Security Case Study. Experience from Europe s most mature market. Retailers choose Point for increased security
|
|
- Ariel Roberts
- 8 years ago
- Views:
Transcription
1 Security Case Study Retailers choose Point for increased security Experience from Europe s most mature market Meet the company with 800 security staff
2 Security is what Point is all about With its clear ambition to always be at the forefront of innovative and forward-looking technology, Point has established itself as a market leader in the field of security for electronic payments. Large-scale investment in new technology and new solutions is regularly made both front of house and behind the scenes. By taking a structured approach to staff, products and systems, the company has succeeded in establishing a level which guarantees that Point s customers will always have access to the most secure and easyto-use payment solutions on the market. Point was founded in 1987 and from the very beginning has assumed the role of innovator and trend-setter for the rest of the market. Represented in 11 countries, Point is today the leading supplier of electronic payment solutions in Europe. Its focus is on payment services for both small shops and multinational retail chains that require multi-channel payment capabilities and an extensive payment capacity. Outside the retail sector, Point s customers include hotels, restaurants, transportation and e-commerce sites, as well as companies that primarily provides business-tobusiness services. Point is a VeriFone company since January Point always stays one step ahead Despite the constantly increasing cyber threat, Point s data system is one of the most secure on the market today. The company regularly implements new measures to protect against hacking, fraud and various types of misuse. Dimitri Binazzi is the Chief Security Officer at Point and since its foundation in 1987 has been responsible for the company s work on security issues. He confirms that the challenges have altered significantly in recent years. Dimitri Binazzi, Chief Security Officer, Point Just a few years ago, criminals would rob a bank or shop to quickly obtain large sums of money by force. Today, through data hacking and fraud, they obtain smaller sums over a longer period. It s not as quick, but is much more lucrative. And criminals get more and more advanced every day. It is our job here to always stay one step ahead. Extensive efforts are made to ensure that data systems, products and staff are able to handle the risks and threats that are encountered. One of our challenges is to be able to offer our customers a high level of service while at the same time the security of the systems must be faultless, says Dimitri Binazzi. In recent years, we have seen an increase in hacking of various systems around the world, which is something we must try to prevent, even if today s hackers and intruders are incredibly sophisticated. In the unlikely event that they gain access, the aim must be to ensure that their presence is identified and that steps are taken immediately to prevent any negative consequences. Increased protection for Card holder data (CHD) Two examples of the investments made in recent years are the cooperation with the two security companies Tripwire and Verisec. The cooperation with Tripwire was initiated when Point was able to ascertain that far too many organisations are struggling with a serious lack of information about the attacks taking place on their network. It was therefore important to implement tools that are able to prevent and detect unauthorised changes and provide an immediate warning when there is any unexpected activity. Point has now replaced its previous solution with Tripwire Enterprise in order to be able to protect customer information relating to credit cards, for example. The solution covers both card payments and e-commerce. There is of course a difference in security issues for payments at card terminals and the payment procedures for e-commerce, says Dimitri Binazzi. Here we are suddenly exposing CHD to risk in a different way than before. With the help of Tripwire Enterprise, however, we are able to introduce additional checks on systems and people, which is something that gives us a good overview of the changes made in the systems, both authorised and unauthorised, in order to minimise the risk of fraud. Chiave a secure key management system In order to further increase the security of the systems, Point has joined forces with Verisec to develop the Chiave system, which monitors the processes controlling the generation, storage and distribution of cryptographic keys. These keys are used to safeguard the identity of credit card holders, ensure the authority of ATMs and POS terminals and protect the information sent over the payment network, among other things. A secure key management system is vital in creating confidence in electronic payments and the system we have now developed sets a new standard in terms of meeting the security requirements of the industry. Chiave replaces manual processes with automatic ones, which reduces both the risk of human error and the risk of interruptions in the payment network, concludes Dimitri Binazzi. 2
3 Finland s leading retailer chooses Point for increased security Point s innovative capability, combined with extensive investment in security, means that it is constantly gaining new customers. One example was when Finland s leading retailer, the Kesko Group, signed a cooperation agreement with Point in Kesko currently has a total of around 2,000 stores in Finland, Sweden, Norway, Estonia, Latvia, Lithuania, Russia and Belarus. The company sells groceries, building materials and home furnishings, as well as vehicle and home electronics. Benjamin von Nandelstadh, Senior Manager, Infrastructure Services at Kesko. A major challenge for the chain came in 2009 when the requirement to comply with the Payment Card Industry Data Security Standard was raised. At the time, Kesko had several different point of sales systems in its chains and the solution it had been using was not PCI-compliant. Like many other Finnish retailers, Kesko also had