NCR Secure Pay FAQ Updated June 12, 2014

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "NCR Secure Pay FAQ Updated June 12, 2014"

Transcription

1 NCR Secure Pay FAQ Updated June 12, 2014 Contents What is NCR Secure Pay?... 1 What is the value of NCR Secure Pay?... 2 Host-based Settlement... 2 Token Replacement... 2 Point-to-Point Encryption (P2PE)... 2 Getting Started with NCR Secure Pay... 3 NCR Counterpoint Gateway... 4 Why switch to NCR Secure Pay?... 4 How is NCR Secure Pay different from NCR Counterpoint Gateway?... 4 NCR Counterpoint Mobile... 5 NCR Retail Online... 6 P2PE Hardware FAQ... 6 Europay, MasterCard, Visa (EMV)... 8 Additional Questions... 9 Secure Pay Details... 9 Processors Card Settlement and Manual Card Entry Connectivity What is NCR Secure Pay? NCR Secure Pay allows you to process payments in a PCI-DSS compliant and secure manner. This hosted electronic payment gateway works with NCR Counterpoint and NCR Retail Online for credit cards, debit cards, and stored value cards (gift cards). NCR Secure Pay helps you minimize your risk for a credit card security breach by taking credit card storage out of your local system and moving it to our NCR Secure Pay host. Big box stores aren t the only ones affected by security breaches; retailers of all sizes need to be aware of how to protect their businesses. Credit Card data breaches are expensive - even a modest exposure of 50 customer credit card numbers can result in unplanned costs of $10,000 or more in penalties, fees, time expenditure, and, the most difficult to quantify: reputation. (Source for penalty data)

2 What is the value of NCR Secure Pay? NCR Secure Pay was built to provide a hosted payment processing platform offering the highest level of payment security. It is our next generation gateway product to NCR Counterpoint Gateway. In addition to supporting additional processors, NCR Secure Pay also provides additional security measures including Token Replacement and Point-to-Point Encryption (P2PE), which is available when NCR Secure Pay-encrypted hardware is used. Host-based Settlement NCR Secure Pay uses host-based settlement, which stores transaction information at NCR s host, rather than your NCR Counterpoint installation, until settlement. This provides flexibility allowing settlement to be easily automated from the host or initiated from any web browser by using the NCR Secure Pay merchant portal. Token Replacement NCR Secure Pay automatically utilizes token replacement, also known as tokenization, which allows NCR Counterpoint to store a token instead of an actual card number. The card number is stored at the NCR Secure Pay host in its encrypted database. This functionality is used to securely store a customer's card number for future purposes such as validated returns and card-on-file transactions. Point-to-Point Encryption (P2PE) Point-to-point encryption (P2PE) ensures sensitive credit and debit card data is protected from first card swipe, while in transit, all the way to the NCR Secure Pay host. State of the art encrypting devices encrypt cardholder information prior to performing an electronic payment transaction. These sophisticated devices use strong encryption and industry standard key management technologies to encrypt and transmit cardholder data securely over any network. NCR Secure Pay provides point-to-point encryption for credit and debit transactions when an encrypting MSR is used. The MSR hardware is injected with NCR Secure Pay encryption keys, so NCR Counterpoint never has the actual card information. Only the NCR Secure Pay host has the keys to decrypt the data before sending it to the processor. What are the benefits of P2PE? Credit card data is encrypted throughout its lifecycle in your environment, increasing security, and reducing the risk of a credit card data breach. What are the requirements for P2PE? You will need to use an NCR Secure Pay encrypting MSR to take advantage of P2PE. What are the implications of P2PE on PCI Compliance? The merchant should still assume that they need to complete self-assessment questionnaires regularly as a part of their PCI compliance efforts. However, use of P2PE and token replacement should result in decreased scope for PCI.

3 Getting Started with NCR Secure Pay How do I sign up for NCR Secure Pay? You can register online through the NCR Counterpoint User Portal: https://userportal.counterpointpos.com/solution/merchant-services/ncrsecurepay.htm?do=register Do I need to buy new hardware to use NCR Secure Pay? No, you do not need new hardware to start realizing the benefits of tokenization and hosted settlements with NCR Secure Pay. However, if you would like to take advantage of P2PE offered with NCR Secure Pay, you will need to have NCR Secure Pay encrypted hardware. Find more details in the P2PE Hardware FAQ on page 6. What are the requirements for taking advantage of NCR Secure Pay? NCR Counterpoint: You must be using NCR Counterpoint version or higher to take advantage of NCR Secure Pay. In order to utilize the point-to-point encryption (P2PE) capabilities of NCR Secure Pay, you will also need to purchase NCR Secure Pay encrypting MSRs from NCR that have been injected with NCR Secure Pay encryption keys. NCR Retail Online (NRO): Credit card processing through NCR Retail Online will always be done using NCR Secure Pay. What is the pricing for NCR Secure Pay? The pricing for NCR Secure Pay is the same as it was for NCR Counterpoint Gateway: Description Standard NCR Merchant Solutions Activation Fee $150 $100 Transaction Fee Up to 4,000 / month Up to 7,000 / month More than 7,000 / month More than 15,000 / month Up to 2,000 / month, avg ticket under $40 $0.075 $0.07 $0.06 Request Quote Request Quote $0.05 $0.04 $0.04 Request Quote Request Quote Minimum Monthly Fee $20 $15 Minimum Inactive Fee $5 $5 What is the billing process for NCR Secure Pay? You will receive a monthly invoice for NCR Secure Pay. What is the URL for the NCR Secure Pay Merchant Portal? https://portal.ncrsecurepay.com

4 NCR Counterpoint Gateway Why switch to NCR Secure Pay? For the same price, NCR Secure Pay offers a PCI compliant electronic payment processing solution with access to an expanded list of processors and added security features, including Tokenization and Pointto-Point Encryption (P2PE) that are not available with NCR Counterpoint Gateway. Pricing for NCR Secure Pay is not affected by whether NCR Secure Pay encrypting hardware is used. P2PE encrypting hardware for NCR Secure Pay cannot be purchased on the open market and must be purchased directly from your NCR Authorized Partner. Please note that you do not need new hardware to start realizing the benefits of tokenization and hosted settlements with NCR Secure Pay. However, if you would like to take advantage of P2PE offered with NCR Secure Pay, you will need to have NCR Secure Pay encrypted hardware. Find more details about P2PE Hardware on page 6. How is NCR Secure Pay different from NCR Counterpoint Gateway? Added Functionality:. NCR Secure Pay offers Point-to-Point Encryption (P2PE) with encrypting MSR hardware which ensures credit card data is encrypted throughout its lifecycle in a merchant s environment, increasing security. NCR Counterpoint Gateway does not. NCR Secure Pay offers token replacement to NCR Counterpoint in cases where encrypted credit card data would typically be retained. NCR Counterpoint Gateway does not. NCR Secure Pay offers an expanded list of Credit Card and Gift Card processors. See our full list of Processors on page 10. Other Differences: NCR Secure Pay offers host-based settlement (NCR Counterpoint Gateway uses terminal-based settlement) which adds to system security by removing all cardholder data from the NCR Counterpoint database and allows settlement to be easily automated from the host or initiated from any web browser by using the NCR Secure Pay merchant portal. NCR Secure Pay is hosted in NCR's Beltsville, Maryland data center, while NCR Counterpoint Gateway is hosted in NCR's (formerly Radiant's) Dallas Data Center. NCR Secure Pay uses a third-party processing engine, Monetra, from Mainstreet Software, while NCR Counterpoint Gateway was written internally. For customers with multiple locations, each location will have its own separate merchant with the processor. A separate NCR Secure Pay account is also required for each location. These accounts can be configured on the NCR Counterpoint User Portal (https://userportal.counterpointpos.com/). Some transaction behaviors are different with NCR Secure Pay: o Sale transactions originating at an NCR Secure Pay store can be refunded at a different NCR Secure Pay store using a validated return but the refund will be applied to the store that originally created sale. This behavior is not consistent with NCR Counterpoint Gateway. o Orders created at an NCR Secure Pay store with a final payment card recorded can be released at a different NCR Secure Pay store but the final payment will be applied to the store that created the order. Again, this behavior is not consistent with NCR Counterpoint Gateway.

