The Evolution of Payments on Campus
|
|
- Alvin Norris
- 6 years ago
- Views:
Transcription
1 The Evolution of Payments on Campus Mark Lucas, VP, Managed Services Senior Strategist, Higher Education CISSP, CISA, ASV, CGEIT, QSA, MCSD January 2014
2 Agenda I. About Coalfire II. III. IV. Campus Card and Payments Evolution What happened to the wallet? Crash Course: Mobile Payment Hardware I. Mobile device compliance, risks and security action plan II. Q and A
3 COALFIRE SERVICES Coalfire offers demonstrated leadership in all key areas of IT GRC auditing, assessment and validation.
4 CERTIFICATIONS & AFFILIATIONS
5 HIGHER EDUCATION
6 LOCATIONS
7 Campus Cards and Payments Evolution
8 In the beginning there were campus cards
9 The evolution of campus cards Today Amsec developed and installed the first known card-based campus electronic card access system using magnetic stripe technology at California State Polytechnic University. The first campus-wide system debuted at Duke University. The card was engineered as a four-year card with a durable magnetic stripe designed to prevent accidental data erasure. Florida State University became the first public university to link their campus card with a bank. In 1993, Northwestern University became the first private university to link its campus card with a bank. Campus cards are fairly ubiquitous and support a wide array of features and functions. While One card adoption may have not found a way onto all campuses, most 4 year universities either have or would like a solution.
10 The evolution of campus payments Card Imprints 1970s Small transaction volume, large dollar transactions Dial-Out Terminals Late 1980s-90s Replacement for Imprints; Faster transactions for administrative services. Point-of-Sale 1990s-Present Specialized applications for retail and dining, parking, ticketing, and more. Quick transactions, higher transaction volume, lower dollar amount. Campus OneCard Late 1990s-Present Could be integrated with SIS, physical access control systems, and campus electronic payments systems; but only certain systems! ecommerce 2000s-Present Consumer directed and initiated; convenient. No campus presence required. Used mainly for campus giving, OneCard valuing, and specialized retail
11 Campus payments on the move Payment solutions are bringing more convenience for both merchants and customers New mobile payment solutions are creating new opportunities for merchants and customers Allows your campus to reach more customers in new situations Backend merchant solutions can provide customer database, marketing, and communications
12 What happened to the wallet?
13 No other technology adoption trend compares 4 BILLION mobile phones in use among 7 billion people. By 2014, mobile use will overtake desktop and laptop use. By 2015, there are expected to be 500 million mobile banking users worldwide. 40% of consumers say losing their mobile phone is worse than losing their wallet.
14 Sensitive data goes mobile Payment data Healthcare ephi Home automation Car automation Corporate Corporate apps VPN credentials Banking data Social media Dropboxes/cloud storage
15 Payment Processes go Mobile Mobile Payments can generally be divided into two camps: Consumer Wallets- Consumer applications that store payment details (sometimes in the cloud) to enhance convenience of payment process. Includes Retail Loyalty Payments, like Starbucks Merchant Mobile Point-of-Sale (mpos)- Merchant solutions to facilitate rapid transactions in transient or mobile locations
16 Who are the players? Consumer Wallets Google Wallet PayPal MasterCard PayPass Venmo Isis LevelUp Mobile Point-of-Sale Square PayPal Here VeriFone Mobile Pay Bank of America MobilePay Pogo
17 Drivers for Mobile Payments If you are considering mobile payments, you are not alone this is a burning issue for campus finance and IT security professionals today. Merchant entities want to improve convenience and simplicity of payment process for students and patrons. University merchant environments can be physically fluid and dynamic e.g., remote fund raising events, mobile concessions, and temporary sales and registration events. Customers just expect you to facilitate a mobile payment, especially in certain venues!
18 Drawbacks for Mobile Payments There is risk. Mobile payments are similar to proven, fixed POS technology- except that they use a different OS geared towards consumers, not enterprises. Consumer-based mobile platforms typically lack strong security features of their PC/laptop cousins You can use mobile payment technologies to process payments, but you own the risk of the transaction. Is your community asking for better payment processes with clear-cut advantages over their current approach? What is the risk? How do I be PCI compliant?
