CISP Compliance. CounterPoint Helps Retailers Comply with Payment Card Industry (PCI) Data Security Standards... Compliance with CISP
|
|
- Maud Carroll
- 8 years ago
- Views:
Transcription
1 CISP Compliance Compliance with CISP means compliance with the PCI Data Security Standard with the required program validation. Using the PCI Data Security Standard as its framework, CISP provides the tools and measurements needed to protect against cardholder data exposure and compromise. CounterPoint Helps Retailers Comply with Payment Card Industry (PCI) Data Security Standards... What is CISP Compliance? The Visa Card Holder Information Security Program (CISP) is a subset of PCI that established compliance validation programs for software applications and processing service providers who serve Visa and MasterCard merchants. How does this help with PCI Compliance? The purpose of this validation is to make it easier for merchants to be sure providers are offering solutions which do not violate the merchants PCI compliance requirements. Where can I get more information? You can read more about CISP as it relates to PCI at the following address: CounterPoint s CISP Validation On the following two abbreviated PDF documents, Visa lists all validated applications and providers. The documents are also available from the site referenced above. You will see in these documents that all Radiant Systems applications and services, including CounterPoint, current in their validation testing of CISP compliance. By investing in a CounterPoint system with CISP Compliance, you have the tools available to you to help you meet PCI compliance requirements
2 List of Validated Payment Applications As of The following List of Validated Payment Applications have been assessed for compliance with the Payment Application Best Practices ( PABP ). Only those versions of the application identified in the listing below have been evaluated and determined to comply with PABP. Compliance with the PABP is determined based upon data and information developed by an evaluation of the application by a Qualified Payment Application Security Company ( QPASC ). Although Visa reviews the QPASC-developed data and information, Visa does not independently confirm such data or information nor does Visa perform any tests or analysis of the functionality, performance or suitability of any of the applications and/or products listed. Visa makes no endorsement or recommendation of applications or products, or of their respective developers or distributors. Furthermore, Visa makes no warranties, guarantees or representations that any of the applications or products will meet your requirements for performance or functionality, that the applications or products will be free from errors or malicious code, or that the applications or products will be compatible with any other systems or applications. Any and all representations or warranties, including any and all representations and warranties made by the payment application vendor, are disclaimed by Visa. The information provided herein is provided AS IS with no warranties, expressed or implied, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose and/or non-infringement. The information provided herein is subject to change by Visa, with or without notice. Although Visa makes good faith efforts to provide accurate and complete information, merchants, or anyone else utilizing the information set forth on the following List of Validated Payment Applications remain responsible for confirming the accuracy of the information set forth below, including but not limited to, confirming with the appropriate payment application vendor that the version of the application identified below is in compliance with PABP. Use of any one or more of the applications below (i) does not guarantee or ensure compliance with the PCI DSS; and (ii) does not satisfy any Acquirers obligation to perform their own evaluation and due diligence, to ensure the PCI DSS compliance of their merchants and agents. PABP reviews are valid for one year, with annual attestation due to Visa one year from the below VALIDATION DATE. Attestations that are from 1-60 days late are noted in yellow and reports that are from days late are noted in red. Entities with reports over 90 days past due will be removed from this list. (1) An annual validation is required for those payment applications with major upgrade or product version changes. If there are no changes to the product, Visa will require a letter signed by an Officer of the software company indicating no changes to the payment application and continued adherence to the Payment Application Best Practices. Visa will note that there were no changes to the product Visa U.S.A List of Validated Payment Applications 2007 Visa Inc. 1
3 PAYMENT APPLICATION VENDOR Princeton Payment Solutions m Quest Retail Radiant Systems PAYMENT APPLICATION APPLICATION VERSION VALIDATION DATE (1) ASSESSOR DESCRIPTION December 15, Labs Dial-to-IP and Serialto-IP converter and router to facilitate the transmission of transactions from an existing terminal across the Internet PayWare NET/ERP 4.3 June 20, 2006 Quest Manager (Quest Venue Manager, Quest Enterprise Manager, Quest Hospitality Manager) Aloha Suite Middleware solutions for large merchants 1.5 Coalfire Systems POS software solution designed for large stadiums or event venues with the need of centralized POS and payment processing 6.1 August 30, March 24, 2005 CounterPoint 7 December 15, 2007 CounterPoint SQL December 15, 2007 Exhibitor POS Suite November 15, April 11, 2006 table and quick service industry Formerly Synchronics. A point-of-sale and inventory management system suitable for businesses of all sizes that need to manage, consolidate and distribute information across many locations. The application also includes features designed to meet the specific needs of wholesale distributors and mail order business movie theatre / entertainment industry Lighthouse Suite November 15, 2007 quick service restaurants QSR POS Suite December 15, 2007 quick service restaurants RPOS PCS 6.6 July 7, 2006 petroleum and retail (1) An annual validation is required for those payment applications with major upgrade or product version changes. If there are no changes to the product, Visa will require a letter signed by an Officer of the software company indicating no changes to the payment application and continued adherence to the Payment Application Best Practices. Visa will note that there were no changes to the product Visa U.S.A List of Validated Payment Applications 2007 Visa Inc. 21
