Introduction. Scott Jerabek. The CBORD Group. Product Manager
|
|
- Abigayle Smith
- 6 years ago
- Views:
Transcription
1
2 PCI Compliance
3 Introduction Scott Jerabek Product Manager The CBORD Group Founded in 1975 Foodservice, Campus Card and Security solutions to College and University and Healthcare markets
4 CBORD Product Portfolio College & University Applications Card Systems Foodservice Housing Online Ordering Commerce Security
5 Agenda Introduction Payment Card Industry standards Credit card risks CBORD products and PCI MICROS point-of-sale Changes in PCI regulations Discussion
6 Payment Card Industry Standards Entities that store, process, or transmit cardholder data PCI Data Security Standard (PCI-DSS) Covers merchants and service providers Payment Application Data Security Standard (PA-DSS) Covers third-party applications deployed on site
7 PCI Landscape CBORD is a Service Provider and provides validated payment applications. MICROS provides validated payment applications. MerchantLink, Elavon, and Shift4 are credit card gateway solutions for MICROS.
8 Card Brands (Visa, MasterCard, AmEx, etc) Settlement Acquiring Bank / Merchant Bank Issuer Cardholder / Member / Patron Merchant Processor Payment Gateway Tsys / Vital Processing Global Payments Chase Paymentech Evalon / Nova Fifth Third Processing RBS Lynk First Tennessee (FHMS) Heartland Payments First Data Bank of America / NPC Stored Value Systems Little & Co. Mercury Payment Systems Webfood MMID NetCardManager GET Funds Service Provider / CBORD CS Gold or Odyssey PCS Merchant / University Micros Merchant Link
9 Who Is Responsible for Compliance? On-site systems: the merchant Systems hosted 100% off-site: the service provider Hybrid systems with off-site and on-site components that handle cardholder data Service provider responsible for off-site Merchant responsible for on-site
10 PCI DSS Goal Build and Maintain a Secure Network Protect Cardholder Data Maintain a Vulnerability Management Program Implement Strong Access Control Measures Regularly Monitor and Test Networks Maintain an Information Security Policy Requirement 1. Install and maintain a firewall configuration to protect cardholder data 2. Do not use vendor-supplied defaults for system passwords and other security parameters 3. Protect stored cardholder data 4. Encrypt transmission of cardholder data across open, public networks 5. Use and regularly update anti-virus software or programs 6. Develop and maintain secure systems and applications 7. Restrict access to cardholder data by business need-to-know 8. Assign a unique ID to each person with computer access 9. Restrict physical access to cardholder data 10. Track and monitor all access to network resources and cardholder data 11. Regularly test security systems and processes 12. Maintain a policy that addresses information security for employees and contractors
11 Impact of Compliance Policies and procedures Ex: Password and remote access policies Ex: Quarterly vulnerability scans Training Ex: Information security training for staff Implementation Ex: Using firewalls to secure network resources Ex: Intrusion detection and anti-virus software Annual compliance assessment and remediation
12 PCI Scope Any network component, server, or application that is included in or connected to the cardholder data environment Reducing scope reduces risk and cost of compliance Move cardholder data processing off-site to third parties Segment on-site systems that touch cardholder data Limit number of personnel with full access to cardholder data (personnel other than cashiers)
13 Credit Card Risks PCI DSS represents a minimum level of security that should be applied to your organization s handling of credit cards. A security breach will: Damage your reputation Cost significant time, effort, and dollars Negatively impact your customers
14 Breach Liabilities Average cost to institution ₁ $202/breached patron record ($90 to $305) Average $6.6M in direct and indirect costs TJX 100 million credit card numbers Estimated cost to TJX range from $118M to $1.3B Target One of the largest breaches in U.S. retail history Investigation is ongoing 70 million credit card numbers 1 Forrester Research
15 Breach Liabilities Required forensic audit ($50k) Treated at Level 1 (no more self assessment) Fines up to $500k May not be able to continue to accept credit cards
16 CBORD Products and Services CBORD supports your MICROS point-of-sale Support uses tools that allow you to maintain compliance Hosted products CBORD responsible for compliance (service provider) Minimal PCI impact on your organization ManageMyID /NetCardManager Webfood online ordering GET Funds
17 CBORD Products (cont.) Housing systems Website payment integration with third parties Catering All credit card processing is hosted by CBORD
18 CBORD Hosting Layered Tech PCI compliant, SSAE 16 Type 2 compliant Physical and Virtual Machines Validation Process CBORD uses Trustwave for validation Trustwave reviews our environment & processes, performs monthly and yearly scans
19 MICROS Point-of-Sale MICROS information security resources MICROS PA-DSS validated versions Implementation guides and other documentation MICROS security patch documentation Operating-system patch testing results Use network segmentation to separate MICROS from the rest of your network, including CS Gold /Odyssey PCS
20 MICROS 3700/RES Refer to MICROS information security link for versions MICROS implementation guide Password policies Database/transport encryption Auditing, purging, etc. Vaulting used to move cardholder data off-site TransactionVault from MerchantLink Card data never stored in on-site MICROS database Point-to-Point Encryption Merchantlink or Shift4 solutions utilize external readers
21 MICROS 9700/HMS Refer to MICROS information security link for versions MICROS implementation guide Password policies Database/transport encryption Auditing, purging, etc. Vaulting used to move cardholder data off-site Shift4 Card data never stored in on-site MICROS database Point-to-Point Encryption Shift4 solution utilizes external readers
22 MICROS Simphony Refer to MICROS information security link for versions MICROS implementation guide Password policies Database/transport encryption Auditing, purging, etc. Vaulting used to move cardholder data off-site Merchantlink, Shift4, Elavon Point-to-Point Encryption Merchantlink (Simphony 2.5, coming in 1.7), Shift4
23 Micros Resources
24 Grandfathering PA-DSS Acceptable for existing Acceptable for new deployments New criteria: Adding credit cards (new) Adding Merchant ID (new) Add revenue center (existing)