19 Crash Course: Mobile Payment Hardware
20 The Three Categories From a data security perspective, PCI Security Standards Council divides mobile point-of-interaction payment devices into three categories: 1. PTS Devices 2. Purpose Built Mobile Devices 3. Consumer Devices
21 Category 1: Pin Transaction Security (PTS) Devices Mobile hardware swipe devices that accept entry of a PIN for debit/credit transactions These devices utilize special security modules for secure read and ex- change of data (SRED) Contain strong controls for hardware Tamper detection and resistance Can work via Ethernet, dial-out, cellular or Wi-Fi networks
22 Category 2: Purpose-Built Mobile Devices They only act as payment application, integrated into hardware Can t use them for games, surfing the web, etc. Locked down; device functions are limited to payments and related POS application functions only Examples include handheld POS devices for dining, parking Because they are purpose-built, they can lack extensibility, limiting ability to integrate with other retail/ business processes
23 Category 3: Multi-Use Mobile Devices Functions as a payment application and is used for other purposes. Relates to an application that is running on top of a consumer handheld device If it runs on ios or Android, it s a likely a Category-3 device. Category-3 devices can t be validated as payment applications under the PA-DSS This means that merchants are responsible for the security and compliance of these implementations
24 Mobile Device Compliance, Risks and a Security Action Plan
25 Compliance Strategies Part 1 PCI Special Interest Groups Mobile Task Force Working Group Guidance Published Mobile Payment Acceptance Security Guidelines for Developers (Sept 2012) Mobile Payment Acceptance Security Guidelines for Merchants (Feb 2013)
26 Compliance Strategies Part 2 Mobile Guidance Link: Category 1 PTS approved device Category 2 Single-Use device Category 3 Multi-Use device
27 Compliance Strategies Part 3 Visa Ready Link: The program provides innovators a path for the certification of devices, software and solutions used to initiate or accept Visa payments as well as guidance and best practices to access the power of the Visa network. Acquirers Ultimately, it s up to the acquirer to determine what is acceptable. Third-party evaluation may be acceptable in the interim.
28 PCI compliance concerns for merchants Are you using (or thinking of using) an unvalidated mpos solution? Understand your responsibilities for PCI DSS compliance Do you have a merchant identification number or formal merchant agreement in place covering the transactions? Do you have to submit an SAQ that covers the mobile transaction environment? Does your payment vendor contract identify specific PCI DSS responsibilities? Understand the payment hardware used and the risks to that hardware introduced from your environment. Consult with a knowledgeable QSA to pinpoint risks to compliance and data security.
29 What Mobile can Payment you do? Trends, Risks & Security Action Items Select your vendors wisely. Just because a technology is convenient for customers doesn t mean it s convenient for your operations. Limit deployment scenarios. Understand where and why the devices will be deployed. Low transaction environments, in limited crowdspaces, may be ideal candidates for early deployments. Manage configuration. Ensure that mobile platform security is a factor in your vendor decision. Does the platform experience frequent zero-day or critical security issues? Can applications access other application s data? Can the device be easily tracked and remotely wiped? How can you limit or enforce an known running configuration and application whitelist? Manage inventory. Who is approved to use the device and under what circumstances? Can inventory be tracked? Can disposition and location be tracked? Use Secure Card Readers (SCRs)/SRED and P2PE certified solutions, if possible. Know as much about your vendor solution as you possibly can, especially in regards to how card data is encrypted in flight and at rest. Perform a mobile risk assessment at least annually. Know the threats, vulnerabilities, and risks to your mobile assets and assess regularly. Mobile technologies are rapidly developing and changing!
30 Mobile Payments Trends, Secure Risks & or Security not? Action Items Security is in the eye of the beholder, so it depends! You can achieve a relatively secure mobile payment technology on your campus, but good controls must be present. Refer to guidance from the PCI SSC, but know that this is only part of the story and formal standards and enforcement have not been developed! Consult with a QSA firm knowledgeable in mobile payment solution designs and controls. Thoroughly vet solutions for alignment with business objectives, operations, and security.
31 Questions
32 Contact Info Mark Lucas, Coalfire ext. 7508
FUTURE OF CREDIT CARD PAYMENT APPLICATION SECURITY:
FUTURE OF CREDIT CARD PAYMENT APPLICATION SECURITY: PA-DSS VS P2PE ForenSecure 17 April 27, 2017 SPEAKER Joel Dubin, PCI QSA, PA-QSA, CISSP Senior Consultant, Application Validation -Eight years as a PA-QSA
More informationTHE FUTURE OF TRANSACTING
1 Payments - Create and Protect Recurring Revenue Opportunities THE FUTURE OF TRANSACTING The Future is Genius SuperDeck Creative v.1 10.22.2015 Who are we? 2 Our payment solutions enable businesses to
More informationPCI BLOG. P2PE, EMV, Tokenization, Oh My!