4 Visa U.S.A. Cardholder Information Security Program (CISP) List of Compliant Service Providers As Of The companies listed below successfully completed a CISP review based on the PCI Data Security Standard. The "VALIDATION DATE" is the date of last compliance. CISP reviews are valid for one year, with the next annual report due to Visa one year from the "VALIDATION DATE". Reports that are from 1-60 days late are noted in yellow and reports that are from days late are noted in red. Entities with reports over 90 days past due are removed from this list. It is the member's responsibility to use compliant service providers and to follow up with service providers if there are any questions about their compliance status. Visa U.S.A. Cardholder Information Security Program (CISP) List of Compliant Service Providers - All SERVICE PROVIDER VALIDATION DATE SERVICES COVERED BY REVIEW (1) ASSESSOR 1ShoppingCart.com Internet Security Metrics 1st Americard Merchant Payment Services 3Delta Systems July 31, 2007 Merchant Payment Services Fortrex Technologies 3Pea Technologies, Inc Prepaid Card Processing A3 IT Solutions Managed Hosting Academy Collection Service Debt Collection Agency Accel Networks January 31, 2008 Wireless AccountNow July 31, 2007 Account Management Services Accretive Commerce Direct Marketing Order Fulfillment RSM McGladrey ACH Direct Merchant RSM McGladrey ACI Worldwide Merchant, Inc ACS Government and Community Solutions April 30, 2007 Jefferson Wells Acxiom ICS/BNS Core & ISC/BNS Proprietary Bankruptcy Notification Services Adeptra Fraud and Chargeback Services Adteractive, Inc. February 28, 2008 Merchant Digital Marketing Digital Resources Group (DRG) Aegis Communications K3DES Affinity Solutions Loyalty Programs (1) CISP reviews represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers. Inclusion on this list indicates only that the service provider successfully completed a CISP assessment following requirements prescribed for their CISP Level, based on the report of an independent security assessor. Visa does not endorse the service providers or their business processes or practices. Visa has no duty to Members, merchants, processors or other third parties to obtain or review reports from any party required to submit a report, and Visa is not responsible to any party for the timeliness, accuracy or completeness of any report Visa U.S.A. Inc. 1 of 20
5 Visa U.S.A. Cardholder Information Security Program (CISP) List of Compliant Service Providers - All SERVICE PROVIDER VALIDATION DATE SERVICES COVERED BY REVIEW (1) ASSESSOR PEMCO Coalfire PeopleSupport GCA PeopleSupport-Costa Rica PFSweb, Inc. Order Fulfillment Pipeline Data Planet eshop Information Exchange Planet Payment Multi-Currency Plug & Pay Technologies, Inc. Internet POS Portal August 31, 2007 Merchant Coalfire POST Integrations, Inc. CyberTrust Prairie Systems, Inc. Payment Gateway Preferred Health Premiere Global Services Records Management Presto ATM Processing Priority Payment Systems Merchant Process America Information Exchange Profit Margins, Inc. Direct Marketing ProfitStars April 30, 2007 Progressive Distribution Merchant Janus Associates Propco Marketing PropertyBridge Merchant PSCU Financial Services, Inc. February 28, 2008 Bill Dispute Resolution Verizon Business PSIGate Internet Payment Gateway Qgiv QS/1 Quantum Services Payment Gateway Raven Eye Quickbooks Merchant Services Merchant Radiant Systems Rainbow Rewards Rewards/Gift Card Programs RBS Lynk (1) CISP reviews represent only a "snapshot" of security in place at the time of the review, and do not guarantee that those security controls remain in place after the review is complete. These reviews did not cover proprietary software solutions that may be used or sold by these service providers. Inclusion on this list indicates only that the service provider successfully completed a CISP assessment following requirements prescribed for their CISP Level, based on the report of an independent security assessor. Visa does not endorse the service providers or their business processes or practices. Visa has no duty to Members, merchants, processors or other third parties to obtain or review reports from any party required to submit a report, and Visa is not responsible to any party for the timeliness, accuracy or completeness of any report Visa U.S.A. Inc. 15 of 20
The following are responsible for the accuracy of the information contained in this document:
AskUGA 1 of 5 Credit/Debit Cards Responsible administrator: Senior Vice President for Finance and Administration Related Procedure: The Credit/Debit Card Processing Procedures Responsible department: Bursar's
More informationTREASURER S OFFICE ADMINISTRATIVE STANDARDS FOR THE TREASURER S FISCAL PROCEDURE No. 08-01 MERCHANT DEBIT AND CREDIT CARD RECEIPTS
TREASURER S OFFICE ADMINISTRATIVE STANDARDS FOR THE TREASURER S FISCAL PROCEDURE No. 08-01 MERCHANT DEBIT AND CREDIT CARD RECEIPTS 1. Introduction Debit and Credit Card Receipt Standards apply to the administration
More informationPROTECTION OF OUR MERCHANTS AND REFERRAL PARTNERS IS OUR FIRST CONCERN
PCI Q: What is PCI? A: The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information
More informationTHIRD PARTY AGENT REGISTRATION PROGRAM
THIRD PARTY AGENT REGISTRATION PROGRAM Frequently Asked Questions For the U.S., Canada and Latin America & Caribbean Regions General Information Q. What is the Third Party Agent Registration Program? A.