25 Where are we headed?
26 PA-DSS and PCI-DSS 3.0 Effective January 1, 2014 PCI-DSS 2.0 remains active until December 31, 2014
27 PCI-DSS 3.0 Updates include: Penetration testing must follow an industry accepted methodology In Scope component inventory Evaluate malware threats for systems not commonly affected by malware Protect POS terminals from tampering and substitution Maintain information about which PCI requirements are managed by service providers vs. merchant
28 Point-to-Point Encryption (P2PE) Card data is encrypted at the reader and transmitted in encrypted format POS server never sees protected card data P2PE can reduce PCI scope
29 P2PE roadmap - Micros Micros 3700 Available now with Merchantlink Transaction Shield Micros 9700 Available now with Shift4 Micros Simphony Simphony 2.5 MR4 (Merchantlink Transaction Shield) Simphony 1.7 (Q1 2014) (Merchantlink) Shift4 is testing on both platforms & waiting for a few Micros bug fixes
30 EMV Initiatives Visa has issued incentives to drive smart card adoption (EMV) Both Issuers and Acquirers impacted Carrots: Relief from PCI-DSS Sticks: Liability Shift (October 2015) Micros, Merchantlink, & Shift4 are all working on EMV though it is not yet available on any Micros platforms.
31 Resources PCI Security Standards Council Quick Reference Guide Prioritized Approach for Beginners Ten Common PCI Myths Validated Service Providers Validated Payment Applications
32 Discussion Thank You! Scott Jerabek
33
34 Forrester Research Breakdown of Individual Breach Costs In order to account for the different variable costs that can be incurred during a data breach, a survey conducted by Forrester Research provided averages in five major cost categories: Discovery, Response and Notification on average run about $50 per record. This cost includes outside legal fees, notification costs, increased call center costs, marketing and PR costs, and discounted product offers. Lost employee productivity on average costs about $30 per record. Dealing with the bad press and legal responsibilities are the major distractions for employees after a breach. Additional regulatory fines. This cost can vary greatly from $0.00 to $10 million, as ChoicePoint found out when paying civil penalties to settle the Federal Trade Commission case. Also, Visa increased the fine for mismanaging sensitive customer data from $3.4 million in 2005 to $4.6 million in Opportunity costs average about $98 per record, but it significantly varies from industry to industry. Forrester estimates 10% - 20% of potential customers will be scared away by a security breach in a given year, and Ponemon s survey indicated that 74% of its respondents lost current customers due to the breach. Indirect costs (for high-profile breaches) often include: Restitution costs - ChoicePoint is the first security breach victim to have to pay restitution costs, wherein they agreed to establish a $5 million consumer restitution fund. Additional security and audit requirements - For example, DSW s settlement with the FTC in its 2005 data breach of more than 1.4 million records requires DSW to establish and maintain a comprehensive information security program that includes administrative, technical, and physical safeguards. It also requires DSW to obtain, every two years for 20 years, an audit from a qualified, independent, third-party professional to assure that its security program meets the standards of the order, per Forrester Research. Other liabilities - Replacing credit cards is a substantial other cost. For example, Sovereign Bank was hit twice by the BJ s Wholesale Club breach, as the first set of 81,000 replacement cards was malfunctioned.