Page 1 of 8 PCI BLOG THE UNOFFICIAL PCI COMPLIANCE & IT SECURITY BLOG HOME PCI IN THE NEWS PCI TOOLS IT SEC. JOB BOARD DOCUMENTS CONTACT US FORUM P2PE, EMV, Tokenization, Oh My! June 14, 2016 PCI Blog
More informationEMV FAQ S FROM A MERCHANT S PERSPECTIVE
EMV FAQ S FROM A MERCHANT S PERSPECTIVE WHAT IS EMV? EMV, or Europay MasterCard Visa, is a fraudreducing technology that can help protect issuers, merchants and consumers against losses from the use of
More informationMerchant Services What You Need to Know. Agenda 6/5/2017. Overview of Merchant Services. EMV, Tokenization/Encryption, and PCI (Oh My!
Merchant Services What You Need to Know Heather Nowak VP, CPP Senior Product Manager Agenda Overview of Merchant Services Why accept cards? What you need to know/consider Capabilities/Pricing/Contract
More informationWhite Paper PCI-Validated Point-to-Point Encryption On Microsoft Azure. By Christopher Kronenthal, Chief Technology Officer
White Paper PCI-Validated Point-to-Point Encryption On Microsoft Azure By Christopher Kronenthal, Chief Technology Officer Advanced Commerce Platform Foreword 2015 will bring incredible change and innovation
More informationPCI COMPLIANCE PCI COMPLIANCE RESPONSE BREACH VULNERABLE SECURITY TECHNOLOGY INTERNET ISSUES STRATEGY APPS INFRASTRUCTURE LOGS
TRAILS INSIDERS LOGS MODEL PCI Compliance What It Is And How To Maintain It PCI COMPLIANCE WHAT IT IS AND HOW TO MAINTAIN IT HACKERS APPS BUSINESS PCI AUDIT BROWSER MALWARE COMPLIANCE VULNERABLE PASSWORDS
More informationHCE E-Book HOST CARD EMULATION: NFC S MISSING LINK
HCE E-Book HOST CARD EMULATION: NFC S MISSING LINK HOST CARD EMULATION: NFC S MISSING LINK Contents Executive Summary 3 1. What is HCE? 5 2. Implementation options 11 3. HCE & security: tokenization 12
More informationTokenization April Tokenization. Gregory H. Soule, CPA, CISA, CISSP, CFE Senior Manager. Andrews Hooper Pavlik PLC
ization Gregory H. Soule, CPA, CISA, CISSP, CFE Senior Manager Andrews Hooper Pavlik PLC 1 Agenda and Implementation EMV, Encryption, ization Apple Pay Google Wallet Recent Trends Resources Agenda and
More informationEMV Chip Cards. Table of Contents GENERAL BACKGROUND GENERAL FAQ FREQUENTLY ASKED QUESTIONS GENERAL BACKGROUND...1 GENERAL FAQ MERCHANT FAQ...
EMV Chip Cards FREQUENTLY ASKED QUESTIONS Table of Contents GENERAL BACKGROUND...1 GENERAL FAQ...1 4 MERCHANT FAQ...5 PROCESSOR/ATM PROCESSOR FAQ... 6 ISSUER FAQ... 6 U.S.-SPECIFIC FAQ...7 8 GENERAL BACKGROUND
More informationTHE ARRIVAL OF PIN ON MOBILE. An Introduction to the Next Generation of Face-to-Face Mobile Payment Acceptance
THE ARRIVAL OF PIN ON MOBILE An Introduction to the Next Generation of Face-to-Face Mobile Payment Acceptance MYPINPAD Ltd 01 INTRODUCTION For most organisations, growing bottom-line profit is a crucial
More informationC&H Financial Services. PCI and Tin Compliance Basics
C&H Financial Services PCI and Tin Compliance Basics What Is PCI? (Payment Card Industry) Developed by the PCI Security Standards Council and major payment brands For enhancing payment account data security
More informationCCV s self-service payment solutions drive PCI-DSS-compliant security
CCV s self-service payment solutions drive PCI-DSS-compliant security White Paper July 2016 1. Introduction This white Paper discusses the basic differences between the current PCI-DSS and the P2PE rules
More informationPayment Card Industry Data Security Standard Self-Assessment Questionnaire B Guide
Payment Card Industry Data Security Standard Self-Assessment Questionnaire B Guide Prepared for: University of Tennessee Merchants 12 May 2015 Prepared by: University of Tennessee System Administration
More informationEMV Implementation Guide
iqmetrix Payment Processing 12/18/2014 EMV Implementation Guide 1-866-iQmetrix www.iqmetrix.com Table of Contents 1. Introduction... 2 2. What is EMV?... 2 3. How is a chip card different?... 2 4. How
More informationCyber Security in Retail
Cyber Security in Retail Nick Kemske Director, Cyber Security Jacki Snyder Sr. Director Payments, Asset Protection and CIC Services 1 Cyber Security RANSOMWARE AND SKIMMERS 2 Ransomware A Retail Perspective
More informationIntroduction. Scott Jerabek. The CBORD Group. Product Manager
PCI Compliance Introduction Scott Jerabek Product Manager The CBORD Group Founded in 1975 Foodservice, Campus Card and Security solutions to College and University and Healthcare markets CBORD Product
More informationEMV and Educational Institutions:
October 2014 EMV and Educational Institutions: What you need to know Mike English Executive Director, Product Development Heartland Payment Systems 2014 Heartland Payment Systems, Inc. All trademarks,
More informationEMV for Merchants and Merchant Acquirers: U.S. Migration Considerations. Smart Card Alliance Webinar October 6, 2011
EMV for Merchants and Merchant Acquirers: U.S. Migration Considerations Smart Card Alliance Webinar October 6, 2011 Introductions Randy Vanderhoof Executive Director -- Smart Card Alliance 2 Who We Are
More informationIs Your Organization Ready for the EMV Challenge?
