Table of Contents. 2 TouchSuite Welcome Kit

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Table of Contents. 2 TouchSuite Welcome Kit"

Transcription

1 Welcome Kit

2 Table of Contents Important Account Information... Welcome to TouchSuite Merchant Services... Help Desk Card Enclosed... Your Merchant ID (MID) Customer Support Numbers... 4 Card Acceptance Policies... Asking for Identification... Taxes... Split Sales... Laundering... No Cash Refunds... Delivery of Goods and Services... Zero-Percent Authorizations... No Transactions on Merchant s Own Card Card Processing Procedures... Maintaining Your Account... When to Contact Us Understanding and Avoiding Chargebacks... Why Chargebacks Occur... Avoiding Chargebacks... Chargeback Remedies... Point of Sale... Avoid Illegible Transaction Receipts... Sales-Receipt Processing PCI Compliance Reminder... Payment Card Industry Data Security Standard... Requirements for Protecting Transaction Data If You Have a Security Breach Immediately Contain and Limit the Exposure Alert All Necessary Parties TouchSuite Welcome Kit

3 Important Account Information Welcome to TouchSuite Merchant Services Thank you for choosing TouchSuite as your Merchant Services provider. We look forward to servicing your credit card acceptance needs with a host of products and services that will help your business increase sales and customer loyalty. We encourage you to contact us if you have any questions, comments, or financial needs. Help Desk Card Enclosed Keep the Help Desk card included in your welcome package in a secure, non-public location close by the credit card terminal or computer used for payment processing. Call the toll-free number on the card and reference the account information when you need credit card related assistance. MERCHANT ID Your Merchant ID (MID) is. Please keep your MID readily available for identification purposes when seeking assistance on your account. TouchSuite Welcome Kit 3

4 Customer Support Numbers Equipment Help Desks Terminal Help Desk > Option 1 >Option 1 (24/7) Restaurant POS Help Desk (24/7 Available) Salon ELITE POS Help Desk (M-F 9a-9p EST) Salon Firefly POS Help Desk (M-F 9a-9p EST) Inquiries and Account Changes Merchant Support (M-F 9a-6p EST) American Express (24/7) Voice Authorization Response Unit (VRU), Referrals, and Code 10 Operators Visa & MasterCard Authorization Center (24/7) American Express Authorization Center (24/7) 4 TouchSuite Welcome Kit

5 Card Acceptance Policies Asking for Identification Although payment network rules do not preclude merchants from asking for cardholder ID, merchants cannot make an ID a condition of acceptance. Therefore, merchants cannot refuse to complete a purchase transaction because a cardholder refuses to provide ID. The payment networks do allow merchants to ask for ID as part of their regular card acceptance procedures. Laws in several states also make it illegal for merchants to write a cardholder s personal information, such as an address or phone number, on a sales receipt. You may ask for the ID if the card is not signed; you must have the cardholder sign it and check the signature against two other pieces of identification, including one government issued ID. Taxes Include required taxes in the total transaction amount. Do not collect taxes separately in cash. This policy reflects the needs of the many Visa, MasterCard, and Discover Network cardholders who must have written records of the taxes they pay for goods and services. Split Sales Prepare one sales receipt per transaction, using the full transaction amount. Merchants are not allowed to split the cost of a single transaction on a single cardholder account between two more sales receipts in order to avoid authorization limits. TouchSuite Welcome Kit 5

6 Card Acceptance Policies Laundering Deposit transactions only for your own business. Depositing transactions for a business that does not have a valid merchant agreement is called laundering or factoring. Laundering is not allowed; it is a form of fraud associated with high chargeback rates and the potential for forcing merchants out of business. No Cash Refunds Complete a credit receipt for merchandise returns or adjustments. Do not provide cash refunds for returned merchandise originally purchased with a card. Visa and Discover Network does not permit cash refunds for any credit or debit card transaction. By issuing credits, you protect your customers from individuals who might fraudulently make a purchase on their account and then return the merchandise for cash. Delivery of Goods and Services Deliver the merchandise or services to the cardholder at the time of transaction. Cardholders expect immediate delivery of goods and services unless other delivery arrangements have been made. For card-not-present transactions, cardholders should be informed of delivery method and tentative delivery date. 6 TouchSuite Welcome Kit

7 Card Acceptance Policies Zero-Percent Authorizations Merchants should not estimate transaction amounts. For restaurant merchants, in particular, this means debit or credit transactions should be authorized for only the known amount of the check. Do not add an estimated tip. Cardholders today can check their account balances almost instantly via the Internet or ATMs. An authorization that includes an estimated tip can reduce their available cash or credit balance by an unrecognizable amount. The authorization hold may make it appear he or she was overcharged. That can mean angry phone calls from unhappy customers and the potential for reduced business. To ensure zero-percent tip authorization for all transactions, restaurant merchants should: Instruct staff to authorize only for the check amount. Your staff training and review materials should emphasize the importance of authorizing only for the known amount of the check, excluding any estimated tip. Ensure your authorization system is set up for zero-percent authorization. For further information on zero-percent tip authorization, contact the Merchant Support Center. No Transactions on Merchant s Own Card Merchants should not use your own card, or one to which you have access, to process a transaction for the purpose of obtaining credit for your own benefit. TouchSuite Welcome Kit 7

8 Card Processing Procedures 1. Swipe the card to request the transaction authorization. 2. Hold the card throughout the transaction. 3. Check the card s features and security elements while the transaction is being processed. Make sure the card is valid and has not been altered in any way. 4. Obtain authorization. 5. Get the cardholder signature on the transaction receipt. 6. Compare the name, number, and signature on the card to those on the transaction receipt. 7. Return Card and transaction receipt to your customer. IF YOU SUSPECT FRAUD, MAKE A CODE 10 CALL 8 TouchSuite Welcome Kit

9 Maintaining Your Account When to Contact Us From time to time, your business may experience changes. Some changes may require updates to your merchant processing account, including the following: Bank Account Ownership or ownership structure Federal tax identification number Company DBA and/or Legal Name Address, phone number, etc. Type of kind of business Processing method (switching from MOTO to Retail or vice versa) Additional documentation may be required to update your account. To request account changes, please contact TouchSuite Merchant Support at: Phone: Fax: Mail: TouchSuite Attn: Merchant Support 1081 Holland Drive Boca Raton, FL TouchSuite Welcome Kit 9

10 Understanding and Avoiding Chargebacks A chargeback is a reversal of a sales transaction. The following are the top five reasons for which chargebacks are initiated and how you may be able to dispute them if appropriate. All supporting documentation must be provided within twelve (12) business days. Why Chargebacks Occur The most common reasons for chargebacks include: Customer disputes Fraud Processing errors Authorization issues Non-fulfillment of copy requests (only if fraud or illegible) Avoiding Chargebacks Most chargebacks can be attributed to improper transactionprocessing procedures and can be prevented with appropriate training and attention to detail. The following best practices will help you minimize chargebacks. 10 TouchSuite Welcome Kit