PCI COMPLIANCE PCI COMPLIANCE RESPONSE BREACH VULNERABLE SECURITY TECHNOLOGY INTERNET ISSUES STRATEGY APPS INFRASTRUCTURE LOGS
TRAILS INSIDERS LOGS MODEL PCI Compliance What It Is And How To Maintain It PCI COMPLIANCE WHAT IT IS AND HOW TO MAINTAIN IT HACKERS APPS BUSINESS PCI AUDIT BROWSER MALWARE COMPLIANCE VULNERABLE PASSWORDS
More informationC&H Financial Services. PCI and Tin Compliance Basics
C&H Financial Services PCI and Tin Compliance Basics What Is PCI? (Payment Card Industry) Developed by the PCI Security Standards Council and major payment brands For enhancing payment account data security
More informationPCI Information Session. May NCSU PCI Team
PCI Information Session May 2014 - NCSU PCI Team Agenda PCI compliance process Security Training Why compliance is important PCI DSS update from NCSU ISA 2014 attestation process Questions PCI Compliance
More informationPCI DSS Security Awareness Training. The University of Tennessee and The University of Tennessee Foundation. for Credit Card Merchants at
PCI DSS Security Awareness Training for Credit Card Merchants at The University of Tennessee and The University of Tennessee Foundation Presented by UT System Administration Information Security Office
More informationThe Changing Landscape of Card Acceptance
The Changing Landscape of Card Acceptance Troy Byram Vice-President Sr. E-Receivables Consultant February 6, 2015 Agenda EMV (Chip and Pin) PCI Compliance and Data Security New Regulations for Municipalities
More informationMerchant Services What You Need to Know. Agenda 6/5/2017. Overview of Merchant Services. EMV, Tokenization/Encryption, and PCI (Oh My!
Merchant Services What You Need to Know Heather Nowak VP, CPP Senior Product Manager Agenda Overview of Merchant Services Why accept cards? What you need to know/consider Capabilities/Pricing/Contract
More informationCREDIT CARD MERCHANT PROCEDURES MANUAL. Effective Date: 04/29/2016
CREDIT CARD MERCHANT PROCEDURES MANUAL Effective Date: 04/29/2016 Updated: April 29, 2016 TABLE OF CONTENTS Introduction... 1 Third-Party Vendors... 1 Merchant Account Set-up... 2 Personnel Requirements...
More informationPAYMENT CARD INDUSTRY DATA SECURITY STANDARD SELF-ASSESSMENT QUESTIONNAIRE (SAQ) A GUIDE
PAYMENT CARD INDUSTRY DATA SECURITY STANDARD SELF-ASSESSMENT QUESTIONNAIRE (SAQ) A GUIDE Last Reviewed: December 13, 2017 Last Updated: December 19, 2017 PCI DSS Version: v3.2, rev 1.1 Prepared for: The
More informationUNIVERSITY OF OKLAHOMA Campus Payment Card Security Standard Norman Campus
UNIVERSITY OF OKLAHOMA Campus Payment Card Security Norman Campus Subject: Campus Payment Card Security Coverage: The University of Oklahoma Norman Campus Regulation: Payment Card Industry ( PCI ) Data
More informationEMV and Educational Institutions:
October 2014 EMV and Educational Institutions: What you need to know Mike English Executive Director, Product Development Heartland Payment Systems 2014 Heartland Payment Systems, Inc. All trademarks,
More informationThe Fork in the Road to PCI Compliance
The Fork in the Road to PCI Compliance and How We Took It Purdue University April 24, 2017 Debra Wert Jefferson Hopkins Yogi Berra If you come to a fork in the road, take it. Yogi Berra University Environment
More informationEMV Chip Cards. Table of Contents GENERAL BACKGROUND GENERAL FAQ FREQUENTLY ASKED QUESTIONS GENERAL BACKGROUND...1 GENERAL FAQ MERCHANT FAQ...
