Covering Your Assets: Payment Landscape and Technology

Similar documents
Tokenization April Tokenization. Gregory H. Soule, CPA, CISA, CISSP, CFE Senior Manager. Andrews Hooper Pavlik PLC

EMV and Educational Institutions:

Credit and Debit Card Fraud

Epicor Eagle EMV Implementation Guide. Step-by-Step

The Changing Landscape of Card Acceptance

Frequently Asked Questions. Regarding EMV Update Webinar for Epicor Eagle Customers

PCI COMPLIANCE PCI COMPLIANCE RESPONSE BREACH VULNERABLE SECURITY TECHNOLOGY INTERNET ISSUES STRATEGY APPS INFRASTRUCTURE LOGS

Securing Card Payments Challenges & Opportunities. Julie Hanson Senior Vice President, Card & Payment Products ICBA Bancard & TCM Bank, NA

Payment Processor Buying Guide. How to prepare for sending out an RFP

EMV, PCI, Tokenization, Encryption What You Should Know for Presented by: The Bryan Cave Payments Team

Merchant Services What You Need to Know. Agenda 6/5/2017. Overview of Merchant Services. EMV, Tokenization/Encryption, and PCI (Oh My!

Introduction to EMV BEYOND PAYMENT

Hot Topics in Payments Cornerstone CU League Small CU Committee July 9, 2014

THE FUTURE OF TRANSACTING

Aptos Payment and Secure Data Management

EMV Adoption in the U.S.

EMV Cards - Chipping Away at Fraud

EMV Migration Updates and Next Steps

Version 7.4 & higher is Critical for all Customers Processing Credit Cards!

A CryptoCodex Ltd. Product

Ignite Payment s Program on EMV

The Future of Payment Security in Canada

EMV Chip Cards. Table of Contents GENERAL BACKGROUND GENERAL FAQ FREQUENTLY ASKED QUESTIONS GENERAL BACKGROUND...1 GENERAL FAQ MERCHANT FAQ...

Mobile and Contactless Payments Requirements and Interactions

How Safe Are Mobile Payments? MAC Webinar

Changing Consumer Purchasing Patterns

EMV WHAT DOES IT MEAN? HOW WILL IT AFFECT US? HOW DO WE SWITCH TO EMV?

EMV Just the Facts. Ozarks Association of Government Accountants

Revolutionize Your Business with Harbortouch

It s OK to Make Money! How to Create Rules and Plans with Pricing Planner. Session Q&A

Benefits of adding Debit & ACH Lowering Cost of Payments

Semi-Integrated EMV Payment Solution

Top 5 Facts Merchants Need To Know About EMV

Are We Ready for Electronic Payments?

My new Apple device will have a payment feature. How do I set it up?

North America Terminal Brochure Guide

The Small Business Guide to Mastering EMV

GoiNG SMARt U.S. implementation of SMARt PAyMENt cards on the horizon 10 SUMMER 2013 TEN

It s OK to Make Money! How to Create Rules and Plans with Pricing Planner

EMV Implementation Guide

Endpoint Security. The Case for a Secure Wallet. Anything important needs to be protected with hardware

MITIGATE THE RISK OF FRAUD AND COMPLIANCE COSTS with EMV mandates. An NCR white paper

Why chip cards? HELP PREVENT FRAUD: HELP AVOID LIABILITY: ACCEPT MOBILE TAP & PAY TOO: DYNAMIC AUTHENTICATION: Contact us

Evaluating Processing Infrastructure, Support & Costs

EMV: Facts at a Glance

Minimizing the Impact of EMV & Churn on Your Subscription Business

CHIP CARDS: WILL THEY PREVENT FRAUD?

WHERE DO YOU WANT TO GROW. Solutions for Community Financial Institutions

EMV and Apple Pay. The world of credit cards is on the move.

By agreeing to these Terms and Conditions, you represent the following:

EMV chip technology ARE COMPANIES AND CONSUMERS REALLY READY?

Ensuring the Safety & Security of Payments. Faster Payments Symposium August 4, 2015

EMV Beyond October 1, Kristi Kuehn VP, Compliance Heartland

Secure Remote Payment Council (SRPc) White Paper Discussion: EMV Enhancements Post Implementation September 13, 2016

EMV: The Race Is On! September 24, 2013

PAYMENT CARD INDUSTRY DATA SECURITY STANDARD SELF-ASSESSMENT QUESTIONNAIRE (SAQ) A GUIDE

QUICK REFERENCE GUIDE Online POS Terminal. Thank you for choosing the Online POS Terminal. Chase is pleased to announce an

CHIP CARDS. Banks are issuing payment cards embedded with security chips to help protect you against fraud at the register. What is a Chip Card?