5 o Orders created at an NCR Secure Pay store with a final payment card recorded can accept deposits using the final payment card at a different NCR Secure Pay store, but the originating store will receive the deposit. o Note: Transactions originating at a NCR Counterpoint Gateway store can be completed at NCR Secure Pay stores since the stored credit card number can be used against NCR Secure Pay. The store receiving the charge in these transactions is the store completing the transaction. This behavior is consistent with NCR Counterpoint Gateway behavior today. NCR Counterpoint Gateway has support for dial back-up via CPDialup. With NCR Secure Pay to achieve dial back-up, you will need to use an ISP that supports dial back-up using a router. NCR Counterpoint Gateway supports check validation and EBT. NCR Secure Pay does not support either. NCR Counterpoint Gateway is integrated with Counterpoint V7 and NCR Counterpoint Online (CPO). NCR Secure Pay is not integrated with either. Are there any differences in speed between NCR Secure Pay and NCR Counterpoint Gateway? We have not benchmarked authorization speed yet, but we expect the processing time to be comparable as most of the time spent processing a transaction is with the processor, not NCR Counterpoint Gateway or NCR Secure Pay. What is the future of NCR Counterpoint Gateway? There is no plan to stop supporting NCR Counterpoint Gateway and force merchants to use NCR Secure Pay at this time. Merchants can keep using NCR Counterpoint Gateway, although new merchants will sign up for NCR Secure Pay by default, and NCR Retail Online merchants will be required to use NCR Secure Pay. NCR Counterpoint Gateway will be available at least through the end of 2015 to support Counterpoint V7, which will not interface to NCR Secure Pay. How do I move from NCR Counterpoint Gateway to NCR Secure Pay? First, you will need to ensure you are running version or above of NCR Counterpoint. To make the move you will initiate sign-ups for NCR Secure Pay on the NCR Counterpoint User Portal: https://userportal.counterpointpos.com/solution/merchant-services/ncrsecurepay.htm?do=register The sign-up fee for NCR Secure Pay is waived for merchants who move from NCR Counterpoint Gateway to NCR Secure Pay. Please use the promo code in the you received or contact to get a promo code to waive the sign-up fees. While you do not need new hardware to start realizing the benefits of tokenization and hosted settlements with NCR Secure Pay, if you would like to take advantage of NCR Secure Pay's P2PE capabilities, you will need to have NCR Secure Pay encrypted hardware. NCR Counterpoint Mobile Will NCR Secure Pay work with CPMobile? Yes. However, point-to-point encrypting MSRs for IOS devices are not available for use with NCR Counterpoint Mobile yet. We do not yet have a projected date for their availability.

6 NCR Retail Online How does NCR Secure Pay work with NCR Retail Online? NCR Retail Online uses what is known as the direct post method to access NCR Secure Pay. This means that when a customer creates an order on an NCR Retail Online site, the payment card information will be sent directly into the NCR Secure Pay host, and not the NCR Retail Online platform/application. Credit card settlement then happens at the host manually or on a scheduled basis as configured on the NCR Secure Pay merchant portal. The interface between NCR Retail Online and NCR Secure Pay is an NCR-developed and owned "extension" of Magento Community Edition. To process credit cards on NCR Retail Online, you must use NCR Secure Pay. What is the benefit of using NCR Secure Pay with NCR Retail Online? With the "direct post" method of processing card information, the NCR Retail Online platform does not retain the credit card data and is out of scope for PCI purposes. Where do I settle my NCR Retail Online credit cards? You will login to the NCR Secure Pay merchant portal (https://portal.ncrsecurepay.com) and initiate settlement manually or schedule settlement to happen at a pre-defined time every day. If I am using NCR Retail Online, does my NCR Counterpoint site have to use NCR Secure Pay as well? No. The implication of having this "split" environment is that there will be two settlements - one from NCR Secure Pay (for NCR Retail Online transactions) and one from NCR Counterpoint Gateway (for NCR Counterpoint transactions). This split settlement will be required until general release of NCR Secure Pay in 2014, and you will receive two invoices each month. Can I still use NCR Counterpoint Gateway with NCR Retail Online? No. NCR Retail Online is not integrated to NCR Counterpoint Gateway. I am a legacy Counterpoint Online customer. Can I use NCR Secure Pay? You can use NCR Secure Pay for NCR Counterpoint; however, you cannot use NCR Secure Pay for your Counterpoint Online site. We are not planning to integrate NCR Secure Pay with Counterpoint Online. If you use NCR Counterpoint Gateway for credit processing with Counterpoint Online and NCR Secure Pay for use with NCR Counterpoint, there will be two settlements, deposits, and monthly bills, one for each gateway. P2PE Hardware FAQ What hardware is available to take advantage of NCR Secure Pay's Point-to-Point Encryption capabilities? For pilot, only the MagTek Dynamag MagneSafe USB MSR is available, as of May 20, Our plans are as follows for NCR Secure Pay's General Release a. USB MSR: MagTek Dynamag MagneSafe USB MSR (Manufacturer model number ) b. Signature Capture, MSR, and PIN Debit: Ingenico isc250 c. POS Terminal HW: R7

7 How does the key injection process work for hardware that is injected with NCR Secure Pay encryption keys? Do I have to do anything to turn on encryption at the site? MSR Hardware must be injected with keys from the NCR Secure Pay hosts in order to do Point-to-Point Encryption with NCR Secure Pay. This ensures that data encrypted by the hardware can only be decrypted by NCR Secure Pay. The process is very similar to debit pin pad encryption, except rather than encrypting for a certain processor, we are encrypting for NCR Secure Pay. Encrypting MSR hardware must be purchased through your NCR Counterpoint Business Partner and will come with keys injected already. There is no onsite effort to turn on NCR Secure Pay P2PE encryption for equipment that is ordered from NCR with NCR Secure Pay encryption. Note: if you are using PIN debit, your hardware devices must also be injected with debit keys for your processor. Is hardware maintenance available for encrypted NCR Secure Pay hardware? Yes, the same hardware maintenance options that are available for non-encrypted hardware are available for encrypted NCR Secure Pay hardware. Which NCR POS terminals will have encrypting MSRs built-in for use with NCR Secure Pay? The R7, piloting in Q and generally available in Q4 2014, will definitely have an NCR Secure Pay built-in MSR option. The P1530 platform is currently being reviewed for feasibility of including an NCR Secure Pay built-in MSR. What is the timeline for the P1530 with NCR Secure Pay encrypting readers built-in? We are currently reviewing whether a P1530 solution with built-in NCR Secure Pay readers is feasible. Our new R7 POS will have the option of an NCR Secure Pay encrypting built-in MSR. If you hand-key a credit card number into an encrypting Ingenico device, will it be encrypted? Yes. The requirements provided to Ingenico for the isc250 encryption include encryption of manually keyed card numbers using NCR Secure Pay encryption. If you hand-key a credit card number into an encrypting Ingenico device or directly into NCR Counterpoint, will it be tokenized? When a cashier manually enters a credit card number on a ticket in a Secure Pay environment, tokenization will still occur. Even for manually-entered credit card numbers, the credit card transaction is stored in the NCR Secure Pay host database. After settlement, the data will be stored for one year in the Secure Pay host database, after which validated returns will no longer recognize the card number that was used in the original purchase. Does the encrypted card number go through the NCR Counterpoint server? When NCR Counterpoint uses NCR Secure Pay for credit processing, credit card information goes directly from the NCR Counterpoint workstation to the NCR Secure Pay host, and does not go through the NCR Counterpoint server. If I change processors do I need new hardware? Each PIN debit device is injected with separate keys for PIN encryption. NCR Secure Pay cannot decrypt PINs. If you change processors, and are using PIN debit, you will need to obtain new PIN pads or have your existing hardware re-injected with new PIN debit keys.