payment terminals integrated directly in the point of sale. This made it difficult to update the systems quickly and easily. So Kesko went looking for a supplier that could deliver a PCI-compliant payment solution. A strategic decision was then taken to also look for a solution that could be delivered as a service. After surveying the market, the company identified Point as one of the few suppliers that could deliver what they wanted. Payment as a service with superior service package Keskos arguments for choosing Point was based on the fact that Point were considered to be fast and reliable, delivering a user friendly solution. On top of this they had the right service based offering. When we went through the possible suppliers, we found out that Point was one of the few that was able to deliver payment as a service, explains Benjamin von Nandelstadh, Senior Manager, Infrastructure Services at Kesko. Point had a ready-made solution and was one step ahead of its competition in this respect. The rollout began in autumn 2010 and one year later Point s solution was in all of 3
4 the Kesko Group s Finnish stores. In one year, over 5,000 payment terminals was taken into use. The solution comprises payment terminals and a service package, which among other things includes customer support, replacement service and a reporting system. The reporting system provides each retailer with precise statistics on the sales and transactions in their stores. One advantage is that the reporting system is able to follow our corporate structure. Many of our stores are owned by private retailers, which means that we have to be able to get reports at several different levels, continues Benjamin von Nandelstadh. With this new solution, we are able to provide the retailers with precisely the figures they want, broken down to their store level, while at the same time we are able to provide the more central functions with their summary reports. Another major financial advantage is when we negotiate acquirer agreements, as we are able to get a better price for acquirer services with this new centralized solution. Finally, we can confirm that the new payment solution is safe, easy to use and has gotten a lot of positive feedback from our customers as well as our retailers. The next step for Kesko is to implement the new solution in Kesko s other countries. The aim is to complete the rollout during 2012 so that a PCI-compliant solution can be established in all countries by the end of the year and overall security can be increased at Finland s, and one of the Nordic regions, leading retailers. Payment Card Industry Data Security Standard (PCI DSS) is a data security standard that stipulates how card numbers are handled. This security standard has been developed by American Express, Visa International, MasterCard Worldwide, Discover and JCB International. The purpose of the standard is to ensure that everyone who processes, transports, stores or otherwise handles card information does so in such a way as to prevent unauthorised access to the information. The standard consists of 12 general requirements. Among other things, it specifies how a secure network should be constructed and maintained, how card information should be sent and stored and what security procedures a company should have in place. The leading service centre on the market Alongside central payment gateways and IT systems, products are also a priority area for Point s security work. While the company has seen significant growth, there has also been increased demand for better service and repair of payment card terminals. The equipment suffers wear and requires regular repair or other maintenance. Up to now, each country in the Point Group has managed this individually, but now the Group is taking overall control in order to increase the quality of its services. The requirements from payment card companies for secure processing have increased in recent years and will in all likelihood continue to do so in the future. In order to meet these requirements, Point will centralise its service and repair centres in Sweden, as the Swedish service centre has for a long time been the most advanced in the Group. The service centre has developed a well-structured security process based on many years of experience and on the in-depth knowledge the company has of processes, product security, tools, environments and people. The service and repair centre s processes are also designed and structured in accordance with the latest security standards on the market: PCI DSS, PTS, VISA PIN and NIST. The Swedish service centre also trains all technical staff according to above standards. By making these changes, Point will establish the leading service centre on the market, in terms of performing maintenance work in accordance with the most stringent security requirements. The Point Group s service centre Staff with high level of expertise and payment industry compliance. Processes designed and structured according to security standards such as PCI DSS, PTS, VISA PIN and NIST. Market-leading service organisation with services that meet the most stringent requirements on industrial security from the payment sector. 4
5 Experience from Europe s most mature market A company with 800 security staff Point currently has a presence in 11 European countries and is always scanning the market on the lookout for new experiences and skills in the field of security. With over 20 years experience and several major acquisitions behind it, the Group also has access to an extensive range of skills internally. In 2009, the Group acquired UK payment service provider Commidea, bringing experience from perhaps Europe s most modern market. More recently in January 2012, Point was acquired by VerirFone Systems Inc, the global leader in secure payment electronic solutions. We have been using payment cards in Britain since the 1970s and we began using the new EMV standard, which today is in widespread use, a couple of years before our northern European friends, says Paul Holliday, Head of Marketing, VeriFone UK & Ireland. As one of the UK s most experienced companies on the market for