EMV Chip Cards FREQUENTLY ASKED QUESTIONS Table of Contents GENERAL BACKGROUND...1 GENERAL FAQ...1 4 MERCHANT FAQ...5 PROCESSOR/ATM PROCESSOR FAQ... 6 ISSUER FAQ... 6 U.S.-SPECIFIC FAQ...7 8 GENERAL BACKGROUND
More informationWhite Paper. Payment fraud threatens retail business. P2PE helps you fight back
verifone.co.uk White Paper Payment fraud threatens retail business P2PE helps you fight back 2 Payment fraud threatens retail business, P2PE helps you fight back Every day there are new headlines relating
More informationPayment Card Industry Data Security Standard Self-Assessment Questionnaire B Guide
Payment Card Industry Data Security Standard Self-Assessment Questionnaire B Guide Prepared for: University of Tennessee Merchants 12 May 2015 Prepared by: University of Tennessee System Administration
More informationEMV, PCI, Tokenization, Encryption What You Should Know for Presented by: The Bryan Cave Payments Team
EMV, PCI, Tokenization, Encryption What You Should Know for 2015 Presented by: The Bryan Cave Payments Team Agenda Overview of Secured Payments Judie Rinearson (NY) EMV Courtney Stout (DC) End to End Encryption
More informationOHIO TURNPIKE AND INFRASTRUCTURE COMMISSION 682 Prospect Street Berea, Ohio 44017
OHIO TURNPIKE AND INFRASTRUCTURE COMMISSION 682 Prospect Street Berea, Ohio 44017 REQUEST FOR PROPOSALS TO PROVIDE CREDIT CARD PROCESSING SERVICES TO THE OHIO TURNPIKE AND INFRASTRUCTURE COMMISSION ADDENDUM
More informationSAMPLE DATA FLOW DIAGRAMS for MERCHANT ENVIRONMENTS
SAMPLE DATA FLOW DIAGRAMS for MERCHANT ENVIRONMENTS To protect your environment against payment data theft, you first have to understand how you accept payments. What kind of equipment do you use, who
More informationTHE UNIVERSITY OF GEORGIA INTERNAL AUDITING DIVISION INTERNAL CONTROL QUESTIONNAIRE GENERAL
GENERAL BACKGROUND MATERIAL A. Please provide an organization chart which shows lines of authority and responsibility for the unit. B. What department code(s) does your Office manage? C. Who is the contact
More informationEMV Basics and the market
EMV Basics and the market What is a smartcard? 1 2 3 4 5 2 What is EMV? EMV is the globally adopted international standard for adding a chip on a payment card A chip is a small computer built into the
More informationCOLUMBIA UNIVERSITY CREDIT CARD ACCEPTANCE AND PROCESSING POLICY
COLUMBIA UNIVERSITY CREDIT CARD ACCEPTANCE AND PROCESSING POLICY Effective Date: August 31, 2009 Latest Revision: March 28, 2017 Policy Statement This policy establishes the requirements for the acceptance
More informationEMV Implementation Guide
iqmetrix Payment Processing 12/18/2014 EMV Implementation Guide 1-866-iQmetrix www.iqmetrix.com Table of Contents 1. Introduction... 2 2. What is EMV?... 2 3. How is a chip card different?... 2 4. How
More informationCard Payment acceptance at Common Use positions at airports
Card Payment acceptance at Common Use s at airports Business requirements Version 1, published in June 2016 Preamble Common Use (CU) touchpoints (self-service s such as self-service kiosks or bag drops,
More informationADDENDUM NO. 3 REQUEST FOR PROPOSAL NO. R BANKING AND MERCHANT SERVICES FOR HIGHER EDUCATION
ADDENDUM NO. 3 Attention to Proposers: This constitutes Addendum No. 3 to the referenced Request for Proposals (RFP), and consists of this ten (10) page cover letter, which provides responses to questions
More informationThe Shared Electronic Banking Services Company (KNET) Knet securing E-payment for EGOV
The Shared Electronic Banking Services Company (KNET) Knet securing E-payment for EGOV November 21, 2015 Knet 2 The Shared Electronic Banking Services Company (Knet) was established in 1992. Knet Established
More informationEMV for Merchants and Merchant Acquirers: U.S. Migration Considerations. Smart Card Alliance Webinar October 6, 2011
EMV for Merchants and Merchant Acquirers: U.S. Migration Considerations Smart Card Alliance Webinar October 6, 2011 Introductions Randy Vanderhoof Executive Director -- Smart Card Alliance 2 Who We Are
More informationEMV in the U.S. Liability shift; what does this mean for the U.S.?
EMV in the U.S. Liability shift; what does this mean for the U.S.? Questions and answers What the liability shift really means with regards to costs, risks and benefits. Fraud is on the rise in the U.S.
More informationesocket POS Integrated POS solution Knet
esocket POS Integrated POS solution Knet 1 Summary Since 1994 when the first POS devise was deployed in the market, Knet had recognized the importance of this service and did take it up on it self to invest
More informationEMV FAQ S FROM A MERCHANT S PERSPECTIVE
EMV FAQ S FROM A MERCHANT S PERSPECTIVE WHAT IS EMV? EMV, or Europay MasterCard Visa, is a fraudreducing technology that can help protect issuers, merchants and consumers against losses from the use of
More informationTokenization April Tokenization. Gregory H. Soule, CPA, CISA, CISSP, CFE Senior Manager. Andrews Hooper Pavlik PLC
ization Gregory H. Soule, CPA, CISA, CISSP, CFE Senior Manager Andrews Hooper Pavlik PLC 1 Agenda and Implementation EMV, Encryption, ization Apple Pay Google Wallet Recent Trends Resources Agenda and
More informationEMV: GET READY. Michelle Thornton, CO-OP Financial Services
EMV: GET READY Michelle Thornton, CO-OP Financial Services EMV Technology EMV and Chip Used Interchangeably In essence it replaces the functionality of magstripe with a computer chip making it nearly impossible
More informationAt a Glance: The Payment Ecosystem. Powering Subscription Success
At a Glance: The Payment Ecosystem Powering Subscription Success Elements of a Payment Ecosystem Payment ecosystems is a term that typically evokes complexity and confusion among novices and professionals
More informationQuick Guide. Token Service Provider
Quick Guide Token Service Provider 1 Introduction to Mobile Payments The mobile payments revolution is here! Driven by the development of near field communication (NFC) enabled smartphones, the launch
More informationUnderstanding the SAQs for PCI DSS v3.0
Understanding the SAQs for PCI DSS v3.0 The PCI DSS self-assessment questionnaires (SAQs) are validation tools intended to assist merchants and service providers report the results of their PCI DSS self-assessment.
