * 78% utilization = $ Day Weekly minimum $39.37 * 7 days * 78% utilization = $214.96

31 Questions? Comments? Contact Information Michael DeLorenzo Vice President rentawreck.com (240)

32 Payment Card Industry Data Security Standards, Chip & PIN / EMV Roy Blicker, COO March 2011

33 Payment Card Industry Data Security Standard (PCI DSS)

34 PCI DSS Overview PCI DSS is a set of comprehensive requirements* designed for enhancing payment account data security and protecting customer account data PCI DSS was developed by the founding payment brands of the PCI Security Standards Council for the major credit cards. ALL MERCHANTS MUST BE PCI DSS COMPLIANT * Multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures

35 PCI DSS Requirements PCI DSS Requirements Build & maintain a secure network Protect cardholder data Maintain a vulnerability management program Implement strong access control measures Regularly monitor and test networks 1. Install and maintain a firewall configuration to protect cardholder data. 2. Do not use vendor-supplied defaults for system passwords and other security parameters. 3. Protect stored cardholder data. 4. Encrypt transmission of cardholder data across open, public networks. 5. Use and regularly update anti-virus software or programs. 6. Develop and maintain secure systems and applications. 7. Restrict access to cardholder data by business need-to-know. 8. Assign a unique ID to each person with computer access. 9. Restrict physical access to cardholder data. 10. Track and monitor all access to network resources and cardholder data. 11. Regularly test security systems and processes. Maintain an information security policy 12. Maintain a policy that addresses information security for employees and contractors.

36 PCI DSS and PA-DSS The payment industry adopted two data security standards 1. PCI DSS - designed for payment processors, merchants and SaaS ISVs 2. PA-DSS - intended for distributed software applications that process, store, or transmit credit card data Independent Software Vendors (ISVs) must ensure that their integrated payment processing solutions are compliant with the rigorous standards of PCI DSS/PA-DSS

37 PCI DSS and PA-DSS ISVs have two major options regarding PCI Compliance: 1. Obtain PCI DSS/PA-DSS compliance validation through a Qualified Security Assessor (QSA), or; 2. Shift the responsibility of storing, transmitting and processing cardholder data to a PCI DSS compliant payment processor ISVs that select option 2 (above) remove the need for PCI DSS/PA-DSS compliance and greatly simplify PCI DSS compliance for their customers (merchants).

38 The Relationship Between PCI DSS & PA-DSS PCI DSS PCI DSS requires merchants to list the software application they are running as well as the version number. If an application is not compliant, the merchant is automatically disqualified from meeting PCI DSS requirements. It is critical that Software Providers are PCI DSS/PA-DSS compliant or are out of scope in order for their customers to comply.

39 PCI DSS Segment Merchants and Associated Requirements to the Following Four Categories:

40 Level Merchant Criteria Validation Requirements 1 Merchants processing over 6 million Visa transactions annually (all channels) or Global merchants identified as Level 1 by any Visa region. Annual Report on Compliance (ROC) by Qualified Security Assessor (QSA) Quarterly network scan by Approved Scan Vendor (ASV) Attestation of Compliance Form 2 Merchants processing 1 million to 6 million Visa transactions annually (all channels) Annual Self-Assessment Questionnaire (SAQ) Quarterly network scan by Approved Scan Vendor (ASV) Attestation of Compliance Form 3 Merchants processing 20,000 to 1 million Visa e- commerce transactions annually Annual Self-Assessment Questionnaire (SAQ) Quarterly network scan by Approved Scan Vendor (ASV) Attestation of Compliance Form 4 Merchants processing less than 20,000 Visa e-commerce transactions annually and all other merchants processing up to 1 million Visa transactions annually Annual Self-Assessment Questionnaire (SAQ) Quarterly network scan by Approved Scan Vendor (ASV) Compliance validation requirements set by acquirer.