Is Your Organization Ready for the EMV Challenge? Suzanne Galvin Director of Product Management Elan Financial Services Jeff Green Director of the Emerging Technologies Advisory Service Mercator Advisory
More informationPCI Requirements Office of Business and Finance Issued July 2015
PCI Requirements Office of Business and Finance Issued July 2015 This document provides supplemental information to be used in conjunction with the Payment Card Compliance policy to assist merchants and
More informationPayment Acceptance Solutions
Payment Acceptance Solutions Increase sales, enhance agility, and mitigate risks with CyberSource CyberSource is a Visa solution Businesses today are developing new strategies for acquiring and retaining
More informationWhite Paper. Payment fraud threatens retail business. P2PE helps you fight back
verifone.co.uk White Paper Payment fraud threatens retail business P2PE helps you fight back 2 Payment fraud threatens retail business, P2PE helps you fight back Every day there are new headlines relating
More informationesocket POS Integrated POS solution Knet
esocket POS Integrated POS solution Knet 1 Summary Since 1994 when the first POS devise was deployed in the market, Knet had recognized the importance of this service and did take it up on it self to invest
More informationAUTHORIZE.NET SAQ ELIGIBILITY WHITE PAPER NICK TRENC CISSP, CISA, QSA, PA- QSA. North America Europe coalfire.
W HITE P APER AUTHORIZE.NET SAQ ELIGIBILITY WHITE PAPER NICK TRENC CISSP, CISA, QSA, PA- QSA North America Europe 877.224.8077 info@coalfire.com coalfire.com TABLE OF CONTENTS Executive Summary... 3 Audience...
More informationThe Changing Landscape of Card Acceptance
The Changing Landscape of Card Acceptance Troy Byram Vice-President Sr. E-Receivables Consultant February 6, 2015 Agenda EMV (Chip and Pin) PCI Compliance and Data Security New Regulations for Municipalities
More informationPIN Issuance & Management
PIN Issuance & Management From PIN selection to PIN verification Card issuers and merchants know they can put their trust in MagTek. Whether meeting the growing need for instant, in-branch card and PIN
More informationEMV: Frequently Asked Questions for Merchants
EMV: Frequently Asked Questions for Merchants The information in this document is offered on an as is basis, without warranty of any kind, either expressed, implied or statutory, including but not limited
More informationRevolutionize Your Business with Harbortouch
Revolutionize Your Business with Harbortouch Swipe Card Regardless of the business you are in, Harbortouch has the ideal processing solution for you. Allow Harbortouch to demonstrate why our company is
More informationTHE ADOPTION OF EMV TECHNOLOGY IN THE U.S. By Guy Berg Global Industry Sales Consultant Datacard Group
THE ADOPTION OF EMV TECHNOLOGY IN THE U.S. By Guy Berg Global Industry Sales Consultant Datacard Group Abstract: Visa Inc. and MasterCard recently announced plans to accelerate chip migration in the United
More informationVerifone MX 915/925 Payment Devices. with KWI 6.x POS Registers: What s New?