electronic payments, we have been able to follow the development of security systems right up to the present day. This, together with the other skills in the VeriFone group of companies, has given us the opportunity to stay one step ahead of our competitors in developing payment solutions of tomorrow. Handles 80 per cent of the UK s contactless payments In 2007, the company was the first UK supplier to offer an integrated contactless payment solution based on NFC technology. The advantage over the competition in this area has been maintained and in 2010, the company processed over 80 per cent of the UK s contactless payments. As a result, the company is currently considered to be the UK s leading supplier of contactless payment solutions. Further evidence of the company s drive came in 2009, with the launch of Ocius Sentinel, the UK s first PCI-compliant point-to-point encryption payment solution. Security has always been the top priority for us, says Paul Holliday, and it is something we have worked on in a number of different ways. One of the more central of these has been security work to help our customers attain and maintain PCI DSS. Security solutions are an integrated part of our range and we can see that customers actively look for these elements when considering payment solution suppliers. EMV (also called Chip & PIN) is an umbrella name for a payment and credit card standard that involves payment and credit cards being equipped with a data chip, among other things to prevent copying ( skimming ). Having secure IT systems and good product handling is not the only thing required in order to deliver secure payments. As technology has developed, criminals have found new ways in. One area that has grown in recent years is the threat linked to Social Engineering. This is not about deceiving IT systems but about tricking users into giving out their password and codes, for example. This is a relatively big problem in Europe, but there have been no major documented cases in Sweden. As a preventive measure, and in order to minimise the risk of this and other threats, Point has trained more than 800 people in the Group s 11 countries. The training aims to create broad expertise in the field of security and therefore covers everything from handling card data and classified information to how to act on the telephone and towards visitors. Training is tailored and adapted for the company s various departments. The training package has also been translated into seven different languages in order to ensure that none of the details are misunderstood. After completing training, staff undergoes a test. If they pass, they are awarded a security certificate and if they fail they must undergo further training before being tested again. Near Field Communication (NFC) is a communication standard for the contactless exchange of data across short distances (typically around 10 cm). This technology aims to create a secure, intuitive and simple communication channel between various electronic devices. For example, you do not need to insert and remove your payment card in a payment card terminal. You just need to hold the card close to the terminal. 5
6
IS YOUR CUSTOMERS PAYMENT DATA REALLY THAT SAFE? A Chase Paymentech Paper
IS YOUR CUSTOMERS PAYMENT DATA REALLY THAT SAFE? A Chase Paymentech Paper A data breach has the potential to cost retailers millions in lost customers and sales. In this paper we discuss a number of possible
More informationRetail Business Technology Expo 2011
Retail Business Technology Expo 2011 Press Pack Stand # 212 March 16-17, 2011 For further information please contact: Clare Cockroft PR Manager Tel: +44 (0)114 292 6416 ccockroft@tnsi.com ANNOUNCES PLANS
More informationWe make cards and payments work for people as a part of everyday life. We bring information to life
We make cards and payments work for people as a part of everyday life We bring information to life 2 EVRY is a leading IT company in the Nordic region. Through advice, technology and solutions, EVRY brings
More informationMerchants & PCI DSS Obse b r se vat va io i n o s n f s rom o a a P a P ym a en e t n Gat a ew e a w y a pe p r e spe sp ct e ive i
Merchants & PCI DSS Observations from a Payment Gateway perspective It has the words DON'T PANIC inscribed in large friendly letters on its cover Who are you?? 17 years in the Irish & European Acquiring
More informationPAYMENTS AS A SERVICE. Fully managed multi-channel card acceptance for all business environments. www.verifone.co.uk
PAYMENTS AS A SERVICE Fully managed multi-channel card acceptance for all business environments www.verifone.co.uk Whether small or large, PAYware Ocius s multi-channel flexibility can transform your s
More informationStatement of Stephen W. Orfei General Manager PCI Security Standards Council
Statement of Stephen W. Orfei General Manager PCI Security Standards Council Before the Committee on Financial Services, United States House of Representatives Protecting Consumers: Financial Data Security
More informationPCI DSS: An Evolving Standard
White Paper PCI DSS: An Evolving Standard PCI 3.0 and 3.1 Key Requirements Explained 2015 SecurityMetrics PCI DSS: An Evolving Standard 2 PCI DSS An Evolving Standard The Payment Card Industry Data Security
More informationCASHING UP ON PROGRESS: CUSTOMERS DEMAND NEW WAYS TO PAY
CASHING UP ON PROGRESS: CUSTOMERS DEMAND NEW WAYS TO PAY globalpaymentsinc.co.uk Page 2 3 FOREWORD The retail world is changing rapidly and those retailers who use modern payment technology across all
More informationSage 100 ERP I White Paper. Payment Processing Trends, Tips, and Tricks: What You Need to Know
Sage 100 ERP I White Paper What You Need to Know Over the past few years, credit and debit card acceptance has come on the scene as a required payment option. Similarly, the number of customers using credit
More informationProtecting Cardholder Data Throughout Your Enterprise While Reducing the Costs of PCI Compliance
Payment Security White Paper Protecting Cardholder Data Throughout Your Enterprise While Reducing the Costs of PCI Compliance Breaches happen across all industries as thieves look for vulnerabilities.