More informationPayment Gateways: Value and Security
Payment Gateways: Value and Security Presented by: Dmitriy Lerman, Dir. of Marketing 2009 CHARGE Anywhere, LLC. All trademarks, service marks, and trade names referenced in this material are the property
More informationPAYMENT CARD INDUSTRY (PCI) COMPLIANCE HISTORY & OVERVIEW
PAYMENT CARD INDUSTRY (PCI) COMPLIANCE HISTORY & OVERVIEW David Kittle Chief Information Officer Chris Ditmarsch Network & Security Administrator Smoker Friendly International / The Cigarette Store Corp
More informationIntroduction to PCI DSS Compliance. May 18, 2009 1:15 p.m. 2:15 p.m.
Introduction to PCI DSS Compliance May 18, 2009 1:15 p.m. 2:15 p.m. Disclaimer The opinions of the contributors expressed herein do not necessarily state or reflect those of the National Association of
More informationTools to help you purchase your POS System
Tools to help you purchase your POS System Purchasing any technology can be confusing, and this applies to the purchase of a point-of-sale (POS) System. This document will provide you with a checklist
More information* Any merchant that has suffered a hack that resulted in an account data compromise may be escalated to a higher validation level.
Q: What is PCI? A: The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain
More informationACCEPTING PAYMENT CARDS FOR CONDUCTING UNIVERSITY BUSINESS:
Boston College Policy ACCEPTING PAYMENT CARDS FOR CONDUCTING UNIVERSITY BUSINESS: PURPOSE OF POLICY: The purpose of this policy is to establish procedures for accepting payment cards at Boston College
More informationAgent Registration. Program Guide. (For use in Asia Pacific, Central Europe, Middle East, Africa)
Agent Registration Program Guide (For use in Asia Pacific, Central Europe, Middle East, Africa) Version 1 April 2014 Contents 1 INTRODUCTION... 3 1.1 ABOUT THIS GUIDE... 3 1.2 WHO NEEDS TO BE REGISTERED?...
More informationYour Compliance Classification Level and What it Means
General Information What are the Payment Card Industry (PCI) Data Security Standards? The PCI Data Security Standards represents a common set of industry tools and measurements to help ensure the safe
More informationThird Party Agent Registration Program Frequently Asked Questions
Third Party Agent Registration Program Frequently Asked Questions U.S., Canada and Latin America & Caribbean Regions General Information What is the Third Party Agent Registration Program? The Third Party
More informationCREDIT CARD PROCESSING AND MERCHANT SERVICES
CREDIT CARD PROCESSING AND MERCHANT SERVICES provides credit card processing and merchant services for a wide range of business types - including retail, e-commerce, professional services, restaurants,
More informationAgent Registration. Program Guidelines. (For use in Asia Pacific, Central Europe, Middle East and Africa)
(For use in Asia Pacific, Central Europe, Middle East and Africa) January 2012 Contents 1 INTRODUCTION... 3 1.1 BACKGROUND... 3 1.2 PURPOSE OF DOCUMENT... 4 1.3 WHO NEEDS TO BE REGISTERED?... 5 1.4 WHY
More informationFAQ s for Payment Card Processing at the University
FAQ s for Payment Card Processing at the University 1) We are thinking about taking credit cards for payments. What do we need to know? 2) Who is the PCPC (Payment Card Process Coordinator)? 3) What is
More informationQ: What is PCI? Q: To whom does PCI apply? Q: Where can I find the PCI Data Security Standards (PCI DSS)? Q: What are the PCI compliance deadlines?
