THE ROLE OF THE CONTACT CENTER IN PCI COMPLIANCE
|
|
- Janel Evans
- 7 years ago
- Views:
Transcription
1 THE ROLE OF THE CONTACT CENTER IN PCI COMPLIANCE ENSURING SAFE COMMERCE
2 TABLE OF CONTENTS THE IMPORTANCE OF PCI COMPLIANCE... UNDERSTANDING THE KEY REQUIREMENT... PRIVACY CONTROL: DESIGNS FOR COMPLIANCE... BEYOND THE CALL RECORDING... PROTECT YOUR INVESTMENTS WITH PRIVACY CONTROL
3 THE ROLE OF THE CONTACT CENTER IN PCI COMPLIANCE The contact center is a rich source of valuable data and insight, documenting the voice of the customer through transaction histories, comments, compliments and complaints. Unfortunately, that same data represents an irresistible prize for criminals, who have worked all manner of brute force, social engineering and Internet attacks in an attempt to exploit vulnerabilities and appropriate sensitive financial information. Recent developments in financial data security standards handed down and ultimately enforced by credit card network processors have turned a keen eye on the contact center. Call and transaction recording systems dutifully storing the verbatim details of payment card transactions represent a potentially rich vein of illicit account information for thieves, and the payment card industry has responded in clear terms. Storing payment card data, even in encrypted form, is expressly forbidden by the Payment Card Industry Data Security Standard (PCI DSS). The rules set forth by the world s top five payment brands are simple, yet far reaching. Virtually every merchant must be able to show, through audit or self-certification, that they comply with fundamental requirements when processing and /or storing sensitive credit card information. That includes card account numbers, expiration dates and security codes. Databases, transaction histories, logs and trace files are all covered by this requirement, and that includes audio recordings and agent screen playbacks. Considering the highprofile thefts of literally millions of payment card profiles at a time in recent years, the concern is well founded. Yet despite their laudable intentions, the payment card industry rules place contact center leaders in an awkward position. Contact centers have embraced comprehensive interaction recording as front-line protection against liability, loss and regulatory action. Clearly, the recording of transactions must continue. Yet the payment card industry states that some of the most vital payload of a transaction the payment card validation code information must not be recorded. Navigating this delicate tightrope is possible, with the support of an interaction recording partner which understands both the needs of the contact center and the demands of the financial sector. Successfully mastering PCI DSS requirements will both preserve transaction vendor peace, and lower overall enterprise risk and exposure to fraud and data theft. 3
4 THE IMPORTANCE OF PCI COMPLIANCE Understanding the reach and scope of these regulations, and ultimately how to successfully achieve transparent compliance, requires understanding the body that created them. The PCI Security Standards Council is led by the companies backing the biggest credit card payment brands in the world: American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Through the PCI Council, these financial giants describe and disseminate the rules, regulations and standards they believe are necessary to safeguard sensitive card and cardholder data while still enabling merchants and service providers to transparently transact with customers. Although the PCI Council itself does not enforce compliance with its rules, its member organizations expect and require that PCI standards be followed. The card networks are not pulling punches. One even actively solicits businesses to inform on their noncompliant vendors and trading partners. In short, if your company is not in compliance with PCI-issued rules, you risk being cut off from the world s most popular consumer and small business payment brands. That is an intolerable risk in any industry, in any economy. UNDERSTANDING THE KEY REQUIREMENT PCI Data Security Standard (DSS) Requirement 3.2 states, Do not store sensitive authentication data after authorization (even if encrypted). Although many of the practices, guidelines and mandates of the PCI Council promote security and trustworthiness in the contact center, the most crucial and complex is the PCI Data Security Standard (DSS) Requirement 3.2. It states, simply, Do not store sensitive authentication data after authorization (even if encrypted). The rule goes on to explain the specifics, but the theme is the same:payment card issuers do not want their card account data stored by merchants. Not even with commercial-grade encryption. The PCI Council has gone on the record clarifying that it considers interaction capturing solutions to be a storage medium covered by this requirement. Because interaction capture solutions are designed to be thorough, a sophisticated approach is needed to maintain reliable records of customer interactions without running afoul of the payment processors that power so many billions of dollars in commerce. Early attempts at designing compliance have fallen short of meeting PCI DSS specifications because they do not address the core problem. Some contact centers have chosen to use secondary IVR-based solutions which collect credit card information before passing the customer back to a live agent. That approach is extremely inconvenient for both the contact center and customer since it simply pushes the interaction recording problem off to another system. And let s not forget that transaction data logs as well as live interactions are covered by the PCI DSS requirement. Other limited workarounds include masking the offending data upon playback. Although laudable as a way to keep employees or unauthorized users from being able to glean payment card data from recorded interactions, the masking approach still falls short of PCI DSS requirements. The data is still present in the recording, and that is not permitted. A more sophisticated approach is required, one which can completely eliminate the need for agent compliance or goodwill, and integrates with existing contact center practices. 4