More informationPCI Security Standards Council
PCI Security Standards Council Jeremy King, European Director 2013 Why PCI Matters Applying PCI How You Can Participate Agenda 2 Why PCI Matters Applying PCI How You Can Participate Agenda About the PCI
More informationNewtek, The Small Business Authority 855-2thesba www.thesba.com. thesba.com 855-2thesba
thesba.com 855-2thesba EMV Chip Technology, Secure Electronic Payments The world of payments is evolving. We are starting to see an evolution from typical static magnetic strip cards to more intelligent
More informationWhite Paper: Are there Payment Threats Lurking in Your Hospital?
White Paper: Are there Payment Threats Lurking in Your Hospital? With all the recent high profile stories about data breaches, payment security is a hot topic in healthcare today. There s been a steep
More informationWHITEPAPER PAYMENTS AS A SERVICE HOW MANAGED PAYMENT SERVICES WORK FOR MERCHANTS
PAYMENTS AS A SERVICE HOW MANAGED PAYMENT SERVICES WORK FOR MERCHANTS Unified and integrated payments as a service solutions are the future of payments helping merchants build a cohesive omni-channel strategy
More informationCOMMERCIAL CARDS BNP PARIBAS
COMMERCIAL CARDS BNP PARIBAS Corporate Needs Do you want to monitor your employee s T&E expenses, or streamline the process for your recurring purchases? "As the Chief Procurement Officer of my company,
More informationACQUIRER OR ACQUIRING BANK A financial institution (often a bank) where a merchant has an account to process transactions and card payments
A TO Z JARGON BUSTER A ACQUIRER OR ACQUIRING BANK A financial institution (often a bank) where a merchant has an account to process transactions and card payments ATM Automated Teller Machine. Unattended,
More informationA Brand New Checkout Experience
A Brand New Checkout Experience EMV Transformation EMV technology is transforming the U.S. payment industry, bringing a whole new experience to the checkout counter. Introduction What is EMV? It s 3 small
More informationA Brand New Checkout Experience
A Brand New Checkout Experience EMV Transformation EMV technology is transforming the U.S. payment industry, bringing a whole new experience to the checkout counter. Introduction What is EMV? It s 3 small
More informationKeep money moving. A guide to payment services from Sage Pay. www.sagepay.com
Keep money moving A guide to payment services from Sage Pay www.sagepay.com The lifeblood of business Making it safe and easy for your customers to pay you is essential payment channels aren t just a part
More informationEnabling European E-commerce
Enabling European E-commerce Across Europe e-commerce is being fuelled by widescale availability of computing hardware, low cost broadband and advances in smartphone technology. As well as transforming
More informationHow To Protect Your Credit Card Information From Being Stolen
Visa Account Information Security Tool Kit Welcome to the Visa Account Information Security Program 2 Contents 1. Securing cardholder data is everyone s concern 4 2. Visa Account Information Security (AIS)
More informationMASTERCARD PAYMENT GATEWAY SERVICES
MASTERCARD PAYMENT GATEWAY SERVICES OVERVIEW MAKING PAYMENTS SAFE, SIMPLE & SMART What are MasterCard Payment Gateway Services? Our Solutions Making payments safe, simple & smart for your customers, for
More informationSage ERP MAS I White Paper. Payment Processing Trends, Tips, and Tricks: What You Need to Know
I White Paper What You Need to Know Over the past few years, credit and debit card acceptance has come on the scene as a required payment option. Similarly, the number of customers using credit and debit
More informationHow To Comply With The New Credit Card Chip And Pin Card Standards
My main responsibility as a Regional Account Manager for IMD is obtain the absolute lowest possible merchant fees for you as a business. Why? The more customers we can save money, the more volume of business
More informationPayments Gateways Opportunities for Acquirers
Payments Gateways Opportunities for Acquirers Peter Jones November 2011 Europe s acquiring market place has never been more competitive. All players are chasing revenues and volumes with the expectation
More informationHow To Comply With The Pci Ds.S.A.S
PCI Compliance and the Data Security Standards Introduction The PCI DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of
More informationHow To Protect Your Restaurant From A Data Security Breach
NAVIGATING THE PAYMENTS AND SECURITY LANDSCAPE Payment disruptions impacting restaurant owners today An NCR Hospitality white paper Almost every month we hear a news story about another data breach that
More informationPAYWARE MERCHANT MANAGED SERVICE
PAYWARE MERCHANT MANAGED SERVICE PAYware MerchanT Managed Service We focus on payments, so you can drive sales Whether you re selling goods or services, managing your own internal high volume payments
More informationPCI DSS COMPLIANCE DATA
PCI DSS COMPLIANCE DATA AND PROTECTION EagleHeaps FROM CONTENTS Overview... 2 The Basics of PCI DSS... 2 PCI DSS Compliance... 4 The Solution Provider Role (and Accountability).... 4 Concerns and Opportunities
More informationHow To Protect Visa Account Information
Account Information Security Merchant Guide At Visa, protecting our cardholders is at the core of everything we do. One of the many reasons people trust our brand is that we make buying and selling safer
More informationEMV and Small Merchants:
September 2014 EMV and Small Merchants: What you need to know Mike English Executive Director, Product Development Heartland Payment Systems 2014 Heartland Payment Systems, Inc. All trademarks, service
More informationwelcome to liber8:payment
liber8:payment welcome to liber8:payment Our self-service kiosks free up staff time and improve the overall patron experience. liber8:payment further enhances these benefits by providing the convenience
More informationMERCHANT NEWS. This Edition of Merchant News NOW INCLUDING RETAIL SPECIFIC NEWS. Our Name is Changing. Fraud Prevention. Card Scheme Compliance
AUTUMN 2012 EDITION MERCHANT NEWS Keeping you in the know Important Information - Please keep in a safe place This Edition of Merchant News Our Name is Changing Fraud Prevention Card Scheme Compliance
More informationSpotlight on Product & Service: Worldpay - End-to-End Payments Secure Platform at Most Cost-Effective Rates. Accept payments. Anywhere. Anytime.