Q: What is PCI? A: The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain
More informationYour Reference Guide to EMV Integration: Understanding the Liability Shift
Your Reference Guide to EMV Integration: Understanding the Liability Shift UNDERSTANDING EMV EMVCo was formed in February 1999 by Europay, MasterCard and Visa to establish and maintain global interoperability
More informationPayment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire
Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire Instructions and Guidelines Version 1.1 February 2008 Table of Contents About this Document... 1 PCI Data Security Standard
More informationWe believe First Data is well positioned to take advantage of all of these trends given the breadth of our solutions and our global operating
Given recent payment data breaches, clients are increasingly demanding robust security and fraud solutions; and Financial institutions continue to outsource and leverage technology providers given their
More informationSCHEDULE A MODIFIED SCOPE OF SERVICES MERCHANT CARD PROCESSING SERVICES STATE OF NORTH CAROLINA AND SUNTRUST MERCHANT SERVICES
SCHEDULE A MODIFIED SCOPE OF SERVICES MERCHANT CARD PROCESSING SERVICES STATE OF NORTH CAROLINA AND SUNTRUST MERCHANT SERVICES Contract Number 14-06002 The terms Servicers and Vendor shall be used interchangeably
More informationMerchant Application & Agreement Merchant Processing Terms & Conditions
Merchant Application & Agreement Merchant Processing Terms & Conditions MERCHANT # (ASSIGNED BY BANK) 100 Throckmorton Street, Suite 1800 Fort Worth, Texas 76102 MCC: MERCHANT APPLICATION & AGREEMENT ASSOCIATION
More informationFrequently Asked Questions
PCI Compliance Frequently Asked Questions Table of Content GENERAL INFORMATION... 2 PAYMENT CARD INDUSTRY DATA SECURITY STANDARD (PCI DSS)...2 Are all merchants and service providers required to comply
More informationHow To Protect Your Business From A Hacker Attack
Payment Card Industry Data Security Standards The payment card industry data security standard PCI DSS Visa and MasterCard have developed the Payment Card Industry Data Security Standard or PCI DSS as
More informationList of Compliant Service Providers
As of May 03, 2007 The companies listed below successfully completed a CISP review based on the PCI Data Security Standard. The " " is the date of last compliance. CISP reviews are valid for one year,
More informationACCEPTING PAYMENT CARDS FOR CONDUCTING UNIVERSITY BUSINESS:
Boston College Policy ACCEPTING PAYMENT CARDS FOR CONDUCTING UNIVERSITY BUSINESS: PURPOSE OF POLICY: The purpose of this policy is to establish procedures for accepting payment cards at Boston College
More informationPDQ Guide for the PCI Data Security Standard Self-Assessment Questionnaire C (Version 1.1)
PDQ has created an Answer Guide for the Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire C to help wash operators complete questionnaires. Part of the Access Customer Management
More informationIntro to PCI Compliance
Intro to PCI Compliance And the role Stone Edge V7.1 plays in helping you achieve that goal Monsoon Commerce. All rights reserved. What is PCI? PCI stands for Payment Card Industry In 2006, major financial
More informationLa règlementation VisaCard, MasterCard PCI-DSS
La règlementation VisaCard, MasterCard PCI-DSS Conférence CLUSIF "LES RSSI FACE À L ÉVOLUTION DE LA RÉGLEMENTATION" 7 novembre 07 Serge Saghroune Overview of PCI DSS Payment Card Industry Data Security
More informationSELLER METRICS Effective October 2013
SELLER METRICS Effective October 2013 TICKET SELLER METRICS What are Seller s? Bottom Line: Better Brokering = Lower Fees! TicketNetwork s Seller s is a set of measurements used to determine the fee that
More informationRegistry of Service Providers
Registry of Service Providers Program Guide Contents 1 2 1.1 What is the Registry of Service Providers? 2 1.2 Who can register? 3 1.3 Why register with Visa? 3 1.4 Implications for Visa Clients 4 2 5 2.1
More informationPayment Card Security
Payment Card Security January 31, 2008 Kieran Norton, Senior Manager Security & Privacy Services, Deloitte & Touche LLP Focus of the Presentation PCI Overview Background Current Environment Key Considerations
More informationVerified by Visa. Acquirer and Merchant Implementation Guide. U.S. Region. May 2011
Verified by Visa Acquirer and Merchant Implementation Guide U.S. Region Verified by Visa Acquirer and Merchant Implementation Guide U.S. Region VISA PUBLIC DISCLAIMER: THE RECOMMENDATIONS CONTAINED HEREIN
More informationThe Comprehensive, Yet Concise Guide to Credit Card Processing
The Comprehensive, Yet Concise Guide to Credit Card Processing Written by David Rodwell CreditCardProcessing.net Terms of Use This ebook was created to provide educational information regarding payment
More informationPCI Compliance Overview
PCI Compliance Overview 1 PCI DSS Payment Card Industry Data Security Standard Standard that is applied to: Merchants Service Providers (Banks, Third party vendors, gateways) Systems (Hardware, software)
More informationIntroduction to. May 18, 2009 1:15 p.m. 2:15 p.m.