8 Can I have a mix of NCR Secure Pay encrypted hardware and non-ncr Secure Pay encrypted hardware? Yes. In a mixed scenario, NCR Secure Pay encrypting HW will offer Point-to-Point Encryption, and nonencrypting HW will use our standard NCR Counterpoint security measures. Since not all data entering the system is NCR Secure Pay encrypted, the site will not realize the full benefit of P2PE. Who issues the encryption key and holds the private decryption key? The NCR Secure Pay host issues the encryption key that is injected into the encrypting payment device, and the NCR Secure Pay host also retains the private key. That key is either injected by NCR or securely transmitted to an alternate HW vendor for injection into the device. NCR Secure Pay s Hardware Security Module (HSM), stores all key materials to perform cryptographic operations. Europay, MasterCard, Visa (EMV) What is EMV? EMV is a set of global standards for electronic payment cards utilizing an embedded processor on the physical payment card rather than a magnetic stripe on the back of a payment card, as is standard in the United States payment industry today. What are the benefits of EMV? Because of the smart card processor embedded in the payment card and the hardware required to read the card, creation and use of fraudulent cards is much less likely. Also, the consumer retains possession of cards at all times during a transaction, increasing security of the individual transaction. Am I required to support EMV? Processors were mandated to support EMV in April 2013 and merchants will be required to accept EMV in October 2015, or risk being financially liable in the event that a fraudulent card is used in the merchant s location. What is NCR s plan to support EMV? NCR Secure Pay development of EMV support is currently in progress. We expect to begin certifying processors with NCR Secure Pay in Q The Ingenico isc250 hardware platform already supports EMV with both signature and PIN from a manufacturer s standpoint and we will be adding support for these EMV capabilities in NCR Counterpoint. A device software update will be needed for any Ingenico isc250s in the field today in order to support EMV. EMV support through NCR Counterpoint using NCR Secure Pay and the Ingenico isc250 will be released in Is specific hardware required for EMV? Yes. EMV support will require using the Ingenico isc250. A device software update will be needed for any Ingenico isc250s in the field today in order to support EMV, but additional injection of keys in a secure facility is not required for EMV. How does supporting EMV impact PCI-DSS compliance? Currently, there is no overlap between PCI-DSS compliance and EMV. Support for EMV will required in 2015 and will help with liability in the event a fraudulent card is used.

9 Additional Questions Secure Pay Details What is the Monetra Processing Engine? NCR Secure Pay uses the Monetra processing engine (sometimes referred to as a 'gateway' or 'switch') to interface to credit, debit, and gift card processors. Monetra is a PA-DSS validated payment engine from Main Street Software, which will be hosted in a PCI compliant data center. Monetra does not have a web interface, so NCR has developed a browser-based Merchant Portal to allow merchants to configure their processing accounts. Merchants will also be able to schedule unattended settlement and have the results sent via . Where is NCR Secure Pay hosted? NCR Secure Pay is hosted in NCR's Beltsville, MD Data Center. The data center has the following Certifications/Standards/Compliance: d. SSAE 16 e. SOC 2 Type 2 f. PCI-DSS (Service Provider) on NCR Secure Pay platform g. ISO certified in Beltsville and at the Disaster Recovery site in Mason, Ohio h. FFIEC conducts an annual review of 4 weeks duration on behalf of financial institutions with a presence in the facility Is NCR Secure Pay PCI compliant? Yes Does using NCR Secure Pay make mea merchant PCI compliant? Use of NCR Secure Pay, even with NCR Secure Pay encrypting hardware and token replacement, does not automatically mean that a merchant isyou are PCI compliant, nor does it take a merchant's your site out of scope for PCI compliance, although its use is expected to reduce scope for PCI and make PCI compliance easier to obtain. PCI has developed requirements regarding End-to-End Encryption validation (also known as Point-to-Point Encryption), and we are working closely with our QSA, Coalfire, who sits on the PCI advisory board, to stay up-to-date on changes in this area and determine if the benefits of PCI P2PE validation outweigh the cost to the merchant of that certification. When using NCR Secure Pay, is credit card info (card #, exp date, etc.) stored in the NCR Counterpoint database? No cardholder data or sensitive authentication data is stored including card numbers and expiration dates. This is the primary benefit of tokenization.in addition to storing a token which will allow you to access transaction information for returns and other operations, you will have masked card information. NCR Secure Pay sends the first 6 and last 4 digits of the credit card as well as the expiration date and cardholder name which are useful in transaction lookups and reporting. Does NCR Secure Pay handle final payment processing on orders and layaways? Yes, final payment for orders and layaways will use tokenized credit card data. With P2PE, will I still have access to partial card number information for receipts and lookups? With P2PE MSRs, the MSR passes us both an encrypted credit card number, as well as masked credit card number for credit card look-ups, printing on receipts, etc.

10 Processors What types of payment transactions and processors are supported by NCR Secure Pay? Credit Card, PIN Debit Card, and Stored Value Card transactions (Gift Card transactions where Counterpoint Gift Cards are not used). Does NCR Secure Pay support every credit processor, gift card interface, and check processing host that is listed on the Monetra website (http://www.monetra.com)? NCR Secure Pay does not support all Monetra processors. We will first focus on delivering interface compatibility similar to NCR Counterpoint Gateway, along with new strategic processors. Support for additional processors will be added over time. Which processors are supported by NCR Secure Pay, with what capability, and when? Available at General Release July 31, 2014: Processor Name Credit PIN Debit Stored Value Cards Cards NCR Merchant Solutions (WorldPay/Lynk) First Data North (Cardnet) Chase Paymentech TSYS/Vital/VisaNet First Data South (Nabanco) Stored Value Systems (SVS) Elavon (Nova) * Mercury Payment Systems * Vantiv (Fifth Third Bank) * *Not supported with NCR Counterpoint Gateway. New for use with NCR Counterpoint! Future, Post-General Release Dates for Availability TBD: Processor Name Credit PIN Debit Stored Value Cards Cards First Data Omaha (ETC+) * Heartland Payment Systems * Elavon (Nova) * Mercury Payment Systems * Vantiv (Fifth Third Bank) * Global Payments * Givex * Chockstone Gift Valutec * *Not supported with NCR Counterpoint Gateway. New for use with NCR Counterpoint!