5 PRIVACY CONTROL: DESIGNS FOR COMPLIANCE Designing a truly PCI DSS compliant solution while preserving the value of interaction recording requires deep insight and careful design. A compliance-minded partner will be able to deliver not only a reliable and sophisticated recording platform, but also bring to bear the insights and training of engineers and implementers with a deep understanding of PCI DSS best practices. Only that combination can produce true Privacy Control, embedded into a powerful interaction recording solution, that protects corporate alliances as well as contact center effectiveness. At the heart of the Privacy Control approach is the capability to selectively suspend and resume recording during sensitive data exchanges. With these pause controls, only data compliant with PCI DSS standards will ever reach the recording vaults. Through on-screen prompts and controls, agents can be cued to manually pause recording as they enter the transaction processing stage, then resume when the data is committed. Because agent training and compliance can threaten the success of a Privacy Control approach, an automated approach to pauseand-resume is preferred. Advanced Privacy Control capabilities can be integrated with existing contact recording solutions and hook into a wide variety of common CRM and transactional applications. The automation is triggered by agent screen activity. When the agent selects fields related to sensitive data banned from storage by PCI DSS, Privacy Controls automatically engage and pause recording. After the agent leaves the sensitive field (such as a credit card number or CVV code), recording immediately resumes. Automation preserves the bulk of the interaction but omits payment card information, making it safe to store and retrieve indefinitely, subject to existing access rules. It also eliminates risks and potential abuse associated with giving contact center agents discretionary, manual control over their own recording, and is the surest way to bring a recording system in line with PCI DSS Requirement 3.2. BEYOND THE CALL RECORDING Protecting customer data requires more than simply omitting sensitive data from a permanent record. A qualified contact center compliance partner will provide all the tools and insights to guide a complete evaluation of the infrastructure involved in the transaction process. Security audits of both the network and individual payment processing applications are just as important as the safety of the interaction recording system. Agent desktops are a frequent source of potential leaks and exploits. From on-disk caches to legacy or homegrown applications which have fallen behind the data security curve, the agent environment must be rigorously evaluated and tested to ensure and maintain compliance. At the heart of the Privacy Control approach is the capability to selectively suspend and resume recording during sensitive data exchanges. 5
6 PROTECT YOUR INVESTMENTS WITH PRIVACY CONTROL Without the mutual trust of both customers and payment card networks, merchants can find themselves stranded. Earning and maintaining that trust in the contact center starts with a careful PCI DSS compliance strategy, and an interaction recording solution that is designed with those requirements and responsibilities clearly in mind. Strong partners are ready to deliver solutions that preserve visibility into all contact center interactions, while closing security holes and preserving good relations with the payment card industry. Few interaction recording vendors today can deliver a solution that can be adapted to the latest PCI DSS standards without a rip-andreplace project. Fewer still offer the flexible APIs necessary to integrate with heterogeneous CRM and transaction application to ensure seamless, automated Privacy Control. Fortunately, those capable partners are out there, and ready to deliver solutions that preserve visibility into all contact center interactions while closing security holes and preserving good relations with the payment card industry. CONTACTS Global International HQ, Israel, T , F Americas, North America, T , F EMEA, Europe & Middle East, T , F Asia Pacific, Singapore Office T , F The full list of NICE marks are the trademarks or registered trademarks of Nice Systems Ltd. For the full list of NICE trademarks, visit All other marks used are the property of their respective proprietors. DATE 12/2014 WP CONTENTS OF THIS DOCUMENT ARE COPYRIGHT ABOUT NICE SYSTEMS INC. NICE Systems (NASDAQ: NICE), is the worldwide leader of intent-based solutions that capture and analyze interactions and transactions, realize intent, and extract and leverage insights to deliver impact in real time. Driven by cross-channel and multi-sensor analytics, NICE solutions enable organizations to improve business performance, increase operational efficiency, prevent financial crime, ensure compliance, and enhance safety and security. NICE serves over 25,000 organizations in the enterprise and security sectors, representing a variety of sizes and industries in more than 150 countries, and including over 80 of the Fortune 100 companies.