Introduction to PCI DSS Compliance May 18, 2009 1:15 p.m. 2:15 p.m. Disclaimer The opinions of the contributors expressed herein do not necessarily state or reflect those of the National Association of
More informationFrequently Asked Questions
Contents CISP Program Overview... 2 1. To whom does CISP apply?...2 2. What does VISA define as "cardholder data"?...2 3. What if a merchant or service provider does not store Visa cardholder data?...2
More informationMobile Near-Field Communications (NFC) Payments
Mobile Near-Field Communications (NFC) Payments OCTOBER 2013 GENERAL INFORMATION American Express continues to develop its infrastructure and capabilities to support growing market interest in mobile payments
More informationTokenization Amplified XiIntercept. The ultimate PCI DSS cost & scope reduction mechanism
Tokenization Amplified XiIntercept The ultimate PCI DSS cost & scope reduction mechanism Paymetric White Paper Tokenization Amplified XiIntercept 2 Table of Contents Executive Summary 3 PCI DSS 3 The PCI
More informationPayment Card Industry Data Security Standard Training. Chris Harper Vice President of Technical Services Secure Enterprise Computing, Inc.
Payment Card Industry Data Security Standard Training Chris Harper Vice President of Technical Services Secure Enterprise Computing, Inc. March 27, 2012 Agenda Check-In 9:00-9:30 PCI Intro and History
More informationHow To Protect Visa Account Information
Account Information Security Merchant Guide At Visa, protecting our cardholders is at the core of everything we do. One of the many reasons people trust our brand is that we make buying and selling safer
More information05.118 Credit Card Acceptance Policy. Vice Chancellor of Business Affairs. History: Effective July 1, 2011 Updated February 2013
05.118 Credit Card Acceptance Policy Authority: Vice Chancellor of Business Affairs History: Effective July 1, 2011 Updated February 2013 Source of Authority: Office of State Controller (OSC); Office of
More informationSimplêfy Client Support and Information Services. PCI Compliance Guidebook
Simplêfy Client Support and Information Services PCI Compliance Guidebook Simplêfy, Inc. 301 Science Drive, Suite 280 Moorpark, CA 93021 Phone 888.341.2999 Fax 877.280.0885 Simplêfy is a Registered Trademark
More informationCal Poly PCI DSS Compliance Training and Information. Information Security http://security.calpoly.edu 1
Cal Poly PCI DSS Compliance Training and Information Information Security http://security.calpoly.edu 1 Training Objectives Understanding PCI DSS What is it? How to comply with requirements Appropriate
More informationICS Presents: The October 1st 2015 Credit Card Liability Shift: This Impacts Everyone!
ICS Presents: The October 1st 2015 Credit Card Liability Shift: This Impacts Everyone! Presenters: Cliff Gray Senior Associate of The Strawhecker Group Jon Bonham CISA, Coalfire The opinions of the contributors
More informationWhy Is Compliance with PCI DSS Important?