Verifone MX 915/925 Payment Devices with KWI 6.x POS Registers: What s New? Contents Overview... 3 Network and Power Requirements... 5 Network Requirements... 5 Power Requirements... 5 Place Your Order
More informationDatacap s Guide to EMV in the US
Datacap s Guide to EMV in the US A Datacap Whitepaper 2 What is EMV? 3 Datacap s experience with EMV benefit of a one-tomany interface 4 What will EMV with Datacap look like? 6 PIN Pad hardware options
More informationSAMPLE DATA FLOW DIAGRAMS for MERCHANT ENVIRONMENTS
SAMPLE DATA FLOW DIAGRAMS for MERCHANT ENVIRONMENTS To protect your environment against payment data theft, you first have to understand how you accept payments. What kind of equipment do you use, who
More informationFrequently Asked Questions for Merchants May, 2015
EMV Frequently Asked Questions for Merchants May, 2015 Copyright 2015 Vantiv, LLC. All rights reserved. *EMV is a registered trademark in the U.S. and other countries, and is an unregistered trademark
More informationStraight Answers on PCI and EMV
Straight Answers on PCI and EMV Gray Consulting November, 2015 Why We Are All Here This presentation is an attempt to demystify the challenges faced by the car wash industry, in dealing with secure, electronic
More informationPAYMENT CARD INDUSTRY DATA SECURITY STANDARD SELF-ASSESSMENT QUESTIONNAIRE (SAQ) A GUIDE
PAYMENT CARD INDUSTRY DATA SECURITY STANDARD SELF-ASSESSMENT QUESTIONNAIRE (SAQ) A GUIDE Last Reviewed: December 13, 2017 Last Updated: December 19, 2017 PCI DSS Version: v3.2, rev 1.1 Prepared for: The
More informationPCI DSS practical guide for Travel Agents
PCI DSS practical guide for Travel Agents Guidance for achieving PCI DSS compliance PCI DSS demystified for Travel Agents PCI Program Office_ Marc. A. HENRY_ISA_ May 25th, 2017 Revision 5.3 Dear customer,
More informationEMV IN THE U.S. HOW FAR HAVE WE COME AND WHERE ARE WE GOING? Andy Brown
EMV IN THE U.S. HOW FAR HAVE WE COME AND WHERE ARE WE GOING? Andy Brown andy.brown@ncr.com MAC is an organization comprised of members from Banks, Acquirers, ISOs, Card Associations, Law Enforcement and
More informationPCI Information Session. May NCSU PCI Team
PCI Information Session May 2014 - NCSU PCI Team Agenda PCI compliance process Security Training Why compliance is important PCI DSS update from NCSU ISA 2014 attestation process Questions PCI Compliance
More informationInterlink Merchant Triple Data Encryption Standard (TDES) Compliance Webinar
Interlink Merchant Triple Data Encryption Standard (TDES) Compliance Webinar Ross Snailer Payment System Risk Stoddard Lambertson Payment System Risk September 9, 2009 Agenda Visa PIN Security Compliance
More informationPCI DSS Security Awareness Training. The University of Tennessee and The University of Tennessee Foundation. for Credit Card Merchants at
PCI DSS Security Awareness Training for Credit Card Merchants at The University of Tennessee and The University of Tennessee Foundation Presented by UT System Administration Information Security Office
More informationEMV A Chip Off the New Block
EMV A Chip Off the New Block WACHA Taking Flight With Payments March 18, 2014 Paul Tomasofsky President, Two Sparrows Consulting Paul@TwoSparrowsConsulting.com (201) 930-9551 Christa Addy Product Manager,
More informationThe Future of Airport Information Technology (IT) Presentation to, ACI-NA Airport Board Members and Commissioners Conference April 28, 2009
The Future of Airport Information Technology (IT) Presentation to, ACI-NA Airport Board Members and Commissioners Conference April 28, 2009 Initiatives Dictating IT Trends Technology Standards Driving
More informationEvaluating Processing Infrastructure, Support & Costs
Evaluating Processing Infrastructure, Support & Costs Leveraging Changes in Technology for Improved Customer Experience & Profits Transactions are the lifeblood for convenience stores. From the customers
More informationThreat Landscape: Skimming In a Changing Environment
Threat Landscape: Skimming In a Changing Environment Chris Forsythe, Sr. Risk Analyst, Visa, Payment Fraud Disruption & Intelligence Stoddard Lambertson, Director, Fraud & Breach Investigations 22 February
More informationEMV Basics and the market
EMV Basics and the market What is a smartcard? 1 2 3 4 5 2 What is EMV? EMV is the globally adopted international standard for adding a chip on a payment card A chip is a small computer built into the
More informationSecurity & Compliance Trends in Innovative Electronic Payments
Security & Compliance Trends in Innovative Electronic Payments Independently conducted by Ponemon Institute LLC Publication Date: October 2014 Ponemon Institute Research Report Security & Compliance Trends
More informationCREDIT CARD MERCHANT PROCEDURES MANUAL. Effective Date: 04/29/2016
CREDIT CARD MERCHANT PROCEDURES MANUAL Effective Date: 04/29/2016 Updated: April 29, 2016 TABLE OF CONTENTS Introduction... 1 Third-Party Vendors... 1 Merchant Account Set-up... 2 Personnel Requirements...