11

12 Card Settlement and Manual Card Entry How do I settle credit cards with NCR Secure Pay? Can I do automated settlements? You can log into the NCR Secure Pay merchant portal and initiate settlement manually or schedule settlement to happen at a pre-defined time of your choosing every day. What is the difference between host-based and terminal-based credit card settlement? The terms host-based and terminal-based refer to where the transactions are stored after authorization until they are settled. Terminal-based settlement requires the client application (NCR Counterpoint) to store transactions including card numbers and send all batch details to the host at time of settlement. Host-based settlement uses the same data but relies on the host to store the transactions. Settlement can occur purely on the host without the need for any additional data from NCR Counterpoint. This allows for settlement to be easily automated from the host or initiated from any web browser by using the NCR Secure Pay merchant portal. NCR Secure Pay can be considered a host-based system since it stores the transactions until settlement. Note that Monetra uses both terminal-based and host-based processor interfaces depending on the processor, but it is still a host-based system from NCR Counterpoint's perspective. Does host-based settlement completely remove authorizations from NCR Counterpoint? With host-based settlement, transaction data can be retained and later used for things like Validated Returns, but the actual credit card information is tokenized in those transactions. How does host-based settlement affect the card-on-file functionality in NCR Counterpoint for monthly billing? NCR Secure Pay supports tokenization which allows NCR Counterpoint to store a token instead of an actual card number while NCR Secure Pay stores card numbers in its encrypted database. This token allows for card-on-file transactions. What kind of settlement reporting does NCR Secure Pay have? Full reporting including transaction detail is available via the NCR Secure Pay merchant portal. What access do I have to credit card transaction information with NCR Secure Pay? You have online access, via the NCR Secure Pay merchant portal, to all credit card transaction information except full card numbers. Will manual entry of credit card numbers be possible in NCR Counterpoint using NCR Secure Pay? Yes. If you are using Ingenico isc250's for P2PE, you can maintain P2PE by having users enter credit card numbers manually on the Ingenico isc250. There is no provision for maintaining P2PE by entering credit card numbers manually into the NCR Counterpoint software. While NCR Counterpoint will not store the credit card numbers unencrypted if entered manually, the software will have knowledge of the credit card number before encrypting it. That said, if P2PE is not a concern, then manual entry in Counterpoint is still available functionality.

13 Connectivity Is there a dial-up option for NCR Secure Pay? (Related: If I am using NCR Secure Pay and lose access to it through a lost connection on my end or the host end, what alternatives do I have for taking payments?) Any high speed Internet connection can be used. Some routers offer automatic dial-up failover in case of a broadband connectivity failure. How reliable/available is NCR Secure Pay? Are there any availability or uptime guarantees? Our target is 99.99% or better application availability, which is less than an hour of unplanned inaccessibility per year. There are no availability or uptime guarantees. How will merchants, partners, and internal personnel be alerted to NCR Secure Pay availability issues/outages? Via , as is done with NCR Counterpoint Gateway today.

Credit Card Processing Overview

Credit Card Processing Overview CardControl 3.0 Credit Card Processing Overview Overview Credit card processing is a very complex and important system for anyone that sells goods. This guide will hopefully help educate and inform new

More information

CardControl. Credit Card Processing 101. Overview. Contents

CardControl. Credit Card Processing 101. Overview. Contents CardControl Credit Card Processing 101 Overview Credit card processing is a very complex and important system for anyone that sells goods. This guide will hopefully help educate and inform new and old

More information

Office of Finance and Treasury

Office of Finance and Treasury Office of Finance and Treasury How to Accept & Process Credit and Debit Card Transactions Procedure Related Policy Title Credit Card Processing Policy For University Merchant Locations Responsible Executive

More information

Target Security Breach

Target Security Breach Target Security Breach Lessons Learned for Retailers and Consumers 2014 Pointe Solutions, Inc. PO Box 41, Exton, PA 19341 USA +1 610 524 1230 Background In the aftermath of the Target breach that affected

More information

What is EMV? What is different?

What is EMV? What is different? U.S. consumers are receiving new debit and credit cards with embedded chip technology that better stores and protects cardholder information. These new chip cards are part of the new card standard, Europay,

More information

EMV FAQs. Contact us at: CS@VancoPayments.com. Visit us online: VancoPayments.com

EMV FAQs. Contact us at: CS@VancoPayments.com. Visit us online: VancoPayments.com EMV FAQs Contact us at: CS@VancoPayments.com Visit us online: VancoPayments.com What are the benefits of EMV cards to merchants and consumers? What is EMV? The acronym EMV stands for an organization formed

More information

Protecting Cardholder Data Throughout Your Enterprise While Reducing the Costs of PCI Compliance

Protecting Cardholder Data Throughout Your Enterprise While Reducing the Costs of PCI Compliance Payment Security White Paper Protecting Cardholder Data Throughout Your Enterprise While Reducing the Costs of PCI Compliance Breaches happen across all industries as thieves look for vulnerabilities.

More information

The Comprehensive, Yet Concise Guide to Credit Card Processing

The Comprehensive, Yet Concise Guide to Credit Card Processing The Comprehensive, Yet Concise Guide to Credit Card Processing Written by David Rodwell CreditCardProcessing.net Terms of Use This ebook was created to provide educational information regarding payment

More information

FUTURE PROOF TERMINAL QUICK REFERENCE GUIDE. Review this Quick Reference Guide to. learn how to run a sale, settle your batch

FUTURE PROOF TERMINAL QUICK REFERENCE GUIDE. Review this Quick Reference Guide to. learn how to run a sale, settle your batch QUICK REFERENCE GUIDE FUTURE PROOF TERMINAL Review this Quick Reference Guide to learn how to run a sale, settle your batch and troubleshoot terminal responses. INDUSTRY Retail and Restaurant APPLICATION

More information

Security & Encryption in Healthcare Payments PCI DSS Technical Assessment White Paper

Security & Encryption in Healthcare Payments PCI DSS Technical Assessment White Paper Security & Encryption in Healthcare Payments PCI DSS Technical Assessment White Paper June 05 White Paper Author: Andrey Sazonov CISA, QSA, PA-QSA asazonov@coalfire.com Nick Trenc QSA, PA-QSA nick.trenc@coalfiresystems.com

More information

EMV in Hotels Observations and Considerations

EMV in Hotels Observations and Considerations EMV in Hotels Observations and Considerations Just in: EMV in the Mail Customer Education: Credit Card companies have already started customer training for the new smart cards. 1 Questions to be Answered

More information

PCI DSS 101 FOR CTOs AND BUSINESS EXECUTIVES

PCI DSS 101 FOR CTOs AND BUSINESS EXECUTIVES PCI DSS 101 FOR CTOs AND BUSINESS EXECUTIVES CUTTING THROUGH THE COMPLEXITY AND CONFUSION Over the years, South African retailers have come under increased pressure to gain PCI DSS (Payment Card Industry

More information

SETUP GUIDE. Thank you for your purchase of Hamilton products! In this handy guide, you will discover: ADDITIONAL REQUIREMENTS SETUP HOW IT WORKS

SETUP GUIDE. Thank you for your purchase of Hamilton products! In this handy guide, you will discover: ADDITIONAL REQUIREMENTS SETUP HOW IT WORKS SETUP GUIDE High Speed Secure Credit Card Processing Thank you for your purchase of Hamilton products! In this handy guide, you will discover: WHAT IS INCLUDED ADDITIONAL REQUIREMENTS HOW IT WORKS SETUP

More information

EMV Frequently Asked Questions for Merchants May, 2014

EMV Frequently Asked Questions for Merchants May, 2014 EMV Frequently Asked Questions for Merchants May, 2014 Copyright 2014 Vantiv All rights reserved. Disclaimer The information in this document is offered on an as is basis, without warranty of any kind,

More information

EMV : Frequently Asked Questions for Merchants

EMV : Frequently Asked Questions for Merchants EMV : Frequently Asked Questions for Merchants The information in this document is offered on an as is basis, without warranty of any kind, either expressed, implied or statutory, including but not limited

More information

ICVERIFY V4.2 Processor List

ICVERIFY V4.2 Processor List ICVERIFY V4.2 Processor List (also known as First Data Payment Software) First Data Merchant Services - Atlanta (Concord Buypass) Debit/ATM cards with DUKPT and TDES encryption including Cash back Check

More information

Flexible and secure. acceo tender retail. payment solution. tender-retail.acceo.com

Flexible and secure. acceo tender retail. payment solution. tender-retail.acceo.com Flexible and secure payment solution acceo tender retail payment solution tender-retail.acceo.com Take control of your payment transactions ACCEO Tender Retail is a specialized middleware that handles

More information

6-8065 Payment Card Industry Compliance

6-8065 Payment Card Industry Compliance 0 0 0 Yosemite Community College District Policies and Administrative Procedures No. -0 Policy -0 Payment Card Industry Compliance Yosemite Community College District will comply with the Payment Card

More information

ICS Presents: The October 1st 2015 Credit Card Liability Shift: This Impacts Everyone!