More informationWhite Paper PCI-Validated Point-to-Point Encryption On Microsoft Azure. By Christopher Kronenthal, Chief Technology Officer
White Paper PCI-Validated Point-to-Point Encryption On Microsoft Azure By Christopher Kronenthal, Chief Technology Officer Advanced Commerce Platform Foreword 2015 will bring incredible change and innovation
More informationEMV Just the Facts. Ozarks Association of Government Accountants
EMV Just the Facts Ozarks Association of Government Accountants Speakers and Housekeeping EMV: Just the Facts Presentation Brad Hench Regional Sales Manager US Bank Elavon 45 minute presentation 10 minute
More informationFTFS. Fault Tolerant Financial Systems
FTFS Fault Tolerant Financial Systems Fault Tolerant Financial Systems - FTFS - is the modular solution designed to support Enterprises and Financial Institutions in channel management for POS, self service,
More informationDates Visa MasterCard Discover American Express. Acquirers, subprocessors. support EMV. International ATM liability shift 2
Network Updates Winter 2015 We are committed to working closely with you on achieving your business goals. As a part of this commitment, we carefully monitor Network changes and summarize them for your
More informationEMV A Chip Off the New Block
EMV A Chip Off the New Block WACHA Taking Flight With Payments March 18, 2014 Paul Tomasofsky President, Two Sparrows Consulting Paul@TwoSparrowsConsulting.com (201) 930-9551 Christa Addy Product Manager,
More informationEMV Adoption in the U.S.
EMV Adoption in the U.S. What you need to know about the outcome of EMV adoption in other countries and the implications for adoption in the U.S. Table of Contents Introduction [3] What is EMV? [4] The
More informationPCI DSS made easy. GFI Software
Addressing the Payment Card Industry Data Security Standard (PCI DSS) Major credit card companies are pushing hard to stop the financial fraud incidents that have affected numerous organizations and their
More informationE M V O V E R V I E W. July 2014
E M V O V E R V I E W July 2014 A G E N D A EMV Overview EMV Industry Announcements EMV Transaction Differences, What to Expect Solution Decisions Market Certification Considerations Questions 2 E M V
More informationEMV is coming. Here s how to stay ahead of the trend. Presented by CO-OP Financial Services
EMV is coming. Here s how to stay ahead of the trend. Presented by CO-OP Financial Services October 25, 2012 Agenda What EMV is and how it works U.S. and global adoption Impact to the payments ecosystem
More informationLeveraging Data Security Technology. October 19 th 9:15 AM
Leveraging Data Security Technology October 19 th 9:15 AM Presenters Moderator Linda Toth Director of Standards Conexxus, Inc. Speakers Kara Gunderson POS Manager CITGO Petroleum Corp Mike Lindberg Payment
More informationFirst Data (FD) Mobile Pay FAQs ISO Channel
First Data (FD) Mobile Pay FAQs ISO Channel (1) Why would a merchant need the First Data Mobile Pay (FDMP) solution? In your business, the point of sale is an ever-moving destination wherever your customers
More informationEMV: The Race Is On! September 24, 2013
EMV: The Race Is On! September 24, 2013 Bill Thomas Vice President, Member Operations United Nations Federal Credit Union Leanne Phelps Senior Vice President, Card Services State Employees Credit Union
More informationPCI Requirements Office of Business and Finance Issued July 2015
PCI Requirements Office of Business and Finance Issued July 2015 This document provides supplemental information to be used in conjunction with the Payment Card Compliance policy to assist merchants and
More information112 th Annual Conference May 6-9, 2018 St. Louis, Missouri
4:15 5:30 May7, 2018 Room 230 Complex 112 th Annual Conference May 6-9, 2018 St. Louis, Missouri Moderator/Speakers: Rafiu Ighile Chief Business and Technology Officer Howard County Public School System,
More informationStraight Answers on PCI and EMV
Straight Answers on PCI and EMV Gray Consulting November, 2015 Why We Are All Here This presentation is an attempt to demystify the challenges faced by the car wash industry, in dealing with secure, electronic
More informationTable of Contents. Paymetric White Paper Outsourcing Payment Security 2. The Issue: Payments & Card Data Security
Paymetric White Paper Outsourcing Payment Security 2 Table of Contents The Issue: Payments & Card Data Security What s a Merchant to Do? Protecting Payment Data and Compliance Tokenization Next Generation
More informationPCI Requirements Office of Business and Finance Issued July 2015