Newsletter Vol. 87 - Introduction Softengine News is dedicated to keeping you up to date with the latest information regarding SAP Business One systems, Softengine solutions and Best Business Practices.
More informationCyber Security - What Would a Breach Really Mean for your Business?
Cyber Security - What Would a Breach Really Mean for your Business? August 2014 v1.0 As the internet has become increasingly important across every aspect of business, the risks posed by breaches to cyber
More informationOpenEdge Research & Development Group April 2015
2015: Security, Merchant Readiness & the Coming Liability Shift OpenEdge Research & Development Group April 2015 solutions@openedgepay.com openedgepay.com 2015: Security, Merchant Table of Contents The
More informationMerchant guide to PCI DSS
Merchant guide to PCI DSS Contents What is PCI DSS and why was it introduced?... 3 Who needs to become PCI DSS compliant?... 3 BOIPA Simple PCI DSS - 3 step approach to helping businesses... 3 What does
More informationAre You Ready For PCI v 3.0. Speaker: Corbin DelCarlo Institution: McGladrey LLP Date: October 6, 2014
Are You Ready For PCI v 3.0 Speaker: Corbin DelCarlo Institution: McGladrey LLP Date: October 6, 2014 Today s Presenter Corbin Del Carlo QSA, PA QSA Director, National Leader PCI Services Practice 847.413.6319
More informationOmnichannel Payments
Omnichannel Payments The Connected Consumer The way consumers buy goods and services is changing profoundly We now exist in a truly global, connected and digital world. A world of choice that lets us purchase
More informationsafe and sound processing online card payments securely
safe and sound processing online card payments securely Executive summary The following information and guidance is intended to provide key payment security advice to new or existing merchants who trade
More informationEuronet Software Solutions ATM Management System Maintain and Expand Your Automated Service Offerings with a Secure, Flexible and Powerful Solution
Secure Financial Transactions Any Time, Any Place Euronet Software Solutions ATM Management System Maintain and Expand Your Automated Service Offerings with a Secure, Flexible and Powerful Solution Serving
More informationEMV and Restaurants What you need to know! November 19, 2014
EMV and Restaurants What you need to know! Mike English Executive Director of Product Development Kristi Kuehn Sr. Director, Compliance November 9, 204 Agenda EMV overview Timelines Chip Card Liability
More informationPCI DSS Investing wisely...