11 Understanding and Avoiding Chargebacks Chargeback Remedies Even when you do receive a chargeback, you may be able to resolve it without losing the sale. Simply provide Merchant Services with additional information about the transaction or the actions you have taken related to it. For example, you might receive a chargeback because the cardholder is claiming that credit has not been given for returned merchandise. You may be able to resolve the issue by providing proof that you submitted the credit on a specific date. Send this information to Merchant Services in a timely manner. The key in this and similar situations is always to send Merchant Services as much information as possible to help remedy the chargeback. With appropriate information, Merchant Services may be able to resubmit, or re-present, the item to the card issuer for payment. Timeliness is also essential when attempting to remedy a chargeback. Each step in the chargeback cycle has a defined time limit during which action can be taken. If you do not respond during the time specified on the request which may vary depending on Card Association rules Merchant Services will not be able to remedy the chargeback. Although many chargebacks are resolved so that the merchant does not lose the sale, some cannot be remedied. In such cases, accepting the chargeback may save you the time and expense of needlessly contesting it. TouchSuite Welcome Kit 11

12 Understanding and Avoiding Chargebacks Point of Sale Declined Authorization Do not complete a transaction if the authorization request was declined. Do not repeat the authorization request after receiving a decline; ask for another form of payment. Transaction Amount Do not estimate transaction amounts. For example, restaurant merchants should authorize transactions only for the known amount on the check; they should not add on a tip. Referrals If you receive a Call message in response to an authorization request, do not accept the transaction until you have called the authorization center. In such instances, be prepared to answer questions. The operator may ask to speak with the cardholder. If the transaction is approved, write the authorization code on the sales receipt. If declined, ask the cardholder for another form of payment. Expired Card Do not accept a card after its Good Through or Valid Through date unless you obtain an authorization approval for the transaction. Card Imprint for Key-Entered Card-Present Transactions If you must key-enter a transaction to complete a card-present sale, make an imprint of the front of the card on the sales receipt,using a manual imprinter. Even if the transaction is authorized and the cardholder signs the receipt, the transaction may be charged back to you if the 12 TouchSuite Welcome Kit

13 Understanding and Avoiding Chargebacks Point of Sale Cont. receipt does not have an imprint of the embossed account number and expiration date. Cardholder Signature The cardholder s signature is required for all card-present transactions. Failure to obtain the cardholder s signature could result in a chargeback if the cardholder later denies authorizing or participating in the transaction. When checking the signature, always compare the first letter and spelling of the surname on the sales receipt with the signature on the card. If they are not the same, ask for additional identification or make a Code 10 call. Fraudulent Card-Present Transaction If the cardholder is present and has the account number but not the card, do not accept the transaction. Even with an authorization approval, the transaction can be charged back to you if it turns out to be fraudulent. Legibility Ensure that the transaction information on the sales receipt is complete, accurate, and legible before completing the sale. An illegible receipt, or a receipt that produces an illegible copy, may be returned because it cannot be processed properly. The growing use of electronic scanning devices for the electronic transmission of copies of sales receipts makes it imperative that the item being scanned be very legible TouchSuite Welcome Kit 13

14 Understanding and Avoiding Chargebacks Avoid Illegible Transaction Receipts Ensuring legibility of transaction receipts is key to minimizing copy requests and chargebacks. When responding to a copy request, you will usually photocopy or scan the transaction receipt before mailing or electronically sending it to Merchant Services. If the receipt is not legible to begin with, the copy that the bank receives and then sends to the card issuer may not be useful in resolving the cardholder s question. If this occurs, the transaction may be returned to you as a chargeback for an illegible copy. At this point, unless you can improve the readability of the transaction receipt, you may end up taking a loss on the transaction. Sales-Receipt Processing One Entry for Each Transaction Ensure that transactions are entered into point-of-sale terminals only once and are deposited only once. You may get a chargeback for duplicate transactions if you: Enter the same transaction into a terminal more than once Process the same transaction with more than one merchant bank Voiding Incorrect or Duplicate Sales Receipts Ensure that incorrect or duplicate sales receipts are voided and that transactions are processed only once. 14 TouchSuite Welcome Kit

15 Close your Batches as quickly as possible, preferably within 24 hours of the transaction date; do not hold on to them. Process credit transactions as quickly as possible. Ship Merchandise Before Processing Transaction For card-notpresent transactions, do not process the transactions until you have shipped the related merchandise. If customers see a transaction on their monthly card statement before they receive the merchandise, they may contact their Issuer to dispute the billing. Similarly, if delivery is delayed on a card-present transaction, do not deposit the sales receipt until the merchandise has been shipped. Requests for Cancellation of Recurring Transactions If a customer requests cancellation of a transaction that is billed periodically (monthly, quarterly, or annually), cancel the transaction immediately or as specified by the customer. As a service to the customer, advise the customer in writing that the service, subscription, or membership has been canceled and state the effective date of the cancellation. Disclosing Refund, Return, or Service Cancellation Policies If your business has policies regarding merchandise returns, refunds, or service cancellations, these policies must be disclosed to the cardholder at the time of the transaction. Your policies should be pre-printed on your sales receipts, if not, write or stamp your refund or return policy information on the sales receipt near the customer signature line before the customer signs (be sure the information is clearly legible on all copies of the sales receipt). Failure to disclose your refund and return policies at the time of a transaction could result in a dispute if the customer returns the merchandise. TouchSuite Welcome Kit 15

16 PCI Compliance Reminder Please follow the instructions below to avoid PCI non-compliance fees on you merchant statement Offering the simplest, most convenient means to 100% PCI DSS compliance Every merchant who accepts credit/debit card payments is required to comply with the Payment Card Industry Data Security Standard (PCI DSS). The threat to credit and debit card data has never been greater, and the impact on a merchant and its customers can be devastating. Your best protection is ongoing PCI DSS compliance. To make achieving and maintaining PCI compliance quick and simple, TouchSuite has teamed with ANX, a leading provider of PCI security solutions, in offering a PCI compliance program. This program provides online, wizard-style tools that help you: Complete the Appropriate PCI Self Assessment Questionnaire (SAQ). All merchants are required to complete the SAQ annually. There are five variants of the questionnaire (A, B, C, C-VT, and D) that reflect the controls necessary to secure various payment technologies. ANX s online portal efficiently directs you to the appropriate questionnaire, and an extensive knowledge base helps you accurately answer each question. Schedule and complete quarterly vulnerability scans (if applicable). If your payments solution communicates payment card data over a computer network (versus a phone line), a quarterly scan is required to determine if vulnerabilities would allow a hacker to compromise your network and cardholder data. ANX provides a self-service external vulnerability scanning solution that meets all quarterly PCI DSS security scan requirements. Enhance security through employee awareness. Keeping your business secure and compliant requires ongoing awareness. ANX provides elearning courses and a knowledge base for you and 16 TouchSuite Welcome Kit