PCI Requirements Office of Business and Finance Issued July 2015 This document provides supplemental information to be used in conjunction with the Payment Card Compliance policy to assist merchants and
More informationPCI DSS SECURITY AWARENESS
PCI DSS SECURITY AWARENESS Annual Education Module James Madison University University Business Office Compliance Specialist TRAINING AUDIENCE The following training module should be completed by all University
More informationCCV s self-service payment solutions drive PCI-DSS-compliant security
CCV s self-service payment solutions drive PCI-DSS-compliant security White Paper July 2016 1. Introduction This white Paper discusses the basic differences between the current PCI-DSS and the P2PE rules
More informationEngaging campus experience with transaction solutions CACUBO annual meeting
Engaging campus experience with transaction solutions 2017 CACUBO annual meeting Who we are 2 Dedicated to higher education 1,000+ Transaction solution clients Serve 2,100+ clients in 60 countries Staff
More informationQuick Guide. Token Service Provider
Quick Guide Token Service Provider Introduction to Mobile Payments The mobile payments revolution is here! Driven by the development of near field communication (NFC) enabled smartphones, the launch of
More informationThe Future of Payment Security in Canada
The Future of Payment Security in Canada October 2017 1 Visa Canada Public The Future of Payment Security in Canada Notices Forward-Looking Statements This presentation contains forward-looking statements
More informationEMV Adoption. What does this mean to your ATMs?
EMV Adoption What does this mean to your ATMs? June 2013 Presented By MICHELLETHORNTON Senior Product Manager CO-OP Financial Services TERRYPIERCE Senior Product Manager CO-OP Financial Services Today
More informationAgenda. What is EMV. Chip vs Mag Stripe. Benefits of EMV. Timeframes & Liability Shift. Costs. Things to consider. Questions
EMV Chip Cards Agenda What is EMV Chip vs Mag Stripe Benefits of EMV Timeframes & Liability Shift Costs Things to consider Questions 2 What is EMV EMV was named for the developers Europay, MasterCard and
More informationOctober is Here: Are Issuers, Merchants & Consumers Ready for EMV?
October is Here: Are Issuers, Merchants & Consumers Ready for EMV? Moderator: Claudia Swendseid Federal Reserve Bank of Minneapolis Panelists: Terry Dooley SHAZAM Bob Van Liere PREMIER Bankcard Navigating
More informationSecure Remote Payment Council (SRPc) White Paper Discussion: EMV Enhancements Post Implementation September 13, 2016
Secure Remote Payment Council (SRPc) White Paper Discussion: EMV Enhancements Post Implementation September 13, 2016 Objective This white paper is the fifth in the series developed by the Secure Remote
More informationCredit Card Processing:
Credit Card Processing: What Your Nonprofit Needs to Know Presenter: Erik Verryden, Founder/CEO National Processing Solutions (NPS) 602-892-5047 erikv@npsaz.com www.npsaz.com Copyright 2003 2017 DBA: National
More informationPCI Data Breach Preparedness How To Prevent Your Organization From Becoming the Next Data Breach Headline
PCI Data Breach Preparedness How To Prevent Your Organization From Becoming the Next Data Breach Headline Presented by the Bryan Cave Payments Team and Special Guest Speaker Andi Baritchi Agenda Introduction
More informationEMV: Facts at a Glance
EMV: Facts at a Glance 1. What is EMV? EMV is an open-standard set of specifications for smart card payments and acceptance devices. The EMV specifications were developed to define a set of requirements
More informationConverge Release Notification
Converge Release Notification January 2017 Two Concourse Parkway, Suite 800, Atlanta, GA 30328 Elavon, Incorporated 2017. All Rights Reserved Table of Contents Enhancements... 3 DCC 2.0... 3 Rate Provider
More informationPCI BLOG. P2PE, EMV, Tokenization, Oh My!
Page 1 of 8 PCI BLOG THE UNOFFICIAL PCI COMPLIANCE & IT SECURITY BLOG HOME PCI IN THE NEWS PCI TOOLS IT SEC. JOB BOARD DOCUMENTS CONTACT US FORUM P2PE, EMV, Tokenization, Oh My! June 14, 2016 PCI Blog
More informationProduct. LynxGate Build Member Relationships With a Powerful, Secure, Real-Time Transaction Solution
Product LynxGate Build Member Relationships With a Powerful, Secure, Real-Time Transaction Solution Product Today s consumers live in the now. They ve become accustomed to a world that provides immediate
More informationEMV Terminology Guide
To make life easier, TMG has compiled some of the most commonly used EMV terms in this guide. If you have questions about EMV, contact your Director of Client Relations directly or email clientrelations@themebersgroup.com.