Mainstreaming the Cloud in Contact Centers
Mainstreaming the Cloud in Contact Centers TABLE OF CONTENTS Preface... 3 The Gold at the End of the Rainbow... 3 Choose Your Starting Point... 3 Finding the Sweet Spot... 4 The Bottom Line... 4 Preface
More informationThe 5-P Prescription for Getting Workforce Management. Authored for NICE Systems by Wise Workforce Strategies. www.nice.com
The 5-P Prescription for Getting Workforce Management Authored for NICE Systems by Wise Workforce Strategies www.nice.com TABLE OF CONTENTS EXECUTIVE SUMMARY... 3 THE IMPORTANCE OF GETTING WORKFORCE MANAGEMENT...
More informationLISTEN TO THE VOICE OF CUSTOMER EXPERIENCE
LISTEN TO THE VOICE OF CUSTOMER EXPERIENCE The Four Essentials of a Customer Experience Program www.nice.com WHERE CX PROGRAMS STUMBLE Many companies recognize the value of a customer experience (CX) program,
More informationAheevaCCS and the Payment Card Industry Data Security Standard
Account Data PCI DSS White Paper by Aheeva, January 2012 AheevaCCS and the Payment Card Industry Data Security Standard Introduction In 2006, the major payment brands including American Express, MasterCard
More informationHow Multi-Pay Tokens Can Reduce Security Risks and the PCI Compliance Burden for ecommerce Merchants
How Multi-Pay Tokens Can Reduce Security Risks and the PCI Compliance Burden for ecommerce Merchants 2012 First Data Corporation. All trademarks, service marks and trade names referenced in this material
More informationNICE SALES PERFORMANCE MANAGEMENT (SPM)
NICE SALES PERFORMANCE MANAGEMENT (SPM) Optimized Incentive Compensation for the Largest Sales Volumes IMPROVING SALES: MOTIVATION AND OPERATION Your sales results are heavily dependent on two primary
More informationNICE Performance Management Coaching Best Practices and Benchmarking Study
NICE Performance Management Coaching Best Practices and Benchmarking Study TABLE OF CONTENTS Introduction...1 Basis For Our Findings...1 I. Why Coach?...2 II. How Is Coaching Delivered?...2 III. Who Needs
More informationStandard: PCI Data Security Standard (PCI DSS) Version: 2.0 Date: March 2011. Information Supplement: Protecting Telephone-based Payment Card Data
Standard: PCI Data Security Standard (PCI DSS) Version: 2.0 Date: March 2011 Information Supplement: Protecting Telephone-based Payment Card Data Table of Contents Executive Summary 3 Clarification of
More informationProtecting Cardholder Data Throughout Your Enterprise While Reducing the Costs of PCI Compliance
Payment Security White Paper Protecting Cardholder Data Throughout Your Enterprise While Reducing the Costs of PCI Compliance Breaches happen across all industries as thieves look for vulnerabilities.
More informationFORT HAYS STATE UNIVERSITY CREDIT CARD SECURITY POLICY
FORT HAYS STATE UNIVERSITY CREDIT CARD SECURITY POLICY Page 1 of 6 Summary The Payment Card Industry Data Security Standard (PCI DSS), a set of comprehensive requirements for enhancing payment account
More informationWHITE PAPER. PCI Basics: What it Takes to Be Compliant
WHITE PAPER PCI Basics: What it Takes to Be Compliant Introduction A long-running worldwide advertising campaign by Visa states that the card is accepted everywhere you want to be. Unfortunately, and through
More informationPCI Compliance for Healthcare
PCI Compliance for Healthcare Best practices for securing payment card data In just five years, criminal attacks on healthcare organizations are up by a stunning 125%. 1 Why are these data breaches happening?
More informationUnderstanding the Value of Tokens
Understanding the Value of Tokens 2012 First Data Corporation. All trademarks, service marks and trade names referenced in this material are the property of their respective owners. Introduction Credit
More informationYour guide to creating a customer experience program that works
Your guide to creating a customer experience program that works CONTENTS Customer Love Stories The Customer Experience Challenge Create Customer Love Stories in 4 Steps Total Voice of the Customer Customer
More informationNICE MULTI-CHANNEL INTERACTION ANALYTICS
NICE MULTI-CHANNEL INTERACTION ANALYTICS Revealing Customer Intent in Contact Center Communications CUSTOMER INTERACTIONS: The LIVE Voice of the Customer Every day, customer service departments handle
More informationVaronis Systems & The Payment Card Industry Data Security Standard (PCI DSS)
CONTENTS OF THIS WHITE PAPER Overview... 1 Background... 1 Who Needs To Comply... 1 What Is Considered Sensitive Data... 2 What Are the Costs/Risks of Non-Compliance... 2 How Varonis Helps With PCI Compliance...