ICS Presents: The October 1st 2015 Credit Card Liability Shift: This Impacts Everyone! ICS Presents: The October 1st 2015 Credit Card Liability Shift: This Impacts Everyone! Presenters: Cliff Gray Senior Associate of The Strawhecker Group Jon Bonham CISA, Coalfire The opinions of the contributors

More information

White Paper Solutions For Hospitality

White Paper Solutions For Hospitality White Paper Solutions For Hospitality Foreword Addressing the complexity of a hospitality ecosystem as varied as the front desk to the parking garage, to the restaurant, the website, and the call center,

More information

Redwood Merchant Services. Merchant Processing Terminology

Redwood Merchant Services. Merchant Processing Terminology ACH - Automated Clearing House for member banks to process electronic payments or withdrawals. (Credits or debits to a bank account) through the Federal Reserve Bank. Acquiring Bank - Licensed Visa/MasterCard

More information

Are You Ready For PCI v 3.0. Speaker: Corbin DelCarlo Institution: McGladrey LLP Date: October 6, 2014

Are You Ready For PCI v 3.0. Speaker: Corbin DelCarlo Institution: McGladrey LLP Date: October 6, 2014 Are You Ready For PCI v 3.0 Speaker: Corbin DelCarlo Institution: McGladrey LLP Date: October 6, 2014 Today s Presenter Corbin Del Carlo QSA, PA QSA Director, National Leader PCI Services Practice 847.413.6319

More information

CRM4M Accounting Set Up and Miscellaneous Accounting Guide Rev. 10/17/2008 rb

CRM4M Accounting Set Up and Miscellaneous Accounting Guide Rev. 10/17/2008 rb CRM4M Accounting Set Up and Miscellaneous Accounting Guide Rev. 10/17/2008 rb Topic Page Chart of Accounts 3 Creating a Batch Manually 8 Closing a Batch Manually 11 Cancellation Fees 17 Check Refunds 19

More information

PCI 3.1 Changes. Jon Bonham, CISA Coalfire System, Inc.

PCI 3.1 Changes. Jon Bonham, CISA Coalfire System, Inc. PCI 3.1 Changes Jon Bonham, CISA Coalfire System, Inc. Agenda Introduction of Coalfire What does this have to do with the business office Changes to version 3.1 EMV P2PE Questions and Answers Contact Information

More information

8/17/2010. Over 90% of all compromised merchants are PCI level 4 (small) merchants or merchants with less than 1 million transactions per year

8/17/2010. Over 90% of all compromised merchants are PCI level 4 (small) merchants or merchants with less than 1 million transactions per year Over 90% of all compromised merchants are PCI level 4 (small) merchants or merchants with less than 1 million transactions per year Over 80% of compromised systems were card present or in-person transactions

More information

Project Title slide Project: PCI. Are You At Risk?

Project Title slide Project: PCI. Are You At Risk? Blank slide Project Title slide Project: PCI Are You At Risk? Agenda Are You At Risk? Video What is the PCI SSC? Agenda What are the requirements of the PCI DSS? What Steps Can You Take? Available Services

More information

Revenue Security and Efficiency

Revenue Security and Efficiency Revenue Security and Efficiency Discussion with the Mid-Atlantic Oracle Applications Users Group CardConnect Solution Oracle EBS Validated Application Oracle EBS Validated Application Securing Payment

More information

Payment Card Industry (PCI) Data Security Standard. Attestation of Compliance for Self-Assessment Questionnaire C-VT. Version 2.0

Payment Card Industry (PCI) Data Security Standard. Attestation of Compliance for Self-Assessment Questionnaire C-VT. Version 2.0 Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Self-Assessment Questionnaire C-VT Version 2.0 October 2010 Attestation of Compliance, SAQ C-VT Instructions for Submission

More information

Heartland Secure. By: Michael English. A Heartland Payment Systems White Paper 2014. Executive Director, Product Development

Heartland Secure. By: Michael English. A Heartland Payment Systems White Paper 2014. Executive Director, Product Development A Heartland Payment Systems White Paper 2014 Heartland Secure. By: Michael English Executive Director, Product Development 2014 Heartland Payment Systems. All trademarks, service marks and trade names

More information

Tokenization Amplified XiIntercept. The ultimate PCI DSS cost & scope reduction mechanism

Tokenization Amplified XiIntercept. The ultimate PCI DSS cost & scope reduction mechanism Tokenization Amplified XiIntercept The ultimate PCI DSS cost & scope reduction mechanism Paymetric White Paper Tokenization Amplified XiIntercept 2 Table of Contents Executive Summary 3 PCI DSS 3 The PCI

More information

TREASURER S OFFICE ADMINISTRATIVE STANDARDS FOR THE TREASURER S FISCAL PROCEDURE No. 08-01 MERCHANT DEBIT AND CREDIT CARD RECEIPTS

TREASURER S OFFICE ADMINISTRATIVE STANDARDS FOR THE TREASURER S FISCAL PROCEDURE No. 08-01 MERCHANT DEBIT AND CREDIT CARD RECEIPTS TREASURER S OFFICE ADMINISTRATIVE STANDARDS FOR THE TREASURER S FISCAL PROCEDURE No. 08-01 MERCHANT DEBIT AND CREDIT CARD RECEIPTS 1. Introduction Debit and Credit Card Receipt Standards apply to the administration

More information

PCI Compliance 101: Payment Card. Your Presenter: 7/19/2011. Data Security Standards Compliance. Wednesday, July 20, 2011 2:00 pm 3:00 pm EDT

PCI Compliance 101: Payment Card. Your Presenter: 7/19/2011. Data Security Standards Compliance. Wednesday, July 20, 2011 2:00 pm 3:00 pm EDT PCI Compliance 101: Payment Card Industry Basics Data Security Standards Compliance Wednesday, July 20, 2011 2:00 pm 3:00 pm EDT This complimentary webinar is brought to you by ASAE-Endorsed Business Solutions

More information

Corbin Del Carlo Director, National Leader PCI Services. October 5, 2015

Corbin Del Carlo Director, National Leader PCI Services. October 5, 2015 PCI compliance: v3.1 Key Considerations Corbin Del Carlo Director, National Leader PCI Services October 5, 2015 Today s Presenter Corbin Del Carlo QSA, PA QSA Director, National Leader PCI Services Practice

More information

COLUMBUS STATE COMMUNITY COLLEGE POLICY AND PROCEDURES MANUAL

COLUMBUS STATE COMMUNITY COLLEGE POLICY AND PROCEDURES MANUAL PAYMENT CARD INDUSTRY COMPLIANCE (PCI) Effective June 1, 2011 Page 1 of 6 (1) Definitions a. Payment Card Industry Data Security Standards (PCI-DSS): A set of standards established by the Payment Card

More information

PCI DSS FAQ. The twelve requirements of the PCI DSS are defined as follows:

PCI DSS FAQ. The twelve requirements of the PCI DSS are defined as follows: What is PCI DSS? PCI DSS is an acronym for Payment Card Industry Data Security Standards. PCI DSS is a global initiative intent on securing credit and banking transactions by merchants & service providers

More information

ODPS/BMV RFP QUESTIONS AND ANSWERS. October 5, 2015

ODPS/BMV RFP QUESTIONS AND ANSWERS. October 5, 2015 ODPS/BMV RFP QUESTIONS AND ANSWERS October 5, 2015 1. We planned on submitting our response just through email. Do we also have to send the pricing on a CD? No, the pricing can be sent by email also. However,

More information

To ensure independence, PSC does not represent, resell or receive commissions from any third party hardware, software or solutions vendors.