Merchant Considerations for U.S. Chip Migration. EMV Migration Forum/National Retail Federation September 2014

Why contactless pickpocketing is impossible

EMV FAQ S FROM A MERCHANT S PERSPECTIVE

Frequently Asked Questions

QUICK REFERENCE GUIDE Online POS Terminal. Thank you for choosing the Online POS Terminal. Chase is pleased to announce an

Leveraging Data Security Technology. October 19 th 9:15 AM

A Buyer s Guide to POS

Chip and PIN Programme. Using chip and PIN

What Do Merchants Need to Be Successful Online?

Payment Gateway Overview. Get familiar with credit card processing & our platform

Verifone MX 915/925 Payment Devices. with KWI 6.x POS Registers: What s New?

Datacap s Guide to EMV in the US

Dear Valued Member, Sincerely, Jerry Jordan President & CEO CGR Credit Union

Apple Pay and Tokenization Background and Overview

Securing Our Future Growth Gord Jamieson Visa North America Risk Services. Visa Public

Proxama PIN Manager. Bringing PIN handling into the 21 st Century

Merchant Considerations for U.S. Chip Migration. EMV Migration Forum/National Retail Federation September 2014

Frequently Asked Questions

Getting Out of PA-DSS Scope and Eliminating the High Cost of EMV: What you need to know

FIS Global Retail Payments. Centralize your enterprise with ONE trusted partner.

Payment Card Industry Data Security Standard Self-Assessment Questionnaire B Guide

Terminal Guide. VeriFone. VX520 with VX820 PIN Pad VX820 Duet VX680 3G

EMV IN THE U.S. HOW FAR HAVE WE COME AND WHERE ARE WE GOING? Andy Brown

Security Evaluation of Apple Pay at Point-of-Sale Terminals

STAR Network Overview

Visa s Future of Security Roadmap: Australia

Emerging Payments: The Next Step in Providing Member Convenience via Channel Expansion. Presented by CO-OP Financial Services

A Conversation with Visa on Consumer Debit Growth Connie Davis FIS Global Retail Payments Greg Borchardt Visa Consumer Debit Products

Frequently Asked Questions

Credit Card Processing:

Instant issuance in retail breaks new ground for banks

Technology Developments in Card-Based Payments WACHA Payments 2013

Know Your Numbers: Doing More with Performance Manager

Are You Ready for EMV?

FOR A BARRIER-FREE PAYMENT PROCESSING SOLUTION

EMV THE DEFINITIVE GUIDE FOR US MERCHANTS AND POS RESELLERS

Are There Payment Data Threats Lurking in Your Hospital?

THE ADOPTION OF EMV TECHNOLOGY IN THE U.S. By Guy Berg Global Industry Sales Consultant Datacard Group

Heartland Payment Systems

Guiding Principles for Next Generation Mobile Payments NFC Solutions Summit 2012

Transcription:

Covering Your Assets: Payment Landscape and Technology Keith Lam Sr. Product Manager 2016 Epicor Software Corporation

Keith Lam Senior Product Manager 9+ years at Epicor, focusing on building great products and services that help the independent retailer succeed and grow Product focus is on Cloud, SaaS, Payment, Financial, Security, Hardware and Pharmacies Passionate about consumer engagement and loyalty how technology can help small retailers reach new customers and keep existing customers through multi-channel marketing and personalized communication, as well as data security 2016 Epicor Software Corporation Eagle Online Academy 2

Covering Your Assets: Payment Landscape and Technology Keith Lam Sr. Product Manager 2016 Epicor Software Corporation

The contents of this document are for informational purposes only and are subject to change without notice. Epicor Software Corporation makes no guarantee, representations or warranties with regard to the enclosed information and specifically disclaims, to the full extent of the law, any applicable implied warranties, such as fitness for a particular purpose, merchantability, satisfactory quality or reasonable skill and care. This document and its contents, including the viewpoints, dates and functional content expressed herein are believed to be accurate as of its date of publication, April 2016. The usage of any Epicor products or services is subject to Epicor s standard terms and conditions then in effect. Usage of the solution(s) described in this document with other Epicor software or third party products may require the purchase of licenses for such other products. Epicor, the EPICOR logo, Eagle, Grow Business, Not Software, are trademarks or registered trademarks of Epicor Software Corporation in the United States, and in certain other countries and/or the EU. Copyright 2016 Epicor Software Corporation. All rights reserved. 2016 Epicor Software Corporation Eagle Online Academy 4

Agenda 1. Different Ways to Pay 2. How the Bankcard Payment Chain Works 3. New Payment Options 4. Payment Security 2016 Epicor Software Corporation Eagle Online Academy 5