More informationLet s Talk about EMV. getnationwide.com
Let s Talk about EMV getnationwide.com Europay, MasterCard, Visa EMV is a global standard for inter-operation of integrated circuit cards (IC cards or "chip cards") and IC card capable point of sale (POS)
More informationRevolutionize Your Business with Harbortouch
Revolutionize Your Business with Harbortouch Swipe Card Regardless of the business you are in, Harbortouch has the ideal processing solution for you. Allow Harbortouch to demonstrate why our company is
More informationWill US EMV Migration Impact Acquiring Worldwide?
4 th PSE Merchant Acquiring Conference Will US EMV Migration Impact Acquiring Worldwide? London, November 27 th, 2014 Gérard de Moura 20141127-PSE Acquiring Conf-US EMV Migration-v1 About Galitt Key Figures
More informationElectronic Payments: PayPal vs. Credit Cards
Electronic Payments PayPal vs. Credit Cards 101109 R1 Objectives Electronic Payments: PayPal vs. Credit Cards Credit Cards - 20,000 foot view New Realities Credit Card Industry Considerations What Is Your
More informationPayments - EMV Review. EMV Functionality Inside OpenOne
Payments - EMV Review EMV Functionality Inside OpenOne A Brief History EMV stands for Europay, MasterCard and Visa. It is a global standard for cards equipped with computer chips and the technology used
More informationOnline Payment Services
A NetPay Guide to... Online Payment Services Online payments, also commonly referred to as CNP or Cardholder not present are those that provide the capability for a purchase to be made without physically
More informationEMV IN THE U.S. HOW FAR HAVE WE COME AND WHERE ARE WE GOING? Andy Brown
EMV IN THE U.S. HOW FAR HAVE WE COME AND WHERE ARE WE GOING? Andy Brown andy.brown@ncr.com MAC is an organization comprised of members from Banks, Acquirers, ISOs, Card Associations, Law Enforcement and
More informationFirst Data EFTPOS. User Guide. 8006L2-3CR Integrated PIN Pad
First Data EFTPOS User Guide 8006L2-3CR Integrated PIN Pad 2 Contents What are you looking for? Get to know your PIN pad Introduction 05 PIN Pad location and PIN privacy 05 PIN Pad ownership 06 Your PIN
More informationIs Your Organization Ready for the EMV Challenge?
Is Your Organization Ready for the EMV Challenge? Suzanne Galvin Director of Product Management Elan Financial Services Jeff Green Director of the Emerging Technologies Advisory Service Mercator Advisory
More informationTop 5 Facts Merchants Need To Know About EMV
Top 5 Facts Merchants Need To Know About EMV June, 2015 Lindsay Breathitt, Product Marketing Steve Cole, Product Management Why EMV, Why Now Agenda U.S. market update EMV Top 5 EMV facts Understanding
More informationEnsuring the Safety & Security of Payments. Faster Payments Symposium August 4, 2015
Ensuring the Safety & Security of Payments Faster Payments Symposium August 4, 2015 Problem Statement: The proliferation of live consumer account credentials Bank issues physical card Plastic at point
More informationPinless Transaction Clarifications
Pinless Transaction Clarifications April, 2017 Agenda Definition Level Set Application Selection Overview and Scenario Explanation EMV No CVM PIN Bypass Debit Expansion Programs PINless POS Product Signature
More informationPayment Card Industry Data Security Standards (PCI DSS) Compliance in Restaurants
Journal of Hospitality Financial Management The Professional Refereed Journal of the Association of Hospitality Financial Management Educators Volume 16 Issue 2 Article 3 March 2010 Payment Card Industry
More informationThe top five benefits of outsourcing B2B payments processing
fis integrated payables leave the check behind The top five benefits of outsourcing B2B payments processing Migrating away from checks to electronic payments can help companies reduce costs. However, many
More informationTurn Accounts Payable into a Profit Center. Sandy Shropshire Vice President Business Development
Turn Accounts Payable into a Profit Center Sandy Shropshire Vice President Business Development 770-445-6901 Company Background AOC Solutions Inc.: Founded in 1996 Offices in Chantilly, VA, Morgantown,
More information3.17 Payment Card Industry (PCI) Compliance Policy
3.17 Payment Card Industry (PCI) Compliance Policy Policy Statement The Payment Card Industry (PCI) Security Standards Council (SSC) has developed standards, referred to as the Payment Card Industry Data
More informationEvaluating Processing Infrastructure, Support & Costs
Evaluating Processing Infrastructure, Support & Costs Leveraging Changes in Technology for Improved Customer Experience & Profits Transactions are the lifeblood for convenience stores. From the customers