17 your employees to foster that awareness and help keep you safe. Applicable Fees A low annual charge of $89.00 will be added to your merchant statement for this service. This fee will allow us to continue providing you high level support with respect to compliance standards put forth by the payment brands, the PCI Security Council and various entities. As part of this fee, the services described above will be provided to you at no additional charge. Maintaining your merchant account with us or use of your merchant account will represent your acceptance of these terms. While participation in the PCI Compliance Service Assistance Program helps to reduce the risk of a security breach or data compromise that could prove catastrophic to your business, PCIDSS compliance does not guarantee or prevent a security breach or compromise. To get started, please visit or call ANX toll-free at , option 1, then option 4. You may also ANX at You can also contact TouchSuite Customer Service at if you have any questions. If you have validated compliance with another provider, you must supply proof of validation to TouchSuite. TouchSuite Welcome Kit 17

18 Payment Card Industry Data Security Standard Requirements for Protecting Transaction Data Combating fraud is the shared responsibility of all parties involved in payment card transactions. Visa, MasterCard and Discover Network are reaching out to merchants, acquires and other partners to minimize risk and share requirements for safeguarding transaction data. Below are the 12 requirements included in the Payment Card Industry Data Security Standard (PCI DSS). The PCI DSS can be viewed in its entirety at: Compliance with the PCI DSS helps preserve the integrity of the payments system and maintains consumer confidence. TouchSuite mandates our merchants validate their PCI DSS compliance through a Qualified Security Assessor. Information regarding the TouchSuite PCI DSS compliance program is sent directly to the merchant following account opening. Any merchant or service provider that stores, processes, or transmits cardholder information must comply with these standards. All eligible merchants and service providers, regardless of size (or in the case of service providers, whether they support issuing or merchant activity) must comply with the 12 basic requirements outlined next. 18 TouchSuite Welcome Kit

19 1. Install and maintain a firewall configuration to protect data. Firewalls are computer software devices that control traffic in the company s network. This includes unauthorized access from the Internet, as well as access to sensitive areas from company s internal networks. 2. Avoid vendor-supplied defaults for system passwords. Hackers attempt to identify these passwords and settings, and use them to compromise systems. You should always change these defaults before installing a system on the network. 3. Protect stored transaction data. Keep transaction storage to a minimum and never store sensitive authentication data after authorization. Take precautions to make stored transaction data unreadable through encryption or some other secure and robust approach. 4. Encrypt transaction data when transferred over networks. Sensitive information should always be encrypted during transmission over wireless networks or the Internet, as it is often easy to divert or intercept data while in transit. Never send encrypted transaction information via Utilize anti-virus software or programs. Install these mechanisms on all systems that can be affected by viruses and ensure that these systems are current, running, and capable of generating audit logs. 6. Develop and maintain secure systems and applications. As a participating merchant or service provider, you must ensure that all components have the latest vendor security and software patches to protect against external hackers and viruses. Develop standard system development processing and secure coding techniques. 7. Restrict access to data. Limit access to resources and cardholder information to employees who need access to the information to do their jobs and limit access only to what is needed. Establish a mechanism for systems with multiple TouchSuite Welcome Kit 19

20 Requirements for Protecting Transaction Data users that restrict access based on an individual s need to know. 8. Assign a unique username and password to each person with computer access to transaction data. This allows for all actions taken on the system to be identified and tracked. Take necessary precautions to protect user identification and immediately revoke access by terminated users. 9. Restrict physical access to transaction data. Use appropriate facility entry controls and monitor access. Develop procedures to help personnel easily distinguish between employees and others. Destroy media containing transaction information when it is no longer needed. 10. Track and monitor access to network resources and transaction data. Logging mechanisms and tracking user activity is critical to uncovering unauthorized illegal activity. 11. Regularly test security systems and processes. New vulnerabilities are continually being discovered. Consistent testing ensures security maintenance. 12. Maintain an information security policy. A strong security policy sets the security tone for the entire company. 20 TouchSuite Welcome Kit

21 If You Have a Security Breach If you experience a suspected or confirmed security breach, you should: Immediately Contain and Limit the Exposure To prevent further loss of data, conduct a thorough investigation of the suspected or confirmed loss or theft of account information within 24 hours of the compromise. Do not access or alter compromised systems. Do not log on to the machine or change passwords. Do not turn off the compromised machine. Instead, isolate compromised systems from the network by unplugging their cables. Preserve logs and electronic evidence. Log all actions taken. If using a wireless network, change the service set identifier (SSID) or network name on the access point (AP) and on other machines that may be using this connection (with the exception of any systems believed to be compromised). Be on HIGH alert and monitor all payments systems. TouchSuite Welcome Kit 21

22 If You Have a Security Breach Alert All Necessary Parties Your internal information security group, incident response team and legal department. Your merchant bank: TouchSuite at Contact must be made immediately and no later than 24 hours after discovery of a suspected breach. 22 TouchSuite Welcome Kit

23 TouchSuite is one of America s leading technology companies focused on the electronic payment space and has been honored five times on Inc. Magazine s Inc. 500 list of the fastest growing private companies in America. Its award-winning, patented point of sale systems are fully integrated with payment processing services catering to restaurants, salons, spas and retail establishments Holland Drive Boca Raton, Florida

New Account Reference Guide

New Account Reference Guide New Account Reference Guide Welcome to BBVA Compass Merchant Services Thank you for choosing BBVA Compass as your Merchant Services provider. BBVA Compass is dedicated to providing your business with the

More information

Your guide to the Payment Card Industry Data Security Standard (PCI DSS) Merchant Business Solutions. Version 5.0 (April 2011)

Your guide to the Payment Card Industry Data Security Standard (PCI DSS) Merchant Business Solutions. Version 5.0 (April 2011) Your guide to the Payment Card Industry Data Security Standard (PCI DSS) Merchant Business Solutions Version 5.0 (April 2011) Contents Contents...2 Introduction...3 What are the 12 key requirements of

More information

PCI Compliance. Top 10 Questions & Answers

PCI Compliance. Top 10 Questions & Answers PCI Compliance Top 10 Questions & Answers 1. What is PCI Compliance and PCI DSS? 2. Who needs to follow the PCI Data Security Standard? 3. What happens if I don t comply? 4. What are the basic requirements