Why Is Compliance with PCI DSS Important? The members of PCI Security Standards Council (American Express, Discover, JCB, MasterCard, and Visa) continually monitor cases of account data compromise. These
More informationSecurity Breaches and Vulnerability Experiences Overview of PCI DSS Initiative and CISP Payment Application Best Practices Questions and Comments
Security in the Payment Card Industry OWASP AppSec Seattle Oct 2006 Hap Huynh, Information Security Specialist, Visa USA hhuynh@visa.com Copyright 2006 - The OWASP Foundation Permission is granted to copy,
More informationElectronic Payment Processing
Five Star Service Guaranteed The most reliable payment processing network in the industry Electronic Payment Processing Your challenges. Our solutions. Your success. One key strategy to your success is
More informationE-Market Policy Accepting Online Payment for Conducting University Business
Accepting Online Payment for Conducting University Business Responsible Office: Bursar s Office Contact: bursar@hartford.edu Effective Date: July 1, 2011 Last Revised: June 20, 2011 Last Reviewed: June
More informationA Compliance Overview for the Payment Card Industry (PCI)
A Compliance Overview for the Payment Card Industry (PCI) Many organizations are aware of the Payment Card Industry (PCI) and PCI compliance but are unsure if they are doing everything necessary. This
More informationTackling Campus-Wide e-commerce
SUNGARD SUMMIT 2007 sungardsummit.com 1 Tackling Campus-Wide e-commerce Presented by: Troy Boroughs University of Richmond March 22, 2007 A Community of Learning Introduction For years, the University
More informationMerchant Card Processing Best Practices
Merchant Card Processing Best Practices Background: The major credit card companies (VISA, MasterCard, Discover, and American Express) have published a uniform set of data security standards that ALL merchants
More informationGRINNELL COLLEGE CREDIT CARD PROCESSING AND SECURITY POLICY
GRINNELL COLLEGE CREDIT CARD PROCESSING AND SECURITY POLICY PURPOSE The Payment Card Industry Data Security Standard was established by the credit card industry in response to an increase in identify theft
More informationVisa U.S.A. Cardholder Information Security Program (CISP) List of Compliant Service Providers
As of November 15, 2006 The companies listed below successfully completed a CISP review based on the PCI Data Security Standard. The VALIDATION DATE is the date of last compliance. CISP reviews are valid
More informationValidation of PCI Compliance Requirements NC Office of the State Controller June 23, 2015
Validation of PCI Compliance Requirements NC Office of the State Controller June 23, 2015 Purpose The purpose of this document is to provide instructions to entities that subscribe to merchant cards processing
More information6-8065 Payment Card Industry Compliance
0 0 0 Yosemite Community College District Policies and Administrative Procedures No. -0 Policy -0 Payment Card Industry Compliance Yosemite Community College District will comply with the Payment Card
More informationCREDIT CARD PROCESSING POLICY AND PROCEDURES
CREDIT CARD PROCESSING POLICY AND PROCEDURES Note: For purposes of this document, debit cards are treated the same as credit cards. Any reference to credit cards includes credit and debit card transactions.
More informationHow Do I Understand Credit Card Processing Fees?
How Do I Understand Credit Card Processing Fees? Credit card processing rates and fees are often misunderstood and confusing, so we are committed to helping you understand the various costs associated
More informationQuestions and Answers PCI Compliance (Updated May 23, 2014)
Questions and Answers PCI Compliance (Updated ) The Alberta government is working toward PCI compliance, an industry standard created by the credit card industry to improve cardholder data security. The
More informationE-Commerce SOLUTIONS. Generate Online Revenue with E-Commerce Solutions. www.monexgroup.com
E-Commerce SOLUTIONS In this report, MONEXgroup examines various types of online payment processing and E-Commerce Solutions. The tremendous transition towards online shopping stores in Canada has opened
More informationTop Three POS System Vulnerabilities Identified to Promote Data Security Awareness
CISP BULLETIN Top Three POS System Vulnerabilities Identified to Promote Data Security Awareness November 21, 2006 To support compliance with the Cardholder Information Security Program (CISP), Visa USA
More informationPCI Compliance Just the Facts. Rick Dakin President Rick.dakin@CoalfireSystems.com 303.554.6333 ext. 7001
PCI Compliance Just the Facts Rick Dakin President Rick.dakin@CoalfireSystems.com 303.554.6333 ext. 7001 Agenda Regulatory Landscape Scary Bedtime Stories What went wrong? PCI Compliance Process o What
More informationCOLUMBUS STATE COMMUNITY COLLEGE POLICY AND PROCEDURES MANUAL
PAYMENT CARD INDUSTRY COMPLIANCE (PCI) Effective June 1, 2011 Page 1 of 6 (1) Definitions a. Payment Card Industry Data Security Standards (PCI-DSS): A set of standards established by the Payment Card
More informationUTAH STATE UNIVERSITY POLICIES AND PROCEDURES MANUAL
UTAH STATE UNIVERSITY POLICIES AND PROCEDURES MANUAL Title: Credit Card Handling and Acceptance Policy Policy Number: C3875 Effective Date: November 8, 2006 Issuing Authority: Office of VP Business and
More informationIntroduction to PCI DSS
Month-Year Introduction to PCI DSS March 2015 Agenda PCI DSS History What is PCI DSS? / PCI DSS Requirements What is Cardholder Data? What does PCI DSS apply to? Payment Ecosystem How is PCI DSS Enforced?
More informationCREDIT CARD MERCHANT PROCEDURES MANUAL. Effective Date: 5/25/2011
CREDIT CARD MERCHANT PROCEDURES MANUAL Effective Date: 5/25/2011 Updated: May 25, 2011 TABLE OF CONTENTS Introduction... 1 Third-Party Vendors... 1 Merchant Account Set-up... 2 Personnel Requirements...