More informationData Breaches: Security and Privacy Lessons Learned
Data Breaches: Security and Privacy Lessons Learned Sue Glueck Senior Privacy Attorney Adam Shostack Program Manager, Security Engineering & Community Microsoft Corporation August 20, 2008 1 CONTEXT 2
More informationPayment Acceptance Solutions
Payment Acceptance Solutions Increase sales, enhance agility, and mitigate risks with CyberSource CyberSource is a Visa solution Businesses today are developing new strategies for acquiring and retaining
More informationEMV IN HOSPITALITY 2 YEARS LATER
EMV IN HOSPITALITY 2 YEARS LATER Version 1.0 15 January 2018 About HTNG Hospitality Technology Next Generation (HTNG) is a non-profit association with a mission to foster, through collaboration and partnership,
More informationCyber Security in Retail
Cyber Security in Retail Nick Kemske Director, Cyber Security Jacki Snyder Sr. Director Payments, Asset Protection and CIC Services 1 Cyber Security RANSOMWARE AND SKIMMERS 2 Ransomware A Retail Perspective
More informationPCI DSS practical guide for Travel Agents
PCI DSS practical guide for Travel Agents Guidance for achieving PCI DSS compliance PCI DSS demystified for Travel Agents PCI Program Office_ Marc. A. HENRY_ISA_ May 25th, 2017 Revision 5.3 Dear customer,
More informationTechnology Developments in Card-Based Payments WACHA Payments 2013
Technology Developments in Card-Based Payments WACHA Payments 2013 April 9, 2013 The information contained on these slides is considered the Confidential & Proprietary Information of Two Sparrows Consulting,
More informationVisa Minimum U.S. Online Only Terminal Configuration
Visa Minimum U.S. Online Only Terminal Configuration Intended Audience This document is intended for U.S. merchants, acquirers, processors and terminal providers who are planning deployments of EMV chip
More informationA Merchant s Path to EMV Understanding Impacts To Your Business
A Merchant s Path to EMV Understanding Impacts To Your Business Georgia Fiscal Management Council June 23, 2015 EMV is a registered trademark in the U.S. and other countries, and an unregistered trademark
More informationEMV is coming. But it s ever changing.
EMV is coming. But it s ever changing. March 26, 2013 Presented By MICHELLETHORNTON Senior Product Manager CO-OP Financial Services RYANZILKER B2B Marketing Manager CO-OP Financial Services Today s Agenda
More informationGreater Giving Terminal User Start Guide
Greater Giving Terminal User Start Guide Card Holder Data Security (PCI) The Payment Card Industry (PCI) Data Security Standards were developed by the major credit card companies as a guideline to help
More informationEMV: Frequently Asked Questions for Merchants
EMV: Frequently Asked Questions for Merchants The information in this document is offered on an as is basis, without warranty of any kind, either expressed, implied or statutory, including but not limited
More informationMinimizing the Impact of EMV & Churn on Your Subscription Business
Minimizing the Impact of EMV & Churn on Your Subscription Business Powering Subscription Success The Impact of EMV Technology If you re a merchant in particular, if your business is primarily online and
More informationEMV & Fraud POS Fraud Mitigation Tips for Merchants First Data Corporation. All Rights Reserved.
EMV & Fraud POS Fraud Mitigation Tips for Merchants EMV Information Merchants may see an increase in Card-Not-Present Fraud as a result of the new EMV standards. Help protect your business from fraud risk
More informationVeriFone VX QUICK REFERENCE GUIDE
QUICK REFERENCE GUIDE VeriFone VX This Quick Reference Guide will guide you through understanding your terminal s functionality and navigation, and will help you with troubleshooting. INDUSTRY Retail and
More informationBENEFITS OF AN EFFECTIVE OUTSOURCING STRATEGY. March 1, 2017
BENEFITS OF AN EFFECTIVE OUTSOURCING STRATEGY March 1, 2017 RSM overview Fifth largest audit, tax and consulting firm in the U.S. Over $1.6 billion in revenue 80 cities and more than 8,000 employees in
More informationNew Customer Account
New Customer Account Implementation Guide shift4.com Copyright 2017 Shift4 Corporation. All rights reserved. Table of Contents Introduction...4 New Account Setup Process...5 Step 1 Project Planning Call...6
More informationTHE ADOPTION OF EMV TECHNOLOGY IN THE U.S. By Guy Berg Global Industry Sales Consultant Datacard Group
THE ADOPTION OF EMV TECHNOLOGY IN THE U.S. By Guy Berg Global Industry Sales Consultant Datacard Group Abstract: Visa Inc. and MasterCard recently announced plans to accelerate chip migration in the United
More information