More informationpayshield 9000 The hardware security module securing the world s payments
> payshield 9000 The hardware security module securing the world s payments www.thalesgroup.com/iss Information Systems Security Information Systems Security payshield 9000 Table of Contents Introduction
More informationUnderstanding the SAQs for PCI DSS v3.0
Understanding the SAQs for PCI DSS v3.0 The PCI DSS self-assessment questionnaires (SAQs) are validation tools intended to assist merchants and service providers report the results of their PCI DSS self-assessment.
More informationMobile and Contactless Payments Requirements and Interactions
Mobile and Contactless Payments Requirements and Interactions Version 1.0 Date: February 2018 2018 U.S. Payments Forum and Smart Card Alliance. All rights reserved. Page 1 About the U.S. Payments Forum
More informationThe e-commerce solution. Your key to successful online business
The e-commerce solution Your key to successful online business SIX Payment Services Table of contents The right choice for online and omni-channel payments 03 Your one-stop shop provider 04 How we can
More informationCard Payment acceptance at Common Use positions at airports
Card Payment acceptance at Common Use s at airports Business requirements Version 1, published in June 2016 Preamble Common Use (CU) touchpoints (self-service s such as self-service kiosks or bag drops,
More informationMobility, Smart Devices, BYOD Do You Have a Solution & Strategy?
Steven Scheurmann- Sales Leader, Asia Pacific & Japan, Endpoint & Mobility 스마트보안 Mobility, Smart Devices, BYOD Do You Have a Solution & Strategy? Mobile is an enterprise priority Growth in Internet Connected
More informationE M V O V E R V I E W. July 2014
E M V O V E R V I E W July 2014 A G E N D A EMV Overview EMV Industry Announcements EMV Transaction Differences, What to Expect Solution Decisions Market Certification Considerations Questions 2 E M V
More informationThe Future of Business Travel Payment. Michael Fürer BeLux Director, AirPlus International
The Future of Business Travel Payment Michael Fürer BeLux Director, AirPlus International Digital Transformation Day, Antwerp, 18 May 2017 AirPlus International A leading international provider of Corporate
More informationEMV is coming. Here s how to stay ahead of the trend. Presented by CO-OP Financial Services
EMV is coming. Here s how to stay ahead of the trend. Presented by CO-OP Financial Services October 25, 2012 Agenda What EMV is and how it works U.S. and global adoption Impact to the payments ecosystem
More informationThe Fork in the Road to PCI Compliance
The Fork in the Road to PCI Compliance and How We Took It Purdue University April 24, 2017 Debra Wert Jefferson Hopkins Yogi Berra If you come to a fork in the road, take it. Yogi Berra University Environment
More informationTicketing: How ACME s Cloud-Based Enterprise Platform Benefits Your Business
Ticketing: How ACME s Cloud-Based Enterprise Platform Benefits Your Business Today the cloud is replacing on-premise or hosted enterprise workloads, one vertical at a time. ACME was started to introduce
More informationUNIVERSITY OF OKLAHOMA Campus Payment Card Security Standard Norman Campus
UNIVERSITY OF OKLAHOMA Campus Payment Card Security Norman Campus Subject: Campus Payment Card Security Coverage: The University of Oklahoma Norman Campus Regulation: Payment Card Industry ( PCI ) Data
More informationPolicies and Procedures
Policies and Procedures Provided by PROGuard The following are policies and procedures which need to be enforced to ensure PCI DSS compliance. In order to answer yes to the questions and pass the SAQ,
More informationCOLUMBIA UNIVERSITY CREDIT CARD ACCEPTANCE AND PROCESSING POLICY
COLUMBIA UNIVERSITY CREDIT CARD ACCEPTANCE AND PROCESSING POLICY Effective Date: August 31, 2009 Latest Revision: March 28, 2017 Policy Statement This policy establishes the requirements for the acceptance
More informationADDENDUM NO. 3 REQUEST FOR PROPOSAL NO. R BANKING AND MERCHANT SERVICES FOR HIGHER EDUCATION
ADDENDUM NO. 3 Attention to Proposers: This constitutes Addendum No. 3 to the referenced Request for Proposals (RFP), and consists of this ten (10) page cover letter, which provides responses to questions
More informationNew Skies Customer-centric reservation and distribution system
Ready to lead the airline industry of tomorrow? It s been called a New World Order for airlines, and your business is right at the heart of it. Your formula: achieve high growth, streamline operations,
More informationTHE NEXT EVOLUTION IN COMMERCE: INVISIBLE PAYMENTS
THE NEXT EVOLUTION IN COMMERCE: INVISIBLE PAYMENTS WHAT THIS SHIFT MEANS FOR CONSUMERS AND THE COMPANIES THAT SERVE THEM A White Paper by i2c, Inc. 1300 Island Drive Suite 105 Redwood City, CA 94065 USA
More informationGlobal Mobile Payments Market