To ensure independence, PSC does not represent, resell or receive commissions from any third party hardware, software or solutions vendors. About PSC With offices in the USA, Canada, UK and Australia, PSC is a leading PCI, PA DSS, and P2PE assessor, PCI Forensics Company and Approved Scanning Vendor. PSC is one of an elite few companies qualified

More information

Presented by: Sam Campisi, Business Relationship Manager, OECM Bruce Averill, Account Executive Sales, Chase Paymentech Kevin Brock, National Sales

Presented by: Sam Campisi, Business Relationship Manager, OECM Bruce Averill, Account Executive Sales, Chase Paymentech Kevin Brock, National Sales Presented by: Sam Campisi, Business Relationship Manager, OECM Bruce Averill, Account Executive Sales, Chase Paymentech Kevin Brock, National Sales Director Sales, Chase Paymentech Today you will learn

More information

Payment Card Industry Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA-DSS) Frequently Asked Questions

Payment Card Industry Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA-DSS) Frequently Asked Questions PCI/PA-DSS FAQs Payment Card Industry Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA-DSS) Frequently Asked Questions What is PCI DSS? The Payment Card Industry Data

More information

EMV and Chip Cards Key Information On What This Is, How It Works and What It Means

EMV and Chip Cards Key Information On What This Is, How It Works and What It Means EMV and Chip Cards Key Information On What This Is, How It Works and What It Means Document Purpose This document is intended to provide information about the concepts behind and the processes involved

More information

PCI DSS. CollectorSolutions, Incorporated

PCI DSS. CollectorSolutions, Incorporated PCI DSS Robert Cothran President CollectorSolutions www.collectorsolutions.com CollectorSolutions, Incorporated Founded as Florida C corporation in 1999 Approximately 235 clients in 35 states Targeted

More information

Save Money on Credit Card Processing. So how do you save money on credit card processing? It is a very simple process.

Save Money on Credit Card Processing. So how do you save money on credit card processing? It is a very simple process. My main responsibility as a Regional Account Manager for IMD is obtain the absolute lowest possible merchant fees for you as a business. Why? The more customers we can save money, the more volume of business

More information

SAN DIEGO STATE UNIVERSITY RESEARCH FOUNDATION CREDIT CARD PROCESSING & SECURITY POLICY MERCHANT SERVICES POLICIES & PROCEDURES

SAN DIEGO STATE UNIVERSITY RESEARCH FOUNDATION CREDIT CARD PROCESSING & SECURITY POLICY MERCHANT SERVICES POLICIES & PROCEDURES SAN DIEGO STATE UNIVERSITY RESEARCH FOUNDATION CREDIT CARD PROCESSING & SECURITY POLICY MERCHANT SERVICES POLICIES & PROCEDURES POLICY STATEMENT Introduction Some San Diego State University Research Foundation

More information

CREDIT CARD PROCESSING GLOSSARY OF TERMS

CREDIT CARD PROCESSING GLOSSARY OF TERMS CREDIT CARD PROCESSING GLOSSARY OF TERMS 3DES A highly secure encryption system that encrypts data 3 times, using 3 64-bit keys, for an overall encryption key length of 192 bits. Also called triple DES.

More information

Version 7.4 & higher is Critical for all Customers Processing Credit Cards!

Version 7.4 & higher is Critical for all Customers Processing Credit Cards! Version 7.4 & higher is Critical for all Customers Processing Credit Cards! Data Pro Accounting Software has met the latest credit card processing requirements with its release of Version 7.4 due to the

More information

WISCONSIN ACCOUNTING MANUAL Department of Administration State Controller s Office

WISCONSIN ACCOUNTING MANUAL Department of Administration State Controller s Office BACKGROUND State of Wisconsin agencies accepted more than 6 million credit/debit card payments annually through the following payment channels: Point of Sale (State agency location) Point of Sale (Retail-agent

More information

THE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP

THE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP THE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP WHERE IS THE U.S. PAYMENT CARD INDUSTRY NOW? WHERE IS IT GOING? Today, payment and identification cards of all types (credit

More information

5 TIPS TO PAY LESS FOR PCI COMPLIANCE

5 TIPS TO PAY LESS FOR PCI COMPLIANCE Ebook 5 TIPS TO PAY LESS FOR PCI COMPLIANCE SIMPLE STEPS TO REDUCE YOUR PCI SCOPE 2015 SecurityMetrics 5 TIPS TO PAY LESS FOR PCI COMPLIANCE 1 5 TIPS TO PAY LESS FOR PCI COMPLIANCE SIMPLE STEPS TO REDUCE

More information

CREDIT CARD MERCHANT POLICY. All campuses served by Louisiana State University (LSU) Office of Accounting Services

CREDIT CARD MERCHANT POLICY. All campuses served by Louisiana State University (LSU) Office of Accounting Services Louisiana State University Finance and Administrative Services Operating Procedure FASOP: AS-22 CREDIT CARD MERCHANT POLICY Scope: All campuses served by Louisiana State University (LSU) Office of Accounting

More information

Notice. PAYware PC, Version 1.0 White Paper for Merchants Updated 12/14/2007

Notice. PAYware PC, Version 1.0 White Paper for Merchants Updated 12/14/2007 Version 1.0 White Paper for Merchants Copyright 2007. VeriFone, Inc. All right reserved. Notice Copyright December 2007 VeriFone, Inc. All rights reserved. PAYware PC, PCCharge, IPCharge, and RiTA are

More information

What Merchants Need to Know About EMV

What Merchants Need to Know About EMV Effective November 1, 2014 1. What is EMV? EMV is the global standard for card present payment processing technology and it s coming to the U.S. EMV uses an embedded chip in the card that holds all the

More information

The Petroleum Marketer s PCI compliance Reference Guide

The Petroleum Marketer s PCI compliance Reference Guide The Petroleum Marketer s PCI compliance Reference Guide 1. Become familiar with the 12 standards of card data security: Build and maintain a secure network Requirement 1 Install and maintain a firewall

More information

ACFS PRODUCT FLYER MTFS

ACFS PRODUCT FLYER MTFS PRODUCT FLYER Mail Telephone Order Financial Systems is a fully-featured, modular software suite designed to support financial institutions and enterprises in the management and optimization of recurring

More information

It is important to note, the payment brands and acquirers are responsible for enforcing compliance, not the PCI council.