In 2015, what was the most used payment method? A. Cash B. Check C. Debit Card D. Credit Card 2016 Epicor Software Corporation Eagle Online Academy 6

Different Ways to Pay Cash is still King! https://blackhawknetwork.com/2015consumer_payments 2016 Epicor Software Corporation Eagle Online Academy 7

Different Ways to Pay However Cash and check use is declining fast. 18% of consumers using alternative payment methods https://blackhawknetwork.com/2015consumer_payments 2016 Epicor Software Corporation Eagle Online Academy 8

How the Bankcard Payment Chain Works 2016 Epicor Software Corporation Eagle Online Academy 9

Card Payment Value Chain First Data, Elavon, EPX Visa, MC, Amex, Disc Citibank, Chase, BofA Cardholder presents card to pay for purchases Merchant swipes card, enters amount and transmits authorization request to processor Processor electronically sends the auth request to credit card company Credit card company routes request to cardholders issuing bank Issuer approves or declines the transaction CARDHOLDER MERCHANT PROCESSOR CARD COMPANY ISSUER Cardholder account is debited Merchant completes the transaction Processor forwards response to merchant Card company forwards response to processor Issuer transmits approval or decline to credit card company The Merchant pays between 2%-$% of the total transaction amount to accept card payments: ~ 10-20% ~ 5% ~ 70-90% Trans = $ 40.00, MD = 3% $ 0.20 $ 0.06 $ 0.94 2016 Epicor Software Corporation Eagle Online Academy 10

New Payment Options 2016 Epicor Software Corporation Eagle Online Academy 11

New Payment Options Apple Pay Android Pay/Google Wallet PayPal Samsung Pay/Loop Bitcoin 2016 Epicor Software Corporation Eagle Online Academy 12

Apple Pay and Google Wallet Apple Pay and Google Wallet are all mobile payment options that allow you to use your smartphone to pay for purchases using your bankcards or a prepaid card. Apple Pay and Google Wallet do not store the actual bankcard number on your phone for better security and fraud protection. http://arstechnica.com/gadgets/2014/10/how-mobile-payments-really-work/ 2016 Epicor Software Corporation Eagle Online Academy 13

Apple Pay How does Apple Pay work? Specific to your iphone Token is sent to the processor who matched it to a bankcard for payment Verification - TouchID Token A random number, that represents your bankcard, generated specific to your iphone. Security Token cannot be stolen and used to create a physical bankcard, cannot be used for internet ordering nor used on a different device 2016 Epicor Software Corporation Eagle Online Academy 14

Google Wallet/Android Pay How does Google Wallet work? Verification 4 digit pin Creates virtual card Pay with the virtual card that pulls from your bankcard Virtual Card Represents your bankcard. Real card is stored on Google servers Security Virtual card cannot be stolen and used to create a physical bankcard, cannot be used for internet ordering nor used on a different device. With Android pay, it is similar to Apple Pay where a one use token is presented and transmitted. Google still stores your credit cards 2016 Epicor Software Corporation Eagle Online Academy 15

PayPal http://www.casio.co.uk/paypal/ 2016 Epicor Software Corporation Eagle Online Academy 16

Samsung Pay/Loop http://www.businesswire.com/news/home/20141103005185/en/looppay-launches-mobile-payment-product-line-accepted http://www.idownloadblog.com/2015/02/18/samsung-buys-apple-pay-competitor-looppay/ 2016 Epicor Software Corporation Eagle Online Academy 17

Bitcoin https://vulcanpost.com/235071/tiasg2015-day-2-startups-bitcoin-trend/ http://visual.ly/bitcoin-infographic 2016 Epicor Software Corporation Eagle Online Academy 18

Do you accept mobile payments in your business? A. Yes, we do, but our customers don t use them very much. B. Yes, we do, and our customers use them frequently. C. No, but we re interested in doing so. D. No. It s cash, check or cards for us. 2016 Epicor Software Corporation Eagle Online Academy 19

Payment Security 2016 Epicor Software Corporation Eagle Online Academy 20

Payment Security Low Risk-High Reward Low Reward-High Risk Chris Swecker, Former FBI Asst Director 2016 Epicor Software Corporation Eagle Online Academy 21

Types of Hacked Fraud What would you like to order from the black market? http://techcrunch.com/2015/09/07/the-business-of-fraud/ 2016 Epicor Software Corporation Eagle Online Academy 22

Have you had a data breach in your business? A. Yes. B. No. C. I m not sure! 2016 Epicor Software Corporation Eagle Online Academy 23

Payment Security - Cash Options File -> Configure -> Application Options -> Option Group Cash Draw Balancing Online help Setting Up the Cash Drawer Balancing Feature 2016 Epicor Software Corporation Eagle Online Academy 24