Published on NOVONOUS (https://www.novonous.com) Home > Global Mobile Payments Market 2016-2020 Global Mobile Payments Market 2016-2020 Publication ID: NOV0216002 Publication Date: February 18, 2016 Pages:
More informationProtecting Your Swipe Devices from Illegal Tampering. Point of Sale Device Protection. Physical Security
Protecting Your Swipe Devices from Illegal Tampering The threat of Point of Sale (POS) terminal tampering is serious and worldwide. Every day criminals install skimmers, keykatchers, and other devices
More informationEMV Just the Facts. Ozarks Association of Government Accountants
EMV Just the Facts Ozarks Association of Government Accountants Speakers and Housekeeping EMV: Just the Facts Presentation Brad Hench Regional Sales Manager US Bank Elavon 45 minute presentation 10 minute
More informationEMV FREQUENTLY ASKED QUESTIONS (FAQs)
1. What is EMV? EMV (stands for Europay, MasterCard and Visa) is the global standard for credit, debit, and prepaid card payments using the chip card technology. EMV chipbased payment card is a more secure
More informationRugged Tablet Solutions: A Technical Buyer s Guide
Rugged Tablet Solutions: A Technical Buyer s Guide So, you ve finally decided to jump on the tablet POS bandwagon and now you re stuck in the conundrum of deciding which tablet will best fulfill your application
More informationPayment Card Industry (PCI) Payment Application Data Security Standard (PA-DSS) Attestation of Validation Version 2.02
Payment Card Industry (PCI) Payment Application Data Security Standard (PA-DSS) Attestation of Validation Version 2.02 April 2012 PA-DSS Attestation of Validation Instructions for Submission The Payment
More informationCommerce Driver. ios Quick-Start Guide v1.0
Commerce Driver ios Quick-Start Guide v1.0 Understanding EMV Certification... 2 What is EMV?... 2 How Does it Work?... 2 Becoming EMV Compliant... 2 Level 1 Hardware/Terminal Certification... 2 Level 2
More informationEngaging campus experience with transaction solutions CACUBO annual meeting
Engaging campus experience with transaction solutions 2017 CACUBO annual meeting Who we are 2 Dedicated to higher education 1,000+ Transaction solution clients Serve 2,100+ clients in 60 countries Staff
More informationVisa Digital Solutions. Rocio Beckham Community Issuers
Visa Digital Solutions Rocio Beckham Community Issuers Notice of Confidentiality This presentation is furnished to you solely in your capacity as a customer of Visa and/or participant in the Visa payments
More informationEMV in the U.S. Liability shift; what does this mean for the U.S.?
EMV in the U.S. Liability shift; what does this mean for the U.S.? Questions and answers What the liability shift really means with regards to costs, risks and benefits. Fraud is on the rise in the U.S.
More informationPerformance with a single touch
Need stock and employees control? Need fast check-out time and loyal customers? Need a powerful POS without implementation headaches? Your search is over! Performance with a single touch Whether you open
More informationAdding Business Value with Integrated Payment Solutions
Adding Business Value with Integrated Payment Solutions Sponsored by Sage Payment Solutions Laurie McCabe, Partner Sanjeev Aggarwal, Partner 1 SMB Group, Inc. January 2014 ADDING BUSINESS VALUE WITH INTEGRATED
More informationPCI Requirements Office of Business and Finance Issued July 2015
PCI Requirements Office of Business and Finance Issued July 2015 This document provides supplemental information to be used in conjunction with the Payment Card Compliance policy to assist merchants and
More informationProtecting Your Future
Protecting Your Future with NCR Secure How to prepare for the EMV and Windows 7 Migration An NCR White Paper 02 1 Upcoming Major Changes and Trends The North American financial industry will go through
More informationThe Future of Payment Security in Canada
The Future of Payment Security in Canada October 2017 1 Visa Canada Public The Future of Payment Security in Canada Notices Forward-Looking Statements This presentation contains forward-looking statements
More informationSD-WAN AND THE OMNI-EXPERIENCE. Building customer loyalty with managed, software defined wide area networks for restaurants
SD-WAN AND THE OMNI-EXPERIENCE Building customer loyalty with managed, software defined wide area networks for restaurants Building Loyalty with the Omni-Experience Omni-Experience: Consistent guest experiences
More informationjhapassport EMV Update:
jhapassport EMV Update: Your Questions Answered Presented by Keri Crane September/October 2015 Dates contained in this document are provided as estimates only and can be changed at any time at the sole
More informationA Mobile Economy. Amy Smith, AAP CAE - Vice President, Executive Director The Clearing House Payments Authority. Friday, June 10, :15 p.m.