More information

PCI Compliance Top 10 Questions and Answers

PCI Compliance Top 10 Questions and Answers Where every interaction matters. PCI Compliance Top 10 Questions and Answers White Paper October 2013 By: Peer 1 Hosting Product Team www.peer1.com Contents What is PCI Compliance and PCI DSS? 3 Who needs

More information

Credit/Debit Card Processing Requirements and Best Practices. Adele Honeyman Oregon State Treasury Training Specialist

Credit/Debit Card Processing Requirements and Best Practices. Adele Honeyman Oregon State Treasury Training Specialist Credit/Debit Card Processing Requirements and Best Practices Adele Honeyman Oregon State Treasury Training Specialist 1 What? What do I need to know about excepting credit cards? Who s involved, how it

More information

UNL PAYMENT CARD POLICY AND PROCEDURES. Table of Contents

UNL PAYMENT CARD POLICY AND PROCEDURES. Table of Contents UNL PAYMENT CARD POLICY AND PROCEDURES Table of Contents Payment Card Merchant Security Standards Policy and Procedures... 2 Introduction... 4 Payment Card Industry Data Security Standard... 4 Definitions...

More information

Section 3.9 PCI DSS Information Security Policy Issued: June 2016 Replaces: January 2015

Section 3.9 PCI DSS Information Security Policy Issued: June 2016 Replaces: January 2015 Section 3.9 PCI DSS Information Security Policy Issued: June 2016 Replaces: January 2015 I. PURPOSE The purpose of this policy is to establish guidelines for processing charges on Payment Cards to protect

More information

Payment Card Industry Data Security Standards.

Payment Card Industry Data Security Standards. Payment Card Industry Data Security Standards. Your guide to protecting cardholder data Helping you manage the risk. Credit Card fraud and data compromises are an increasingly serious problem, costing

More information

Payment Card Industry Data Security Standard (PCI DSS) Q & A November 6, 2008

Payment Card Industry Data Security Standard (PCI DSS) Q & A November 6, 2008 Payment Card Industry Data Security Standard (PCI DSS) Q & A November 6, 2008 What is the PCI DSS? And what do the acronyms CISP, SDP, DSOP and DISC stand for? The PCI DSS is a set of comprehensive requirements

More information

Getting Started. Quick Reference Guide for Payment Processing

Getting Started. Quick Reference Guide for Payment Processing Getting Started Quick Reference Guide for Payment Processing In today s competitive landscape, you have many choices when it comes to selecting your payments provider, and we appreciate your business.

More information

Frequently Asked Questions

Frequently Asked Questions PCI Compliance Frequently Asked Questions Table of Content GENERAL INFORMATION... 2 PAYMENT CARD INDUSTRY DATA SECURITY STANDARD (PCI DSS)...2 Are all merchants and service providers required to comply

More information

UNIVERSITY CONTROLLER S OFFICE

UNIVERSITY CONTROLLER S OFFICE UNIVERSITY CONTROLLER S OFFICE Payment Card Industry (PCI) Security Standards Training Guide (updated for 3.1 requirements) February 2016 Disclaimer: The information in this guide is current as of the

More information

Chargeback Reason Code List - U.S.

Chargeback Reason Code List - U.S. AL Airline Transaction Dispute AP Automatic Payment AW Altered Amount CA Cash Advance Dispute CD Credit Posted as Card Sale CR Cancelled Reservation This chargeback occurs because of a dispute on an Airline

More information

Payment Card Industry Data Security Standards

Payment Card Industry Data Security Standards Payment Card Industry Data Security Standards The payment card industry data security standard PCI DSS Visa and MasterCard have developed the Payment Card Industry Data Security Standard or PCI DSS as

More information

Dear Valued Merchant,

Dear Valued Merchant, Dear Valued Merchant, Welcome to Central Payment thank you for becoming our client. We are committed to providing our merchants with outstanding customer service and superior products. It is our company

More information

Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire

Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire Instructions and Guidelines Version 1.1 February 2008 Table of Contents About this Document... 1 PCI Data Security Standard

More information

TREASURER S OFFICE ADMINISTRATIVE STANDARDS FOR THE TREASURER S FISCAL PROCEDURE No. 08-01 MERCHANT DEBIT AND CREDIT CARD RECEIPTS

TREASURER S OFFICE ADMINISTRATIVE STANDARDS FOR THE TREASURER S FISCAL PROCEDURE No. 08-01 MERCHANT DEBIT AND CREDIT CARD RECEIPTS TREASURER S OFFICE ADMINISTRATIVE STANDARDS FOR THE TREASURER S FISCAL PROCEDURE No. 08-01 MERCHANT DEBIT AND CREDIT CARD RECEIPTS 1. Introduction Debit and Credit Card Receipt Standards apply to the administration

More information

Accepting Payment Cards and ecommerce Payments

Accepting Payment Cards and ecommerce Payments Policy V. 4.1.1 Responsible Official: Vice President for Finance and Treasurer Effective Date: September 29, 2010 Accepting Payment Cards and ecommerce Payments Policy Statement The University of Vermont

More information

Visa Account Information Security Tool Kit. Welcome to the Visa Account Information Security Program

Visa Account Information Security Tool Kit. Welcome to the Visa Account Information Security Program Visa Account Information Security Tool Kit Welcome to the Visa Account Information Security Program 2 Contents 1. Securing cardholder data is everyone s concern 4 2. Visa Account Information Security (AIS)

More information

SECTION: SUBJECT: PCI-DSS General Guidelines and Procedures

SECTION: SUBJECT: PCI-DSS General Guidelines and Procedures 1. Introduction 1.1. Purpose and Background 1.2. Central Coordinator Contact 1.3. Payment Card Industry Data Security Standards (PCI-DSS) High Level Overview 2. PCI-DSS Guidelines - Division of Responsibilities

More information

Dartmouth College Merchant Credit Card Policy for Managers and Supervisors

Dartmouth College Merchant Credit Card Policy for Managers and Supervisors Dartmouth College Merchant Credit Card Policy for Managers and Supervisors Mission Statement Dartmouth College requires all departments that process, store or transmit credit card data remain in compliance

More information

Sales Rep Frequently Asked Questions

Sales Rep Frequently Asked Questions V 02.21.13 Sales Rep Frequently Asked Questions OMEGA Processing Data Protection Program February 2013 - Updated In response to a national rise in data breaches and system compromises, OMEGA Processing

More information

STOP Important Information Please Read

STOP Important Information Please Read STOP Important Information Please Read Welcome Kit Contents MasterCard / Visa Decal Welcome Letter Terminal Sticker May already be applied to terminal FAQ s Sample Statement Table of Contents Important