PCI DSS Investing wisely... Hotel webinar Neira Jones Head of Payment Security Barclaycard Global Payment Acceptance 25 th July 2011 Leading the way in secure payments global payment acceptance Hotel Security
More informationMobile Near-Field Communications (NFC) Payments
Mobile Near-Field Communications (NFC) Payments OCTOBER 2013 GENERAL INFORMATION American Express continues to develop its infrastructure and capabilities to support growing market interest in mobile payments
More informationPCI DSS 101 FOR CTOs AND BUSINESS EXECUTIVES
PCI DSS 101 FOR CTOs AND BUSINESS EXECUTIVES CUTTING THROUGH THE COMPLEXITY AND CONFUSION Over the years, South African retailers have come under increased pressure to gain PCI DSS (Payment Card Industry
More informationInformation for merchants. Program implementation details for merchants. Payment Card Industry Data Security Standard (PCI DSS)
Postbank P.O.S. Transact GmbH (now EVO Kartenakzeptanz GmbH) has recently been purchased by EVO Payments International Group Program implementation details for merchants Payment Card Industry Data Security
More informationWHITE PAPER. PCI Basics: What it Takes to Be Compliant
WHITE PAPER PCI Basics: What it Takes to Be Compliant Introduction A long-running worldwide advertising campaign by Visa states that the card is accepted everywhere you want to be. Unfortunately, and through
More informationCYBER STREETWISE. Open for Business
CYBER STREETWISE Open for Business As digital technologies transform the way we live and work, they also change the way that business is being done. There are massive opportunities for businesses that
More informationglobal leader in seamless payment
global leader in seamless payment ingenico group / welcome ingenico group / discover the global leader in seamless payment ingenico group / empowering in-store, online and mobile commerce Philippe Lazare
More informationAmerican Express Contactless Payments
PRODUCT CAPABILITY GUIDE American Express Contactless Payments American Express Contactless Payments Help Enable Increased Convenience For Card Members At The Point Of Sale American Express contactless
More informationPCI and EMV Compliance Checkup
PCI and EMV Compliance Checkup ATM Security Jim Pettitt Director, ATM Security Diebold Incorporated Agenda ATM threats today Top of mind risk PCI Impact on Security U.S. EMV Migration Conclusions / recommendations
More informationSecurityMetrics Introduction to PCI Compliance
SecurityMetrics Introduction to PCI Compliance Card Data Compromise What is a card data compromise? A card data compromise occurs when payment card information is stolen from a merchant. Some examples
More informationPayment Card Industry Data Security Standard PCI DSS
Payment Card Industry Data Security Standard PCI DSS What is PCI DSS? Requirements developed by the five card brands: VISA, Mastercard, AMEX, JCB and Discover. Their aim was to put together a common set
More informationE-Commerce SOLUTIONS. Generate Online Revenue with E-Commerce Solutions. www.monexgroup.com
E-Commerce SOLUTIONS In this report, MONEXgroup examines various types of online payment processing and E-Commerce Solutions. The tremendous transition towards online shopping stores in Canada has opened
More informationHealthcare Payment Security Is Your Patient s Card Data Exposed? May 24, 2016
Healthcare Payment Security Is Your Patient s Card Data Exposed? May 24, 2016 PRESENTER BIOS Michael Fidler Vice President Elavon Healthcare Payment Solutions Michael D. Fidler is Vice President, Healthcare
More informationA Guide to Contactless Cards
A Guide to Contactless Cards 1 Guide to Contactless Cards Ever since they were first introduced to the UK market over 50 years ago, credit cards have been in a constant state of evolution, as card issuers
More informationLangara College PCI Awareness Training
Langara College PCI Awareness Training Have you heard of PCI? Due to the increase of credit card fraud and identity theft, major credit card companies like Visa, MasterCard and Amex have formed a security
More informationPAYMENT SECURITY. Best Practices
PAYMENT SECURITY Best Practices At VeriFone, the protection of cardholder information is a top priority. To ensure merchants have secure payment solutions for their customers, and to help protect merchants
More informationPCI DSS Compliance Services January 2016
PCI DSS Compliance Services January 2016 20160104-Galitt-PCI DSS Compliance Services.pptx Agenda 1. Introduction 2. Overview of the PCI DSS standard 3. PCI DSS compliance approach Copyright Galitt 2 Introduction
More informationHow To Cover A Data Breach In The European Market
SECURITY, CYBER AND NETWORK INSURANCE SECURING YOUR FUTURE Businesses today rely heavily on computer networks. Using computers, and logging on to public and private networks has become second nature to
More informationPCI Compliance: How to ensure customer cardholder data is handled with care
PCI Compliance: How to ensure customer cardholder data is handled with care Choosing a safe payment process for your business Contents Contents 2 Executive Summary 3 PCI compliance and accreditation 4
More informationPayment Card Industry Data Security Standards.