It is important to note, the payment brands and acquirers are responsible for enforcing compliance, not the PCI council. PCI FAQ And MYTHS FREQUENTLY ASKED QUESTIONS (FAQ): Q: What is PCI? A: The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process,

More information

EMV Delivery of Mobile, Parking and Unattended Payments. Elavon

EMV Delivery of Mobile, Parking and Unattended Payments. Elavon EMV Delivery of Mobile, Parking and Unattended Payments Elavon Elavon-At-A-Glance Elavon s primary business model is growth through partnerships; more than 1,500 Financial Institution partners serving

More information

The Value of a Payment Gateway. White Paper

The Value of a Payment Gateway. White Paper The Value of a Payment Gateway White Paper The Ever-Evolving Payment Landscape There s no way around it. No matter what size your business is or what industry you work in, if you accept credit cards, keeping

More information

Payment Gateway Solutions

Payment Gateway Solutions Payment Gateway Solutions The Fusion Factor: Building Next Generation Gateway Solutions Elavon, Southern DataComm (SDC), and Global Card Services (GCS) bring together more than 20 years of experience in

More information

CREDIT CARD PROCESSING POLICY AND PROCEDURES

CREDIT CARD PROCESSING POLICY AND PROCEDURES CREDIT CARD PROCESSING POLICY AND PROCEDURES Note: For purposes of this document, debit cards are treated the same as credit cards. Any reference to credit cards includes credit and debit card transactions.

More information

Benefits of Integrated Credit Card Processing Within Microsoft Dynamics GP. White Paper

Benefits of Integrated Credit Card Processing Within Microsoft Dynamics GP. White Paper Benefits of Integrated Credit Card Processing Within Microsoft Dynamics GP White Paper May 2011 Copyright Copyright 2011 k-ecommerce. All rights reserved. Complying with all applicable copyright laws is

More information

POS NEWS UPDATE 2011

POS NEWS UPDATE 2011 POS NEWS UPDATE 2011 In 2006, Visa International, MasterCard Worldwide, Discover Financial Services and JCB jointly announced the formation of an independent council designed to manage the ongoing evolution

More information

Visa Recommended Practices for EMV Chip Implementation in the U.S.

Visa Recommended Practices for EMV Chip Implementation in the U.S. CHIP ADVISORY #20, UPDATED JULY 11, 2012 Visa Recommended Practices for EMV Chip Implementation in the U.S. Summary As issuers, acquirers, merchants, processors and vendors plan and begin programs to adopt

More information

Getting Started. Quick Reference Guide for Payment Processing

Getting Started. Quick Reference Guide for Payment Processing Getting Started Quick Reference Guide for Payment Processing In today s competitive landscape, you have many choices when it comes to selecting your payments provider, and we appreciate your business.

More information

Payment Card Industry Data Security Standard (PCI DSS) Q & A November 6, 2008

Payment Card Industry Data Security Standard (PCI DSS) Q & A November 6, 2008 Payment Card Industry Data Security Standard (PCI DSS) Q & A November 6, 2008 What is the PCI DSS? And what do the acronyms CISP, SDP, DSOP and DISC stand for? The PCI DSS is a set of comprehensive requirements

More information

Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.0 February 2014 Section 1: Assessment Information Instructions for Submission

More information

Merchant User Manual PAYMENT GATEWAY

Merchant User Manual PAYMENT GATEWAY PAYMENT GATEWAY Document Version 1304301 Copyright 2013 epaymentamerica, Inc. All Rights Reserved Table of Contents Introduction... 4 Overview... 5 Ch 1: Beginning to Use EPA Gateway.. 6 Logon as a Merchant...6

More information

SECTION: SUBJECT: PCI-DSS General Guidelines and Procedures

SECTION: SUBJECT: PCI-DSS General Guidelines and Procedures 1. Introduction 1.1. Purpose and Background 1.2. Central Coordinator Contact 1.3. Payment Card Industry Data Security Standards (PCI-DSS) High Level Overview 2. PCI-DSS Guidelines - Division of Responsibilities

More information

Understanding the Role of Hardware Data Encryption in EMV and P2PE from the CEO s Perspective

Understanding the Role of Hardware Data Encryption in EMV and P2PE from the CEO s Perspective Understanding the Role of Hardware Data Encryption in EMV and P2PE from the CEO s Perspective Futurex. An Innovative Leader in Encryption Solutions. For over 30 years, more than 15,000 customers worldwide

More information

Configuring Keystroke with KeyPay

Configuring Keystroke with KeyPay Configuring Keystroke with KeyPay Please read the PA-DSS Implementation Guide for Keystroke POS from our website before proceeding. It is also installed in the \KEYSTROK\DOC subdirectory on your computer.

More information

EMV and Small Merchants:

EMV and Small Merchants: September 2014 EMV and Small Merchants: What you need to know Mike English Executive Director, Product Development Heartland Payment Systems 2014 Heartland Payment Systems, Inc. All trademarks, service

More information

ACFS PRODUCT FLYER. Its modular architecture allows a tailored integration, with a short time-to-market for different payment methods.

ACFS PRODUCT FLYER. Its modular architecture allows a tailored integration, with a short time-to-market for different payment methods. PRODUCT FLYER Internet Gateway Financial Systems is a modular software suite designed to support financial institutions and enterprises, providing a single interface for the optimized management of e-commerce

More information

ACFS PRODUCT FLYER. Its modular architecture allows a tailored integration, with a short time-to-market for different payment methods.

ACFS PRODUCT FLYER. Its modular architecture allows a tailored integration, with a short time-to-market for different payment methods. PRODUCT FLYER Internet Gateway Financial Systems is a modular software suite designed to support financial institutions and enterprises, providing a single interface for the optimized management of e-commerce

More information

E2EE and PCI Compliancy. Martin Holloway VSP Sales Director VeriFone NEMEA

E2EE and PCI Compliancy. Martin Holloway VSP Sales Director VeriFone NEMEA E2EE and PCI Compliancy Martin Holloway VSP Sales Director VeriFone NEMEA Security Breaches In The News 2 Security Breaches In The News 3 Security Breaches In The News 4 Security Breaches In The News 5

More information

TSYS Tokenization and Card Processing

TSYS Tokenization and Card Processing TSYS Tokenization and Card Processing Updated: 5/23/16 Build 7.0.4626 1 This page Intentionally Left Blank 2 Overview... 4 Terminal Requirements... 4 Tsys Contact Information... 4 PCI Compliance... 4 Trustwave

More information

Practically Thinking: What Small Merchants Should Know about EMV

Practically Thinking: What Small Merchants Should Know about EMV Practically Thinking: What Small Merchants Should Know about EMV 1 Practically Thinking: What Small Merchants Should Know About EMV Overview Savvy business owners know that payments are about more than

More information

ACFS PRODUCT FLYER. Its modular architecture allows a tailored integration, with a short time-to-market for different information systems.

ACFS PRODUCT FLYER. Its modular architecture allows a tailored integration, with a short time-to-market for different information systems. PRODUCT FLYER General Routing Financial System is modular software suite designed to support enterprises providing a MOTO Gateway (Mail Order Telephone Order), complete with tokenization, multi-acquiring

More information

University of Virginia Credit Card Requirements

University of Virginia Credit Card Requirements University of Virginia Credit Card Requirements The University of Virginia recognizes that e-commerce is critical for the efficient operation of the University, and in particular for collecting revenue.