More information

Understanding and Preventing Chargebacks and Retrievals

Understanding and Preventing Chargebacks and Retrievals Understanding and Preventing Chargebacks and Retrievals Table of Contents Introduction... 2 The Purpose of This Guide.... 2 Retrieval Requests.. 3 What Is a Retrieval Request?... 3 Life Cycle of a Retrieval

More information

PAI Secure Program Guide

PAI Secure Program Guide PAI Secure Program Guide A complete guide to understanding the Payment Card Industry Data Security Requirements and utilizing the PAI Secure Program. Letter From the CEO Welcome to PAI Secure. As you

More information

Becoming PCI Compliant

Becoming PCI Compliant Becoming PCI Compliant Jason Brown - brownj52@michigan.gov Enterprise Security Architect Enterprise Architecture Department of Technology, Management and Budget State of Michigan @jasonbrown17 History

More information

Worldpay s guide to the Payment Card Industry Data Security Standard (PCI DSS)

Worldpay s guide to the Payment Card Industry Data Security Standard (PCI DSS) Worldpay s guide to the Payment Card Industry Data Security Standard (PCI DSS) What is PCI DSS? The 12 Requirements Becoming compliant with SaferPayments Understanding the jargon SaferPayments Be smart.

More information

Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking

Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking SUMMARY The Payment Card Industry Data Security Standard (PCI DSS) defines 12 high-level security requirements directed

More information

CREDIT CARD PROCESSING POLICY AND PROCEDURES

CREDIT CARD PROCESSING POLICY AND PROCEDURES CREDIT CARD PROCESSING POLICY AND PROCEDURES Note: For purposes of this document, debit cards are treated the same as credit cards. Any reference to credit cards includes credit and debit card transactions.

More information

PCI Data Security Standards

PCI Data Security Standards PCI Data Security Standards An Introduction to Bankcard Data Security Why should we worry? Since 2005, over 500 million customer records have been reported as lost or stolen 1 In 2010 alone, over 134 million

More information

Vanderbilt University

Vanderbilt University Vanderbilt University Payment Card Processing and PCI Compliance Policy and Procedures Manual PCI Compliance Office Information Technology Treasury VUMC Finance Table of Contents Policy... 2 I. Purpose...

More information

05.118 Credit Card Acceptance Policy. Vice Chancellor of Business Affairs. History: Effective July 1, 2011 Updated February 2013

05.118 Credit Card Acceptance Policy. Vice Chancellor of Business Affairs. History: Effective July 1, 2011 Updated February 2013 05.118 Credit Card Acceptance Policy Authority: Vice Chancellor of Business Affairs History: Effective July 1, 2011 Updated February 2013 Source of Authority: Office of State Controller (OSC); Office of

More information

PAYMENT CARD INDUSTRY (PCI) COMPLIANCE HISTORY & OVERVIEW

PAYMENT CARD INDUSTRY (PCI) COMPLIANCE HISTORY & OVERVIEW PAYMENT CARD INDUSTRY (PCI) COMPLIANCE HISTORY & OVERVIEW David Kittle Chief Information Officer Chris Ditmarsch Network & Security Administrator Smoker Friendly International / The Cigarette Store Corp

More information

This policy applies to all GPC units that process, transmit, or handle cardholder information in a physical or electronic format.

This policy applies to all GPC units that process, transmit, or handle cardholder information in a physical or electronic format. Policy Number: 339 Policy Title: Credit Card Processing Policy, Procedure, & Standards Review Date: 07-23-15 Approval Date: 07-27-15 POLICY: All individuals involved in handling credit and debit card transactions

More information

Clark Brands Payment Methods Manual. First Data Locations

Clark Brands Payment Methods Manual. First Data Locations Clark Brands Payment Methods Manual First Data Locations Table of Contents Introduction... 3 Valid Card Types... 3 Authorization Numbers, Merchant ID Numbers and Request for Copy Fax Numbers... 4 Other

More information

PCI DSS Policies Outline. PCI DSS Policies. All Rights Reserved. ecfirst. 2010. Page 1 of 7 www.ecfirst.com

PCI DSS Policies Outline. PCI DSS Policies. All Rights Reserved. ecfirst. 2010. Page 1 of 7 www.ecfirst.com Policy/Procedure Description PCI DSS Policies Install and Maintain a Firewall Configuration to Protect Cardholder Data Establish Firewall and Router Configuration Standards Build a Firewall Configuration

More information

6-8065 Payment Card Industry Compliance

6-8065 Payment Card Industry Compliance 0 0 0 Yosemite Community College District Policies and Administrative Procedures No. -0 Policy -0 Payment Card Industry Compliance Yosemite Community College District will comply with the Payment Card

More information

PCI Compliance Overview

PCI Compliance Overview PCI Compliance Overview 1 PCI DSS Payment Card Industry Data Security Standard Standard that is applied to: Merchants Service Providers (Banks, Third party vendors, gateways) Systems (Hardware, software)

More information

Fall Conference November 19 21, 2013 Merchant Card Processing Overview

Fall Conference November 19 21, 2013 Merchant Card Processing Overview Fall Conference November 19 21, 2013 Merchant Card Processing Overview Agenda Industry Definition Process Flows Processing Costs Chargeback's Payment Card Industry (PCI) Guidelines for Convenience Fees

More information

PCI-DSS: A Step-by-Step Payment Card Security Approach. Amy Mushahwar & Mason Weisz

PCI-DSS: A Step-by-Step Payment Card Security Approach. Amy Mushahwar & Mason Weisz PCI-DSS: A Step-by-Step Payment Card Security Approach Amy Mushahwar & Mason Weisz The PCI-DSS in a Nutshell It mandates security processes for handling, processing, storing and transmitting payment card

More information

Liverpool Hope University. PCI DSS Policy

Liverpool Hope University. PCI DSS Policy Liverpool Hope University PCI DSS Policy Document Control Date Revision/Amendment Details & Reason Author 26 th March 2015 Updates G. Donelan 23 rd June 2015 Audit Committee 7 th July 2015 University Council

More information

Payment Card Industry Data Security Standard Training. Chris Harper Vice President of Technical Services Secure Enterprise Computing, Inc.