More informationInsurance-Specific Payment Services Requires Insurance Industry Knowledge
Insurance-Specific Payment Services Requires Insurance Industry Knowledge by Primoris Services Overview Every business has to accept payments in order to collect funds and operate. There are multiple ways
More informationThoughts on PCI DSS 3.0. D. Timothy Hartzell CISSP, CISM, QSA, PA-QSA Associate Director
Thoughts on PCI DSS 3.0 D. Timothy Hartzell CISSP, CISM, QSA, PA-QSA Associate Director Agenda 1 2 3 Global Payment Card Statistics and Trends PCI DSS Overview PCI DSS Version 3.0: Important Timelines
More informationUniversity of Dayton Credit / Debit Card Acceptance Policy September 1, 2009
University of Dayton Credit / Debit Card Acceptance Policy September 1, 2009 Effective Date of this Policy: August 1, 2008 Last Revision: September 1, 2009 Contact for More Information: UDit Internal Auditor
More informationPayment Card Industry Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA-DSS) Frequently Asked Questions
PCI/PA-DSS FAQs Payment Card Industry Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA-DSS) Frequently Asked Questions What is PCI DSS? The Payment Card Industry Data
More informationCHEAT SHEET: PCI DSS 3.1 COMPLIANCE
CHEAT SHEET: PCI DSS 3.1 COMPLIANCE WHAT IS PCI DSS? Payment Card Industry Data Security Standard Information security standard for organizations that handle data for debit, credit, prepaid, e-purse, ATM,
More informationUniversity Policy Accepting Credit Cards to Conduct University Business
BROWN UNIVERSITY University Policy Accepting Credit Cards to Conduct University Business Purpose Brown University requires all departments that are involved with credit card handling to do so in compliance
More informationAchieving Compliance with the PCI Data Security Standard
Achieving Compliance with the PCI Data Security Standard June 2006 By Alex Woda, MBA, CISA, QDSP, QPASP This article describes the history of the Payment Card Industry (PCI) data security standards (DSS),
More informationAre You Ready For PCI v 3.0. Speaker: Corbin DelCarlo Institution: McGladrey LLP Date: October 6, 2014
Are You Ready For PCI v 3.0 Speaker: Corbin DelCarlo Institution: McGladrey LLP Date: October 6, 2014 Today s Presenter Corbin Del Carlo QSA, PA QSA Director, National Leader PCI Services Practice 847.413.6319
More informationMerchant Services Tool Kit TEXPO 2013
Merchant Services Tool Kit TEXPO 2013 Surcharges Visa Information Website Site Preview and PDF s: www.visa.com/merchantsurcharging Materials Notification of Intent to Surcharge Merchants who choose to
More informationIdentifying Security. Payment System. Federal Reserve Bank. Ellen Richey Chief Enterprise Risk Officer Visa Inc. Visa Public
Identifying Security Issues in the Retail Payment System Federal Reserve Bank Chicago Ellen Richey Chief Enterprise Risk Officer Visa Inc. June 5, 2008 Agenda 1. The Data Security Landscape 2. Recent Trends
More informationPreface. Author s Biography
Table of Contents Preface... 3 Author s Biography... 3 Executive Summary... 4 The Payment Card Industry Data Security Standard... 4 Applicability of the PCI DSS... 5 Compliance vs. Validation... 5 Defining
More informationCyber - Security and Investigations. Ingrid Beierly August 18, 2008
Cyber - Security and Investigations Ingrid Beierly August 18, 2008 Agenda Visa Cyber - Security and Investigations Today s Targets Recent Attack Patterns Hacking Statistics (removed) Top Merchant Vulnerabilities
More informationSaint Louis University Merchant Card Processing Policy & Procedures
Saint Louis University Merchant Card Processing Policy & Procedures Overview: Policies and procedures for processing credit card transactions and properly storing credit card data physically and electronically.
More informationIt is important to note, the payment brands and acquirers are responsible for enforcing compliance, not the PCI council.