41 Consequences of Non-Compliance Damage to merchant s brand/reputation Investigation and remediation costs Ongoing compliance audits Victim notification costs Charge-backs for fraudulent transactions Denial of service to customers Possibility of business closure

42 PCI Overview Question Why is implementation of the PCI requirements so important? A. Protect Customer Card Data B. Contractual Obligation C. State Law D. Business Best Practices Protect Your Business E. All of the above

43 PCI DSS High-Level Compliance Status U.S. and Outside of the U.S. According to Visa, the U.S. achieved a much higher PCI compliance stats as of December 31, 2010 For Level 1 chains in the U.S., for example: Visa Reports that 96% are compliant Level 1 chains outside the U.S., according to Visa, is 76 percent. Level 1 Merchants Are Defined As: Merchants processing over 6 million Visa transactions annually (all channels) or Global merchants identified as Level 1 by any Visa region

44 Chip & PIN EMV

45 Overview & Definitions Chip & PIN Smart Cards EMV Cards EMV Europay (now part of MasterCard) / MasterCard / Visa EMV Cards Credit and debit cards with embedded microprocessors, memory, and operating system capable of handling one or more applications conforming to the EMV standards (payments, gift, loyalty, etc.)

46 Overview & Definitions Chip & PIN Smart Cards EMV Cards Data stored on EMV cards are encrypted and the microprocessors are tamper resistant EMV cards can communicate with another device equipped with EMV certified microprocessors such as point-of-sale terminals and ATMs

47 Magnetic Stripe Cards Vs. EMV Cards Information such as card number, expiration date, etc. is encoded on the magnetic stripe on the back of the card in clear text When swiping a magnetic stripe card through a machine equipped with a Magnetic Stripe Reader (MSR) such as a POS, the information encoded on the magnetic stripe can be read EMV (chip-and-pin) Cards: The information is encoded and encrypted on the card Integrated Circuit Hybrid Cards credit and debit cards with both a magnetic stripe and an EMV chip

48 Benefits of EMV *Source: Digital Transactions Magazine, October 2010

49

50 *Source: Digital Transactions Magazine, October 2010

51 POS Operations Contact, dual-contact, or contactless: The card and the terminal authenticate each other through a PIN entered by the cardholder; the result of this off-line, PINbased authentication process is included in the transaction details

52 What s the Latest Regarding Chip & PIN and How it May Impact Merchants? Visa (Feb. 2011) rolled out a new security program to push global use of EMV technology ( chip and dynamic data authentication ) The program will allow retailers with at least 75% of EMV transactions to avoid the annual PCI DSS revalidation assessment This program is not being offered for U.S. retailers because EMV usage is low

53 Visa s New TIP Program This global program is called the Technology Innovation Program (TIP) and has the following requirements: Terminals must be enabled for contact/dual contact and contactless interface chip acceptance All merchants outside of the United States are eligible and may begin qualifying for the new program from March 31, 2011

54 Visa s New TIP Program Ellen Richey, Chief Enterprise Risk Officer at Visa Inc: Visa has repeatedly underscored the need for authentication solutions to move to dynamic data technologies such as EMV chip. Although Visa s global fraud rate remains at an all-time low of less than six pennies out of every $100 transacted, we believe the future of security lies in dynamic data. Our experience suggests that as markets move to chip they become less vulnerable to counterfeit fraud and, ultimately, to mass data compromise attacks.

55 Visa s New TIP Program Retailers under the program would still be required to validate PCI compliance before entering the program and must still comply with all PCI rules. And, the merchant cannot have been involved in a breach of cardholder data.

56 Technology Tools Signature Pads & Handheld Devices Angela Margolit, President

57 Signature Pads Legalization Storage Costs Ease of Access USB Port Paperless -> Go Green!

58 Signature Pads

59 Handhelds Rapid Return Durability Integrated Camera Barcode Scanner

60 Handhelds Evolution of Connectivity: Radio Frequency Spread Spectrum Wireless (300 feet) Cellular

61 Handhelds

62 How to Be Seen on the Global Distribution Systems Joe Knight VP of Business Development

63 Questions? Hiring & Training Rates Payment Cards Technology Tools GDS Affiliation