Payment Card Industry Data Security Standard Training. Chris Harper Vice President of Technical Services Secure Enterprise Computing, Inc. Payment Card Industry Data Security Standard Training Chris Harper Vice President of Technical Services Secure Enterprise Computing, Inc. March 27, 2012 Agenda Check-In 9:00-9:30 PCI Intro and History

More information

University of Sunderland Business Assurance PCI Security Policy

University of Sunderland Business Assurance PCI Security Policy University of Sunderland Business Assurance PCI Security Policy Document Classification: Public Policy Reference Central Register IG008 Policy Reference Faculty / Service IG 008 Policy Owner Chief Financial

More information

PCI Training for Retail Jamboree Staff Volunteers. Securing Cardholder Data

PCI Training for Retail Jamboree Staff Volunteers. Securing Cardholder Data PCI Training for Retail Jamboree Staff Volunteers Securing Cardholder Data Securing Cardholder Data Introduction This PowerPoint presentation is designed to educate Retail Jamboree Staff volunteers on

More information

Fraud Protection, You and Your Bank

Fraud Protection, You and Your Bank Fraud Protection, You and Your Bank Maximize your chances to minimize your losses Presentation for Missouri GFOA April 2011 By: Terry Endres, VP, Government Treasury Solutions Phone: 314-466-6774 Terry.m.endres@baml.com

More information

PCI DSS FAQ. The twelve requirements of the PCI DSS are defined as follows:

PCI DSS FAQ. The twelve requirements of the PCI DSS are defined as follows: What is PCI DSS? PCI DSS is an acronym for Payment Card Industry Data Security Standards. PCI DSS is a global initiative intent on securing credit and banking transactions by merchants & service providers

More information

Whitepaper. PCI Compliance: Protect Your Business from Data Breach

Whitepaper. PCI Compliance: Protect Your Business from Data Breach Merchants often underestimate the financial impact of a breach. Direct costs include mandatory forensic audits, credit card replacement, fees, fines and breach remediation. PCI Compliance: Protect Your

More information

Glossary. Account number

Glossary. Account number Glossary Note: All definitions listed in this section are also available in the Course Glossary. You can access the course Glossary online by clicking the Glossary link in the Materials section of the

More information

Don Roeber Vice President, PCI Compliance Manager. Lisa Tedeschi Assistant Vice President, Compliance Officer

Don Roeber Vice President, PCI Compliance Manager. Lisa Tedeschi Assistant Vice President, Compliance Officer Complying with the PCI DSS All the Moving Parts Don Roeber Vice President, PCI Compliance Manager Lisa Tedeschi Assistant Vice President, Compliance Officer Types of Risk Operational Risk Normal fraud

More information

Payment Card Industry (PCI) Data Security Standard. Attestation of Compliance for Self-Assessment Questionnaire C-VT. Version 2.0

Payment Card Industry (PCI) Data Security Standard. Attestation of Compliance for Self-Assessment Questionnaire C-VT. Version 2.0 Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Self-Assessment Questionnaire C-VT Version 2.0 October 2010 Attestation of Compliance, SAQ C-VT Instructions for Submission

More information

Important Info for Youth Sports Associations

Important Info for Youth Sports Associations Important Info for Youth Sports Associations What the Heck is PCI DSS and Why Should I Care? Joe Posey Terrapin Financial Services Your Club is an ecommerce Business You accept online registration over

More information

Why Is Compliance with PCI DSS Important?

Why Is Compliance with PCI DSS Important? Why Is Compliance with PCI DSS Important? The members of PCI Security Standards Council (American Express, Discover, JCB, MasterCard, and Visa) continually monitor cases of account data compromise. These

More information

Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire D and Attestation of Compliance

Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire D and Attestation of Compliance Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire D and Attestation of Compliance All other SAQ-Eligible Merchants and Service Providers Version 2.0 October 2010 Document

More information

What To Do if Compromised. Visa USA Fraud Investigations and Incident Management Procedures

What To Do if Compromised. Visa USA Fraud Investigations and Incident Management Procedures What To Do if Compromised Visa USA Fraud Investigations and Incident Management Procedures Table of Contents Introduction......................................................... 1 Security Breach Reporting............................................

More information

WISCONSIN ACCOUNTING MANUAL Department of Administration State Controller s Office

WISCONSIN ACCOUNTING MANUAL Department of Administration State Controller s Office BACKGROUND State of Wisconsin agencies accepted more than 6 million credit/debit card payments annually through the following payment channels: Point of Sale (State agency location) Point of Sale (Retail-agent

More information

Viterbo University Credit Card Processing & Data Security Procedures and Policy

Viterbo University Credit Card Processing & Data Security Procedures and Policy The requirements for PCI-DSS compliance are quite numerous and at times extremely complicated due to their interdependent nature and scope. The University has deemed it necessary for those areas currently

More information

What are the PCI DSS requirements? PCI DSS comprises twelve requirements, often referred to as the digital dozen. These define the need to:

What are the PCI DSS requirements? PCI DSS comprises twelve requirements, often referred to as the digital dozen. These define the need to: What is the PCI standards council? The Payment Card Industry Standards Council is an institution set-up by American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International

More information

Failure to follow the following procedures may subject the state to significant losses, including:

Failure to follow the following procedures may subject the state to significant losses, including: SUBJECT: Policy and Procedures PAGE: 1 of 5 INTRODUCTION During fiscal year 2014, State of Wisconsin agencies accepted approximately 6 million credit/debit card payments through the following payment channels:

More information

FORT HAYS STATE UNIVERSITY CREDIT CARD SECURITY POLICY

FORT HAYS STATE UNIVERSITY CREDIT CARD SECURITY POLICY FORT HAYS STATE UNIVERSITY CREDIT CARD SECURITY POLICY Page 1 of 6 Summary The Payment Card Industry Data Security Standard (PCI DSS), a set of comprehensive requirements for enhancing payment account

More information

How to complete the Secure Internet Site Declaration (SISD) form

How to complete the Secure Internet Site Declaration (SISD) form 1 How to complete the Secure Internet Site Declaration (SISD) form The following instructions are designed to assist you in completing the SISD form that forms part of your Merchant application. Once completed,

More information

CREDIT CARD MERCHANT PROCEDURES MANUAL. Effective Date: 5/25/2011

CREDIT CARD MERCHANT PROCEDURES MANUAL. Effective Date: 5/25/2011 CREDIT CARD MERCHANT PROCEDURES MANUAL Effective Date: 5/25/2011 Updated: May 25, 2011 TABLE OF CONTENTS Introduction... 1 Third-Party Vendors... 1 Merchant Account Set-up... 2 Personnel Requirements...

More information

Data Security Requirements for K-12 January 28, 2010. Payment Card Industry (PCI)

Data Security Requirements for K-12 January 28, 2010. Payment Card Industry (PCI) CUR RITY SE Data Security Requirements for K-12 January 28, 2010 Payment Card Industry (PCI) SE CUR RITY 1 Welcome To Join The Voice Conference Dial 866-939-3921 Technical issues press 0 Q & A We ll leave

More information

COLUMBUS STATE COMMUNITY COLLEGE POLICY AND PROCEDURES MANUAL

COLUMBUS STATE COMMUNITY COLLEGE POLICY AND PROCEDURES MANUAL PAYMENT CARD INDUSTRY COMPLIANCE (PCI) Effective June 1, 2011 Page 1 of 6 (1) Definitions a. Payment Card Industry Data Security Standards (PCI-DSS): A set of standards established by the Payment Card

More information

Emory University & Emory Healthcare

Emory University & Emory Healthcare Emory University & Emory Healthcare Payment Card Processing and Compliance Policy and Procedures Manual Office of Cash and Debt Management Mailstop 1599-001-1AE 1599 Clifton Road, 3 rd Floor Atlanta, GA

More information

Westpac Merchant. A guide to meeting the new Payment Card Industry Security Standards

Westpac Merchant. A guide to meeting the new Payment Card Industry Security Standards Westpac Merchant A guide to meeting the new Payment Card Industry Security Standards Contents Introduction 01 What is PCIDSS? 02 Why does it concern you? 02 What benefits will you receive from PCIDSS?