PCI FAQ And MYTHS FREQUENTLY ASKED QUESTIONS (FAQ): Q: What is PCI? A: The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process,
More informationTable of Contents. 2 TouchSuite Welcome Kit
Welcome Kit Table of Contents Important Account Information... Welcome to TouchSuite Merchant Services... Help Desk Card Enclosed... Your Merchant ID (MID)... 3 3 3 3 Customer Support Numbers... 4 Card
More informationUnderstanding Payment Card Industry (PCI) Data Security
Understanding Payment Card Industry (PCI) Data Security Office of the State Controller November 2010 State of North Carolina The Enemy Major Security Breaches TJ-Max Heartland Hannaford Foods BJ s Wholesale
More informationDates VISA MasterCard Discover American Express. support EMV. International ATM liability shift 2
Network Updates Summer 2013 We are committed to working closely with you on achieving your business goals. As a part of this commitment, we carefully monitor Network changes and summarize them for your
More informationEMV Delivery of Mobile, Parking and Unattended Payments. Elavon
EMV Delivery of Mobile, Parking and Unattended Payments Elavon Elavon-At-A-Glance Elavon s primary business model is growth through partnerships; more than 1,500 Financial Institution partners serving
More information2.1.2 CARDHOLDER DATA SECURITY
University of Oxford Finance Division FINANCIAL POLICY 2.1.2 CARDHOLDER DATA SECURITY Date: 21 March 2013 Version: 2.1.2 Status: Approved Author: Simon Blee Bridget Midwinter TABLE OF CONTENTS Page EXECUTIVE
More informationPCI-PA-DSS. Solution Kit
PCI-PA-DSS Solution Kit Table of Contents Introduction Why a PCI-PA-DSS Solution Kit? PCI Standards Defined PCI DSS PA-DSS PTS Move The Button Getting Started Game Board The Winning Strategy TouchNet U.Commerce
More informationClark Brands Payment Methods Manual. First Data Locations
Clark Brands Payment Methods Manual First Data Locations Table of Contents Introduction... 3 Valid Card Types... 3 Authorization Numbers, Merchant ID Numbers and Request for Copy Fax Numbers... 4 Other
More informationPayment Card Industry Data Security Standard
Payment Card Industry Data Security Standard Abhinav Goyal, B.E.(Computer Science) MBA Finance Final Trimester Welingkar Institute of Management ISACA Bangalore chapter 13 th February 2010 Credit Card
More informationInternational Merchant Application Form
COMPANY DETAILS International Merchant Application Form Page 1 of 7 Company Name: DBA (If Applicable) : Registration Number : Country of Registration: VAT/ Tax ID / File Number: Street Address : City /
More informationPayment Card Industry Data Security Standards.
Payment Card Industry Data Security Standards. Your guide to protecting cardholder data Helping you manage the risk. Credit Card fraud and data compromises are an increasingly serious problem, costing
More informationPayment Card Industry Data Security Standard (PCI DSS) Q & A November 6, 2008
Payment Card Industry Data Security Standard (PCI DSS) Q & A November 6, 2008 What is the PCI DSS? And what do the acronyms CISP, SDP, DSOP and DISC stand for? The PCI DSS is a set of comprehensive requirements
More informationPayment Card Industry Data Security Standards
Payment Card Industry Data Security Standards Discussion Objectives Agenda Introduction PCI Overview and History The Protiviti Difference Questions and Discussion 2 2014 Protiviti Inc. CONFIDENTIAL: This
More informationPAI Secure Program Guide
PAI Secure Program Guide A complete guide to understanding the Payment Card Industry Data Security Requirements and utilizing the PAI Secure Program. Letter From the CEO Welcome to PAI Secure. As you
More informationOptimizing the Payment Process in SAP
Optimizing the Payment Process in SAP As a company, your goal is to serve your customers effectively, efficiently generating sales and collecting revenue. The nature of the sale and payment can take many
More informationNet Report s PCI DSS Version 1.1 Compliance Suite
Net Report s PCI DSS Version 1.1 Compliance Suite Real Security Log Management! July 2007 1 Executive Summary The strict requirements of the Payment Card Industry (PCI) Data Security Standard (DSS) are
More informationTruRewards Terms and Conditions
TruRewards Terms and Conditions TruRewards ("Program") is a promotional incentive program offered by Banner Bank ("Issuer," "we," and "us") residents of the United States. Under the Program, you will earn
More informationVISA EUROPE ACCOUNT INFORMATION SECURITY (AIS) PROGRAMME FREQUENTLY ASKED QUESTIONS (FAQS)
VISA EUROPE ACCOUNT INFORMATION SECURITY (AIS) PROGRAMME FREQUENTLY ASKED QUESTIONS (FAQS) Q1: What is the purpose of the AIS programme? Q2: What exactly is the Payment Card Industry (PCI) Data Security
More informationFive PCI Security Deficiencies of Restaurants
Whitepaper The Most Common PCI Compliance Mistakes of Brick-and-Mortar Locations By Bradley K. Cyprus- Senior Security Architect, Vendor Safe 2011 7324 Southwest Freeway, Suite 1700, Houston, TX 77074
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.1 April 2015 Section 1: Assessment Information Instructions for Submission
More informationFor more information on SQL injection, please refer to the Visa Data Security Alert, SQL Injection Attacks, available at www.visa.
Global Partner Management Notice Subject: Visa Data Security Alert Malicious Software and Internet Protocol Addresses Dated: April 10, 2009 Announcement: The protection of account information is a responsibility
More information