More information

End to End Encryption, Tokenization & EMV in the U.S. Vendor Analysis of Emerging Technologies and Best Hybrid Solutions

End to End Encryption, Tokenization & EMV in the U.S. Vendor Analysis of Emerging Technologies and Best Hybrid Solutions Brochure More information from http://www.researchandmarkets.com/reports/1206263/ End to End Encryption, Tokenization & EMV in the U.S. Vendor Analysis of Emerging Technologies and Best Hybrid Solutions

More information

Universal Transaction Gateway (UTG ), 4Go, and i4go are covered by

Universal Transaction Gateway (UTG ), 4Go, and i4go are covered by Universal Transaction Gateway (UTG ), 4Go, and i4go are covered by Universal Transaction one or Gateway more of (UTG ), the 4Go, following and i4go U.S. are covered Pat. by Nos.: one or more 7770789, of

More information

Frequently Asked Questions

Frequently Asked Questions PCI Compliance Frequently Asked Questions Table of Content GENERAL INFORMATION... 2 PAYMENT CARD INDUSTRY DATA SECURITY STANDARD (PCI DSS)...2 Are all merchants and service providers required to comply

More information

Secure Payments Solution

Secure Payments Solution PAR Springer-Miller Systems Secure Payments Solution Solution Overview PAR Springer-Miller Systems has partnered with industry leaders Shift4 and Global Payments to introduce a unique end-to-end payment

More information

Payment Cardholder Data Handling Procedures (required to accept any credit card payments)

Payment Cardholder Data Handling Procedures (required to accept any credit card payments) Payment Cardholder Data Handling Procedures (required to accept any credit card payments) Introduction: The Procedures that follow will allow the University to be in compliance with the Payment Card Industry

More information

POLICY & PROCEDURE DOCUMENT NUMBER: 3.3101. DIVISION: Finance & Administration. TITLE: Policy & Procedures for Credit Card Merchants

POLICY & PROCEDURE DOCUMENT NUMBER: 3.3101. DIVISION: Finance & Administration. TITLE: Policy & Procedures for Credit Card Merchants POLICY & PROCEDURE DOCUMENT NUMBER: 3.3101 DIVISION: Finance & Administration TITLE: Policy & Procedures for Credit Card Merchants DATE: October 24, 2011 Authorized by: K. Ann Mead, VP for Finance & Administration

More information

This policy applies to all GPC units that process, transmit, or handle cardholder information in a physical or electronic format.

This policy applies to all GPC units that process, transmit, or handle cardholder information in a physical or electronic format. Policy Number: 339 Policy Title: Credit Card Processing Policy, Procedure, & Standards Review Date: 07-23-15 Approval Date: 07-27-15 POLICY: All individuals involved in handling credit and debit card transactions

More information

NCR CONNECTED PAYMENTS

NCR CONNECTED PAYMENTS NCR CONNECTED PAYMENTS For more information visit ncr.com or contact us at retail@ncr.com A winning combination of payment security and payment innovation Evolving payment industry regulations and the

More information

VeriFone VeriShield Total Protect Technical Assessment White Paper

VeriFone VeriShield Total Protect Technical Assessment White Paper VeriFone VeriShield Total Protect Technical Assessment White Paper Prepared for: September 4 th, 2013 Dan Fritsche, CISSP, QSA (P2PE), PA-QSA (P2PE) dfritsche@coalfiresystems.com Table of Contents EXECUTIVE

More information

How Secure is Your Payment Card Data?

How Secure is Your Payment Card Data? How Secure is Your Payment Card Data? Complying with PCI DSS SLIDE 1 PRESENTERS Francis Tam, CPA, CISA, CISM, CITP, CRISC, PCI QSA Managing Director, IT Security Practice PCI Practice Leader Francis has

More information

PCI Point To Point Encryption (P2PE) An Overview

PCI Point To Point Encryption (P2PE) An Overview PCI Point To Point Encryption (P2PE) An Overview Moderator Name: Erik Winkler Panelists Names: Sonjay Shepherd HiTouch Business Services, Adam Sommer MasterCard Definition of consists of cardholder data

More information

Failure to follow the following procedures may subject the state to significant losses, including:

Failure to follow the following procedures may subject the state to significant losses, including: SUBJECT: Policy and Procedures PAGE: 1 of 5 INTRODUCTION During fiscal year 2014, State of Wisconsin agencies accepted approximately 6 million credit/debit card payments through the following payment channels:

More information

Section 3.9 PCI DSS Information Security Policy Issued: June 2016 Replaces: January 2015

Section 3.9 PCI DSS Information Security Policy Issued: June 2016 Replaces: January 2015 Section 3.9 PCI DSS Information Security Policy Issued: June 2016 Replaces: January 2015 I. PURPOSE The purpose of this policy is to establish guidelines for processing charges on Payment Cards to protect

More information

Solutions For Higher Education: Reducing Compliance Scope Across Campus With PCI Validated P2PE

Solutions For Higher Education: Reducing Compliance Scope Across Campus With PCI Validated P2PE Solutions For Higher Education: Reducing Compliance Scope Across Campus With PCI Validated P2PE Complete Campus Coverage With the complexity of a college campus ecosystem as varied as the development office

More information

Enterprise Payments for

Enterprise Payments for Enterprise Payments for Table of Contents I. Introducing CardConnect II. III. IV. Gartner Tokenization Reporting Featuring CardConnect PCI Compliance, EMV & True Payment Security CardConnect for SAP V.

More information

MARYLAND STATE TREASURER S OFFICE Louis L. Goldstein Treasury Building 80 Calvert Street, Room 109 Annapolis, Maryland 21401

MARYLAND STATE TREASURER S OFFICE Louis L. Goldstein Treasury Building 80 Calvert Street, Room 109 Annapolis, Maryland 21401 MARYLAND STATE TREASURER S OFFICE Louis L. Goldstein Treasury Building 80 Calvert Street, Room 109 Annapolis, Maryland 21401 QUESTIONS AND ANSWERS FOR REQUEST FOR PROPOSALS FOR MERCHANT SERVICES RFP #MCARD-07292015

More information

Secure Card Reader Authenticators

Secure Card Reader Authenticators Secure Card Reader Authenticators When it comes to card reading security and reliability Merchants, retailers and financial institutions rely on MagTek. Secure card reader authenticators (SCRAs) capture

More information

Spotlight on Product & Service: Worldpay - End-to-End Payments Secure Platform at Most Cost-Effective Rates. Accept payments. Anywhere. Anytime.

Spotlight on Product & Service: Worldpay - End-to-End Payments Secure Platform at Most Cost-Effective Rates. Accept payments. Anywhere. Anytime. Newsletter Vol. 87 - Introduction Softengine News is dedicated to keeping you up to date with the latest information regarding SAP Business One systems, Softengine solutions and Best Business Practices.

More information

05.118 Credit Card Acceptance Policy. Vice Chancellor of Business Affairs. History: Effective July 1, 2011 Updated February 2013

05.118 Credit Card Acceptance Policy. Vice Chancellor of Business Affairs. History: Effective July 1, 2011 Updated February 2013 05.118 Credit Card Acceptance Policy Authority: Vice Chancellor of Business Affairs History: Effective July 1, 2011 Updated February 2013 Source of Authority: Office of State Controller (OSC); Office of

More information

JCharge White Paper. Merchant, Acquirer, Bank, Authorization Network

JCharge White Paper. Merchant, Acquirer, Bank, Authorization Network JCharge White Paper A company using an IBM iseries (AS/400) has several methods from which to choose in taking credit card payments. Whether the payments are for retail, mail order, phone order, or Internet

More information

Data Strategies, Inc.

Data Strategies, Inc. Debit and Credit Cards Save Time by Accepting Debit and Credit Cards with MDsuite! How it works: 1. Click the Credit Card button available in Quick Pay and Post Patient Payments. 2. Swipe the debit/credit

More information

Secure Payments Framework Workgroup

Secure Payments Framework Workgroup Secure Payments Framework Workgroup EMV for the US Hospitality Industry Version 1.0 About HTNG Hotel Technology Next Generation (HTNG) is a non-profit association with a mission to foster, through collaboration

More information