More information

Minnesota State Colleges and Universities System Procedures Chapter 5 Administration. Guideline 5.23.1.10 Payment Card Industry Technical Requirements

Minnesota State Colleges and Universities System Procedures Chapter 5 Administration. Guideline 5.23.1.10 Payment Card Industry Technical Requirements Minnesota State Colleges and Universities System Procedures Chapter 5 Administration Payment Card Industry Technical s Part 1. Purpose. This guideline emphasizes many of the minimum technical requirements

More information

University Policy Accepting and Handling Payment Cards to Conduct University Business

University Policy Accepting and Handling Payment Cards to Conduct University Business BROWN UNIVERSITY University Policy Accepting and Handling Payment Cards to Conduct University Business Table of Contents Purpose... 2 Scope... 2 Authorization... 2 Establishing a new account... 2 Policy

More information

New York University University Policies

New York University University Policies New York University University Policies Title: Payment Card Industry Data Security Standard Policy Effective Date: April 11, 2012 Supersedes: N/A Issuing Authority: Executive Vice President for Finance

More information

Accounting and Administrative Manual Section 100: Accounting and Finance

Accounting and Administrative Manual Section 100: Accounting and Finance No.: C-13 Page: 1 of 6 POLICY: It is the policy of the University of Alaska that all payment card transactions are to be executed in compliance with standards established by the Payment Card Industry Security

More information

WASHINGTON STATE UNIVERSITY MERCHANT ACCOUNT AGREEMENT FOR UNIVERSITY DEPARTMENTS

WASHINGTON STATE UNIVERSITY MERCHANT ACCOUNT AGREEMENT FOR UNIVERSITY DEPARTMENTS WASHINGTON STATE UNIVERSITY MERCHANT ACCOUNT AGREEMENT FOR UNIVERSITY DEPARTMENTS I. Introduction, Background and Purpose This Merchant Account Agreement (the Merchant Agreement or Agreement ) is entered

More information

TNHFMA 2011 Fall Institute October 12, 2011 TAKING OUR CUSTOMERS BUSINESS FORWARD. The Cost of Payment Card Data Theft and Your Business

TNHFMA 2011 Fall Institute October 12, 2011 TAKING OUR CUSTOMERS BUSINESS FORWARD. The Cost of Payment Card Data Theft and Your Business TAKING OUR CUSTOMERS BUSINESS FORWARD The Cost of Payment Card Data Theft and Your Business Aaron Lego Director of Business Development Presentation Agenda Items we will cover: 1. Background on Payment

More information

Payment Card Acceptance Administrative Policy

Payment Card Acceptance Administrative Policy Administrative Procedure Approved By: Brandon Gilliland, Associate Vice President for Finance & Controller Effective Date: October 1, 2014 History: Approval Date: September 25, 2014 Revisions: Type: Administrative

More information

ACCEPTING PAYMENT CARDS FOR CONDUCTING UNIVERSITY BUSINESS:

ACCEPTING PAYMENT CARDS FOR CONDUCTING UNIVERSITY BUSINESS: Boston College Policy ACCEPTING PAYMENT CARDS FOR CONDUCTING UNIVERSITY BUSINESS: PURPOSE OF POLICY: The purpose of this policy is to establish procedures for accepting payment cards at Boston College

More information

Whitepaper. PCI Compliance: Protect Your Business from Data Breach

Whitepaper. PCI Compliance: Protect Your Business from Data Breach Merchants often underestimate the financial impact of a breach. Direct costs include mandatory forensic audits, credit card replacement, fees, fines and breach remediation. PCI Compliance: Protect Your

More information

University of Dayton Credit / Debit Card Acceptance Policy September 1, 2009

University of Dayton Credit / Debit Card Acceptance Policy September 1, 2009 University of Dayton Credit / Debit Card Acceptance Policy September 1, 2009 Effective Date of this Policy: August 1, 2008 Last Revision: September 1, 2009 Contact for More Information: UDit Internal Auditor

More information

IT Security Compliance PCI DSS FOR MERCHANTS THE PAYMENT CARD INDUSTRY DATE SECURITY STANDARD WHITE PAPER

IT Security Compliance PCI DSS FOR MERCHANTS THE PAYMENT CARD INDUSTRY DATE SECURITY STANDARD WHITE PAPER July 9 th, 2012 Prepared By: Mark Akins PCI QSA, CISSP, CISA WHITE PAPER IT Security Compliance PCI DSS FOR MERCHANTS THE PAYMENT CARD INDUSTRY DATE SECURITY STANDARD PCI DSS for Merchants The Payment

More information

ACCEPTING PAYMENT CARDS FOR CONDUCTING UNIVERSITY BUSINESS:

ACCEPTING PAYMENT CARDS FOR CONDUCTING UNIVERSITY BUSINESS: Boston College Policy ACCEPTING PAYMENT CARDS FOR CONDUCTING UNIVERSITY BUSINESS: PURPOSE OF POLICY: The purpose of this policy is to establish procedures for accepting payment cards at Boston College

More information

Information Technology

Information Technology Credit Card Handling Security Standards Overview Information Technology This document is intended to provide guidance to merchants (colleges, departments, organizations or individuals) regarding the processing

More information

Version 15.3 (October 2009)

Version 15.3 (October 2009) Copyright 2008-2010 Software Technology, Inc. 1621 Cushman Drive Lincoln, NE 68512 (402) 423-1440 www.tabs3.com Portions copyright Microsoft Corporation Tabs3, PracticeMaster, and the pinwheel symbol (

More information

La règlementation VisaCard, MasterCard PCI-DSS

La règlementation VisaCard, MasterCard PCI-DSS La règlementation VisaCard, MasterCard PCI-DSS Conférence CLUSIF "LES RSSI FACE À L ÉVOLUTION DE LA RÉGLEMENTATION" 7 novembre 07 Serge Saghroune Overview of PCI DSS Payment Card Industry Data Security

More information

Payment Card Industry Data Security Standards

Payment Card Industry Data Security Standards Payment Card Industry Data Security Standards Discussion Objectives Agenda Introduction PCI Overview and History The Protiviti Difference Questions and Discussion 2 2014 Protiviti Inc. CONFIDENTIAL: This

More information

Need to be PCI DSS compliant and reduce the risk of fraud?