Payment Card Industry Data Security Standards. Your guide to protecting cardholder data Helping you manage the risk. Credit Card fraud and data compromises are an increasingly serious problem, costing
More informationWe believe First Data is well positioned to take advantage of all of these trends given the breadth of our solutions and our global operating
Given recent payment data breaches, clients are increasingly demanding robust security and fraud solutions; and Financial institutions continue to outsource and leverage technology providers given their
More informationIntegrated Payment Solutions
Payment Services Integrated Payment Solutions for hospitality, parking and web Tailor-made payment solutions for your business. 2 SIX Payment Services The right choice SIX Payment Services provides financial
More informationWIRELESS - GPRS iwl250 POS SOLUTION
WIRELESS - GPRS iwl250 POS SOLUTION In this report, MONEXgroup presents the iwl250 Wireless POS Solution designed for mobility and accessibility of service. For businesses on-the-move, the iwl250 delivers
More informationUnderstanding PCI Compliance
Understanding PCI Compliance www.cognoscape.com Understanding PCI Compliance What is PCI Compliance? What exactly is PCI compliance? PCI stands for Payment Card Industry, and the compliance component ensures
More informationPCI DSS Compliance. 2015 Information Pack for Merchants
PCI DSS Compliance 2015 Information Pack for Merchants This pack contains general information regarding PCI DSS compliance and does not take into account your business' particular requirements. ANZ recommends
More informationTOURISM INNOVATIVE PAYMENT SOLUTIONS. Efficient, flexible, worldwide and secure
TOURISM INNOVATIVE PAYMENT SOLUTIONS Efficient, flexible, worldwide and secure 2 THE FUTURE OF PAYMENT FOR THE TOURISM AND TRAVEL BUSINESS The PERFECT PARTNER Wirecard is one of the world s leading independent
More informationPayments Transformation - EMV comes to the US
Accenture Payment Services Payments Transformation - EMV comes to the US In 1993 Visa, MasterCard and Europay (EMV) came together and formed EMVCo 1 to tackle the global challenge of combatting fraudulent
More informationEMV and Chip Cards Key Information On What This Is, How It Works and What It Means
EMV and Chip Cards Key Information On What This Is, How It Works and What It Means Document Purpose This document is intended to provide information about the concepts behind and the processes involved
More informationE M V I M P L E M E N TAT I O N T O O L S F O R S U C C E S S, P C I & S E C U R I T Y. February 2014
E M V I M P L E M E N TAT I O N T O O L S F O R S U C C E S S, P C I & S E C U R I T Y February 2014 A G E N D A EMV Overview EMV Industry Announcements EMV Transaction Differences, What to Expect Solution
More information1 ARE PCI SECURITY MEASURES SUITED TO THE FRENCH MARKET?
1 ARE PCI SECURITY MEASURES SUITED TO THE FRENCH MARKET? As part of its task of monitoring the security policies implemented by issuers and acquirers, the Observatory conducted an assessment in 2010 to
More informationFrequently Asked Questions
PCI Compliance Frequently Asked Questions Table of Content GENERAL INFORMATION... 2 PAYMENT CARD INDUSTRY DATA SECURITY STANDARD (PCI DSS)...2 Are all merchants and service providers required to comply
More informationSecure Payments Framework Workgroup
Secure Payments Framework Workgroup EMV for the US Hospitality Industry Version 1.0 About HTNG Hotel Technology Next Generation (HTNG) is a non-profit association with a mission to foster, through collaboration
More informationHow To Protect Your Business From A Hacker Attack
Payment Card Industry Data Security Standards The payment card industry data security standard PCI DSS Visa and MasterCard have developed the Payment Card Industry Data Security Standard or PCI DSS as
More informationREGULATIONS FOR SALES PAID BY CARD SALES IN SHOP (Card Present) (May 2015)
REGULATIONS FOR SALES PAID BY CARD SALES IN SHOP (Card Present) (May 2015) These regulations, the "Shop Regulations", apply to sales paid by Card through the use of a Terminal. The Shop Regulations comprise
More informationTahoe Tech Group serves as your technology partner with a focus on providing cost effective and long term solutions.
Tahoe Tech Group LLC Cyber Security Briefing Truckee Donner Chamber of Commerce March 6, 2015 Tahoe Tech Group serves as your technology partner with a focus on providing cost effective and long term solutions.
More informationICS Presents: The October 1st 2015 Credit Card Liability Shift: This Impacts Everyone!
ICS Presents: The October 1st 2015 Credit Card Liability Shift: This Impacts Everyone! Presenters: Cliff Gray Senior Associate of The Strawhecker Group Jon Bonham CISA, Coalfire The opinions of the contributors
More informationA HOLISTIC APPROACH TO MERCHANT PAYMENT SECURITY. 2016, Vantiv, LLC. All rights reserved.