Payment Security - Checks ECC http://help.eaglesoa.com/25/en-n-eagle/pos/ecc/ecc_ovr.htm 2016 Epicor Software Corporation Eagle Online Academy 25

Payment Security - Bankcards EMV Transactional Security Point to Point Encryption Tokenization 2016 Epicor Software Corporation Eagle Online Academy 26

Payment Security EMV Security EMV Chip cards, chip and pin, chip and signature Two protections: 1. Verification Chip card is real 2. Authentication Cardholder is real Protect from fraudulently created bankcards only. Does not encrypt or tokenize the card number. 2016 Epicor Software Corporation Eagle Online Academy 27

Payment Security Transactional Security Point to point encryption and tokenization are two different payment security features, normally used together Designed to remove any actual bankcard numbers from being stored, processed or transmitted by your POS system through to the Payment Gateway or Processor. This combined solution reduces your PCI scope because your system and networks are designed never to see any real bankcard numbers. 2016 Epicor Software Corporation Eagle Online Academy 28

Payment Security Transactional Security Point to Point Encryption Encrypts a consumer s bankcard data at point of swipe or insertion Only the encrypted bankcard number is send from the pin pad to the POS system and internet 1234 56 ABD 5432 %25DUCK=$3& Encrypted swipe data Preserves 1 st 6 and last 4 digits 2016 Epicor Software Corporation Eagle Online Academy 29

Payment Security Transactional Security Tokenization A random number token is created for the actual bankcard number This token is POS system and bankcard specific; i.e. the token cannot be used at another retailer Epicor Gateway 1234 56BD 3GH5 5432 Tokenized card Preserves 1 st 6 and last 4 digits 2016 Epicor Software Corporation Eagle Online Academy 30

Payment Security Transactional Security No actual bankcard numbers are in your POS system so nothing of value can be stolen If tokens are stolen, they cannot be made into usable bankcards or used on internet sites If you have a data breach, none of your customer s actual bankcard information will be stolen 2016 Epicor Software Corporation Eagle Online Academy 31

Payment Security Features EMV Transactional Security Helps prevent fraudulent bankcards from being used at your store Helps prevent bankcard numbers from being stolen from your store Apple Pay Android Pay 2016 Epicor Software Corporation Eagle Online Academy 32

Payment Security Account Takeovers What is it? Someone steals your business credential and uses them to steal money from your accounts ID theft Fraud method Phishing, social engineering, phony calls, malware, and virus Result Stolen user name, passwords, account numbers, vendors information, bank information, or social security numbers 2016 Epicor Software Corporation Eagle Online Academy 33

Payment Security Account Takeovers How it works? Fraud Advisory for Businesses: Corporate Account Take Over. United States Secret Service, FBI, IC3, and FS-ISAC. 2016 Epicor Software Corporation Eagle Online Academy 34

Payment Security Account Takeovers Who helps you? No one, the bank sees this as a valid transfer. The receiving bank cannot give you info on the account holder and the account is closed and the funds are gone Only you and your employees can protect your business 2016 Epicor Software Corporation Eagle Online Academy 35

The best way to avoid becoming a victim of a cyberheist is not to let computer crooks into the computers you use to access your organization s bank accounts online. - Brian Krebs 2016 Epicor Software Corporation Eagle Online Academy 36

Payment Security Account Takeovers Recommendations Educate your employees Protect your online environment Partner with the banks (call backs, device authentication, multi person approvals, 2 factor authentication) Pay attention to suspicious activity and react quickly Understand you responsibilities and liabilities http://www.aba.com/tools/function/fraud/pages/corporateaccounttakeoversmallbusiness.aspx 2016 Epicor Software Corporation Eagle Online Academy 37

Payment Security Account Takeovers Great resource - KrebsOnSecurity.com Blog from Brian Krebs who broke the Target breach and provides great recommendations for personal and business protections. 2016 Epicor Software Corporation Eagle Online Academy 38

Summary Cash is King, alternatives moving up Bankcard payment chain and who makes money New payment options from Apple Pay to Bitcoin Payment Security Cash, check, bankcards and accounts Ways to protect these assets 2016 Epicor Software Corporation Eagle Online Academy 39

Summary Payment types will continually change and so will thieves and hackers, but remember this: 1. You make the decision on the risk for your business. 2. Use the latest security protections. 3. Limit access of personnel and computers that can access sensitive information. 2016 Epicor Software Corporation Eagle Online Academy 40

For more information on products featured in today s presentation, or to find out how Epicor Professional Services can help you grow your business, please contact your Account Manager at 800.538.8597. 2016 Epicor Software Corporation Eagle Online Academy 41

2024 © businessdocbox.com Privacy Policy | Terms of Service | Feedback