Need to be PCI DSS compliant and reduce the risk of fraud? Need to be PCI DSS compliant and reduce the risk of fraud? NCR Security lessens your PCI compliance burden and protects the integrity of your network An NCR White Paper Experience a new world of interaction

More information

ACCEPTING CREDIT CARDS AND ELECTRONIC CHECKS TO CONDUCT UNIVERSITY BUSINESS

ACCEPTING CREDIT CARDS AND ELECTRONIC CHECKS TO CONDUCT UNIVERSITY BUSINESS UNIVERSITY OF NORTH DAKOTA FINANCE & OPERATIONS POLICY LIBRARY ACCEPTING CREDIT CARDS AND ELECTRONIC CHECKS TO CONDUCT UNIVERSITY BUSINESS Policy 2.3, Accepting Credit Cards and Electronic Checks to Conduct

More information

What To Do if Compromised. Visa USA Fraud Investigations and Incident Management Procedures

What To Do if Compromised. Visa USA Fraud Investigations and Incident Management Procedures What To Do if Compromised Visa USA Fraud Investigations and Incident Management Procedures Table of Contents Introduction......................................................... 1 Identifying and Detecting

More information

EAA Policy for Accepting and Handling Credit and Debit Card Payments ( Policy )

EAA Policy for Accepting and Handling Credit and Debit Card Payments ( Policy ) EAA Policy for Accepting and Handling Credit and Debit Card Payments ( Policy ) Background Due to increased threat of identity theft, fraudulent credit card activity and other instances where cardholder

More information

DATA SECURITY. Payment Card Industry (PCI) Compliance Steps for Organizations May 26, 2010. 2010 Merit Member Conference

DATA SECURITY. Payment Card Industry (PCI) Compliance Steps for Organizations May 26, 2010. 2010 Merit Member Conference 2010 Merit Member Conference Compliance Steps for Organizations May 26, 2010 Payment Card Industry (PCI) 1 Welcome 2 Welcome Q & A We ll leave time to address questions during the last 15 minutes of the

More information

PCI General Policy. Effective Date: August 2008. Approval: December 17, 2015. Maintenance of Policy: Office of Student Accounts REFERENCE DOCUMENTS:

PCI General Policy. Effective Date: August 2008. Approval: December 17, 2015. Maintenance of Policy: Office of Student Accounts REFERENCE DOCUMENTS: Effective Date: August 2008 Approval: December 17, 2015 PCI General Policy Maintenance of Policy: Office of Student Accounts PURPOSE: To protect against the exposure and possible theft of account and personal

More information

Merchant Card Processing Best Practices

Merchant Card Processing Best Practices Merchant Card Processing Best Practices Background: The major credit card companies (VISA, MasterCard, Discover, and American Express) have published a uniform set of data security standards that ALL merchants

More information

A8.700 TREASURY. This directive applies to all campuses of the University of Hawai i.

A8.700 TREASURY. This directive applies to all campuses of the University of Hawai i. Prepared by Treasury Office. This amends A8.710 dated July 2001. A8.710 April 2005 A8.700 TREASURY P 1 of 5 A8.710 Credit Card Program 1. Purpose To provide uniform procedures for the processing of credit

More information

An article on PCI Compliance for the Not-For-Profit Sector

An article on PCI Compliance for the Not-For-Profit Sector Level 8, 66 King Street Sydney NSW 2000 Australia Telephone +61 2 9290 4444 or 1300 922 923 An article on PCI Compliance for the Not-For-Profit Sector Page No.1 PCI Compliance for the Not-For-Profit Sector

More information

PCI Compliance and the Data Security Standards. A x i a. For more information visit www.axiapayments.com/pci. Your partner in payment services

PCI Compliance and the Data Security Standards. A x i a. For more information visit www.axiapayments.com/pci. Your partner in payment services PCI Compliance and the Data Security Standards Introduction The PCI DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of

More information

Saint Louis University Merchant Card Processing Policy & Procedures

Saint Louis University Merchant Card Processing Policy & Procedures Saint Louis University Merchant Card Processing Policy & Procedures Overview: Policies and procedures for processing credit card transactions and properly storing credit card data physically and electronically.

More information

PCI PA - DSS. Point XSA Implementation Guide. Atos Worldline Banksys XENTA SA. Version 1.00

PCI PA - DSS. Point XSA Implementation Guide. Atos Worldline Banksys XENTA SA. Version 1.00 PCI PA - DSS Point XSA Implementation Guide Atos Worldline Banksys XENTA SA Version 1.00 POINT TRANSACTION SYSTEMS AB Box 92031, 120 06 Stockholm, Tel. +46 8 566 287 00 www.point.se Page number 2 (16)

More information

Bendigo and Adelaide Bank Ltd Security Incident Response Procedure

Bendigo and Adelaide Bank Ltd Security Incident Response Procedure Bendigo and Adelaide Bank Ltd Security Incident Response Procedure Table of Contents 1 Introduction...1 2 Incident Definition...2 3 Incident Classification...2 4 How to Respond to a Security Incident...4

More information

Josiah Wilkinson Internal Security Assessor. Nationwide

Josiah Wilkinson Internal Security Assessor. Nationwide Josiah Wilkinson Internal Security Assessor Nationwide Payment Card Industry Overview PCI Governance/Enforcement Agenda PCI Data Security Standard Penalties for Non-Compliance Keys to Compliance Challenges

More information

PCI Compliance: How to ensure customer cardholder data is handled with care

PCI Compliance: How to ensure customer cardholder data is handled with care PCI Compliance: How to ensure customer cardholder data is handled with care Choosing a safe payment process for your business Contents Contents 2 Executive Summary 3 PCI compliance and accreditation 4

More information

GRINNELL COLLEGE CREDIT CARD PROCESSING AND SECURITY POLICY

GRINNELL COLLEGE CREDIT CARD PROCESSING AND SECURITY POLICY GRINNELL COLLEGE CREDIT CARD PROCESSING AND SECURITY POLICY PURPOSE The Payment Card Industry Data Security Standard was established by the credit card industry in response to an increase in identify theft

More information

Ti ps. Merchant. for Credit Card Transactions. Processing Tips CARD ONE INTERNATIONAL INC

Ti ps. Merchant. for Credit Card Transactions. Processing Tips CARD ONE INTERNATIONAL INC Merchant Processing Tips Ti ps for Credit Card Transactions CARD ONE INTERNATIONAL INC Card One International Inc - Merchant Processing Tips for Card Transactions Page 1 of 11 Merchant Processing Tips

More information