A HOLISTIC APPROACH TO MERCHANT PAYMENT SECURITY A HOLISTIC APPROACH TO MERCHANT PAYMENT SECURITY WHY DEALERS AND ACQUIRERS ARE PIVOTAL TO SECURING THE MERCHANT PAYMENT ENVIRONMENT. For the past fifteen
More informationThe Relationship Between PCI, Encryption and Tokenization: What you need to know
October 2014 The Relationship Between PCI, Encryption and Tokenization: What you need to know Mike English Executive Director, Product Development Heartland Payment Systems 2014 Heartland Payment Systems,
More informationTrue Protection To The Core
True Protection To The Core Intelligent Security Solutions from VeriFone Every Day. In Everything We Do. VeriFone Builds Absolutely The Highest Transaction Data Security Into Our Business. And Yours. We
More informationAUSTRALIAN PAYMENTS FRAUD DETAILS AND DATA
Australian Payments Clearing Association AUSTRALIAN PAYMENTS FRAUD DETAILS AND DATA 214 Australian Payments Clearing Association Limited ABN 12 55 136 519 CONTENTS OVERVIEW 1 SECTION 1 Fraud rates 4 SECTION
More informationthe better way to pay
the better way to pay we are DOKU PT Nusa Satu Inti Artha (dba DOKU ) is Indonesia s largest and fastest growing provider of electronic payment. We provide electronic payment processing, online and in
More informationEMV and Restaurants: What you need to know. Mike English. October 2014. Executive Director, Product Development Heartland Payment Systems
October 2014 EMV and Restaurants: What you need to know Mike English Executive Director, Product Development Heartland Payment Systems 2014 Heartland Payment Systems, Inc. All trademarks, service marks
More informationPreparing for EMV chip card acceptance
Preparing for EMV chip card acceptance Ben Brown Vice President, Regional Sales Manager, Wells Fargo Merchant Services Lily Page Vice President, Wholesale ereceivables, Wells Fargo Merchant Services June
More informationMobile Contactless Payments and Data Privacy
Data Privacy Purpose We are on the cusp of the next major evolution in consumer payments. In the not too distant future, it is likely we will be making payments using our credit and debit cards embedded
More informationHeartland Secure. By: Michael English. A Heartland Payment Systems White Paper 2014. Executive Director, Product Development
A Heartland Payment Systems White Paper 2014 Heartland Secure. By: Michael English Executive Director, Product Development 2014 Heartland Payment Systems. All trademarks, service marks and trade names
More informationAcquirers grapple with new payments landscape
Acquirers grapple with new payments landscape By Jane Cooper Published: 02 February, 2015 Comment on this article The explosion in payment choices in recent years has left consumers confused as banks struggle
More informationNeed to be PCI DSS compliant and reduce the risk of fraud?
Need to be PCI DSS compliant and reduce the risk of fraud? NCR Security lessens your PCI compliance burden and protects the integrity of your network An NCR White Paper Experience a new world of interaction
More informationPayment Services. The Retail Solution. for large and multi-national retailers
Payment Services The Retail Solution for large and multi-national retailers A one-stopshop solution for retailers Contents SIX Payment Services 04 The customer experience 05 The Retail Solution 06 Our
More informationTokenization: FAQs & General Information. www.tsys.com BACKGROUND. GENERAL INFORMATION What is Tokenization?
FAQ Tokenization: FAQs & General Information BACKGROUND As technology evolves, consumers are increasingly making their purchases online or through mobile devices and digital wallet applications and their
More informationA CHASE PAYMENTECH WHITEPAPER. Building customer loyalty in a multi-channel world Creating an optimised approach for e-tailers
A CHASE PAYMENTECH WHITEPAPER Building customer loyalty in a multi-channel world Creating an optimised approach for e-tailers Table Of Contents Changing shopping habits... 3 The multi-channel journey...
More informationUniversity Policy Accepting Credit Cards to Conduct University Business
BROWN UNIVERSITY University Policy Accepting Credit Cards to Conduct University Business Purpose Brown University requires all departments that are involved with credit card handling to do so in compliance
More informationTime to get off the fence?
WHITE PAPER Thought leadership for the retail sector Time to get off the fence? Defining a cost-effective way to get and retain PCI DSS certification Author: Kevin Burns, PCI and Payments Consultant, BT
More informationVERIFONE PAYWARE SOLUTIONS
VERIFONE PAYWARE SOLUTIONS PAYMENTS ARE JUST THE BEGINNING. Supports multiple applications, systems, users and locations. PAYware Solutions With a wide range of card acceptance software solutions, VeriFone
More informationAdyen PCI DSS 3.0 Compliance Guide
Adyen PCI DSS 3.0 Compliance Guide February 2015 Page 1 2015 Adyen BV www.adyen.com Disclaimer: This document is for guidance purposes only. Adyen does not accept responsibility for any inaccuracies. Merchants
More informationPROTECTION OF OUR MERCHANTS AND REFERRAL PARTNERS IS OUR FIRST CONCERN
PCI Q: What is PCI? A: The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information
More informationVISA EUROPE ACCOUNT INFORMATION SECURITY (AIS) PROGRAMME FREQUENTLY ASKED QUESTIONS (FAQS)
VISA EUROPE ACCOUNT INFORMATION SECURITY (AIS) PROGRAMME FREQUENTLY ASKED QUESTIONS (FAQS) Q1: What is the purpose of the AIS programme? Q2: What exactly is the Payment Card Industry (PCI) Data Security
More informationWhite Paper September 2013 By Peer1 and CompliancePoint www.peer1.com. PCI DSS Compliance Clarity Out of Complexity
White Paper September 2013 By Peer1 and CompliancePoint www.peer1.com PCI DSS Compliance Clarity Out of Complexity Table of Contents Introduction 1 Businesses are losing customer data 1 Customers are learning
More informationSMALL BUSINESS REPUTATION & THE CYBER RISK
SMALL BUSINESS REPUTATION & THE CYBER RISK Executive summary In the past few years there has been a rapid expansion in the development and adoption of new communications technologies which continue to
More information