A Mobile Economy Amy Smith, AAP CAE - Vice President, Executive Director The Clearing House Payments Authority Friday, June 10, 2016 2:15 p.m. The Clearing House Payments Authority January 1, 2016 business
More informationEmbracing Mobile Commerce: How Accenture and Paydiant Help Companies Move Beyond Payments
Embracing Mobile Commerce: How Accenture and Paydiant Help Companies Move Beyond Payments 2 As smartphones become the norm, more people want to use their phones to make their daily lives more convenient
More informationSmart credentials. Enabling today s and tomorrow s digital identities.
Smart credentials Enabling today s and tomorrow s digital identities www.infineon.com/govid Opportunities Strengthen national security Increase administrative efficiency and deliver new government services
More informationEMV, PCI, Tokenization, Encryption What You Should Know for Presented by: The Bryan Cave Payments Team
EMV, PCI, Tokenization, Encryption What You Should Know for 2015 Presented by: The Bryan Cave Payments Team Agenda Overview of Secured Payments Judie Rinearson (NY) EMV Courtney Stout (DC) End to End Encryption
More informationPCI DSS Compliance in Contact Centers
PCI DSS Compliance in Contact Centers CX17 Indy May 2017 Indianapolis, Indiana Tony Smith & David Swift We ll be covering Why customer experience is important What customers demand What PCI DSS means for
More informationSwift B250 User Guide
Swift B250 User Guide Contents Overview Specifications Operating the Reader Frequently Asked Questions 2 Overview The Swift B250: a compact, durable, low cost card reader that enables you to accept mobile
More informationATM Webinar Questions and Answers May, 2014
May, 2014 Debit Network Alliance LLC (DNA) is a Delaware Limited Liability Company currently comprised of 10 U.S. Debit Networks and open to all U.S. Debit Networks. The goal of this collaborative effort
More informationTough Math for Desktop TCO
Top 6 reasons to use a Remote Desktop and RemoteApps Tough Math for Desktop TCO In their fight to reduce IT budgets, small- and medium-sized businesses have to answer one tough question: how do we reduce
More informationFTFS. Fault Tolerant Financial Systems
FTFS Fault Tolerant Financial Systems Fault Tolerant Financial Systems - FTFS - is the modular solution designed to support Enterprises and Financial Institutions in channel management for POS, self service,
More informationEMV Migration. What You Need to Know about the Technology, the Security Protection it Provides, and When to Implement
EMV Migration What You Need to Know about the Technology, the Security Protection it Provides, and When to Implement According to a 2016 TSYS study identifying consumer payment preferences, 40 percent
More informationAgenda. What is EMV. Chip vs Mag Stripe. Benefits of EMV. Timeframes & Liability Shift. Costs. Things to consider. Questions
EMV Chip Cards Agenda What is EMV Chip vs Mag Stripe Benefits of EMV Timeframes & Liability Shift Costs Things to consider Questions 2 What is EMV EMV was named for the developers Europay, MasterCard and
More informationPoint-of-Sale Terminals
Point-of-Sale Terminals The Right Hardware for the Job SIMPLE, SECURE PAYMENT PROCESSING Your customers can be anywhere. And no matter where they are, they expect you to process their payments easily and
More informationElectronic Payments: PayPal vs. Credit Cards
Electronic Payments PayPal vs. Credit Cards 101109 R1 Objectives Electronic Payments: PayPal vs. Credit Cards Credit Cards - 20,000 foot view New Realities Credit Card Industry Considerations What Is Your
More informationHelping merchants automate testing practices.
Helping merchants automate testing practices. Meet deadlines, facilitate certifications and overcome complexities. www.fisglobal.com As a merchant, you are in the middle of the shift from traditional cash
More informationEMV: Facts at a Glance
EMV: Facts at a Glance 1. What is EMV? EMV is an open-standard set of specifications for smart card payments and acceptance devices. The EMV specifications were developed to define a set of requirements
More informationPreparing your store for EMV
Petroleum Solutions, Inc. 2700 Aldine Bender Houston, TX 77032 281-449-4027 EMV Compliance and POS/Dispenser Systems Preparing your store for EMV Goals For This Session Understanding Planning Approach
More informationCapgemini & Experitest Co-webinar: A secure Mobile Testing Cloud Resource- Accessible Anytime Anywhere. Dec 2014
Capgemini & Experitest Co-webinar: A secure Mobile Testing Cloud Resource- Accessible Anytime Anywhere Dec 2014 Agenda 1 Part I- Designing a Secure Device Lab (20 min) 2 Part II- Remote Device Lab In The
More informationMOBILE CHECKOUT SOLUTION
MOBILE CHECKOUT SOLUTION MONEXgroup in this report introduces the Mobile Checkout Solution for merchants who process payments on-the-go using their Smartphone devices. Mobile Checkout allows businesses
More information