More informationA Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards
A Websense Research Brief Prevent Loss and Comply with Payment Card Industry Security Standards Prevent Loss and Comply with Payment Card Industry Security Standards Standards for Credit Card Security
More informationCredit Card (PCI) Security Incident Response Plan
Credit Card (PCI) Security Incident Response Plan To address credit cardholder security, the major credit card brands (Visa, MasterCard, American Express, Discover & JCB) jointly established the PCI Security
More informationData Sheet: IT Compliance Payment Card Industry Data Security Standard
The (PCI, or PCI DSS) was developed by the PCI Security Standards Council to assure cardholders that their details were secure during payment card transactions. The Council, which now governs the Standard,
More informationTOP 10 WAYS TO ADDRESS PCI DSS COMPLIANCE. ebook Series
TOP 10 WAYS TO ADDRESS PCI DSS COMPLIANCE ebook Series 2 Headlines have been written, fines have been issued and companies around the world have been challenged to find the resources, time and capital
More informationNICE REAL-TIME PROCESS OPTIMIZATION. Impacting the Outcome of Every Customer Interaction. www.nice.com
NICE REAL-TIME PROCESS OPTIMIZATION Impacting the Outcome of Every Customer Interaction The ability to impact customer interactions in real time is critical for improving operational efficiency, enhancing
More informationHow To Protect Your Credit Card Information From Being Stolen
Visa Account Information Security Tool Kit Welcome to the Visa Account Information Security Program 2 Contents 1. Securing cardholder data is everyone s concern 4 2. Visa Account Information Security (AIS)
More informationSection 3.9 PCI DSS Information Security Policy Issued: June 2016 Replaces: January 2015
Section 3.9 PCI DSS Information Security Policy Issued: June 2016 Replaces: January 2015 I. PURPOSE The purpose of this policy is to establish guidelines for processing charges on Payment Cards to protect
More informationKey Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking
Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking SUMMARY The Payment Card Industry Data Security Standard (PCI DSS) defines 12 high-level security requirements directed
More informationPCI General Policy. Effective Date: August 2008. Approval: December 17, 2015. Maintenance of Policy: Office of Student Accounts REFERENCE DOCUMENTS:
Effective Date: August 2008 Approval: December 17, 2015 PCI General Policy Maintenance of Policy: Office of Student Accounts PURPOSE: To protect against the exposure and possible theft of account and personal
More informationVISA EUROPE ACCOUNT INFORMATION SECURITY (AIS) PROGRAMME FREQUENTLY ASKED QUESTIONS (FAQS)
VISA EUROPE ACCOUNT INFORMATION SECURITY (AIS) PROGRAMME FREQUENTLY ASKED QUESTIONS (FAQS) Q1: What is the purpose of the AIS programme? Q2: What exactly is the Payment Card Industry (PCI) Data Security
More informationNICE INCENTIVE COMPENSATION MANAGEMENT. NICE Incentive Compensation Management
NICE INCENTIVE COMPENSATION MANAGEMENT NICE Incentive Compensation Management DRIVE SUCCESS WITH NICE INCENTIVE COMPENSATION MANAGEMENT SOLUTION INTRODUCTION The NICE Incentive Compensation Management
More informationCyberSource Payment Security. with PCI DSS Tokenization Guidelines
CyberSource Payment Security Compliance The PCI Security Standards Council has published guidelines on tokenization, providing all merchants who store, process, or transmit cardholder data with guidance
More informationPCI Data Security Standard
SSO Strong Authentication Physical/Logical Security Convergence A Pathway to PCI Compliance TABLE OF CONTENTS Executive Summary... 3 What is PCI?... 3 PCI Standards and Impacts on Global Business... 4
More informationHow Desktop Analytics Automates PCI Compliance
Building great customer experiences since 1972 Coordinated Systems, Inc. 165 Burnside Avenue, East Hartford, CT 06108 USA (860)289-2151 www.csiworld.com How Desktop Analytics Automates PCI Compliance http://www.csiworld.com
More informationWhitepaper. PCI Compliance: Protect Your Business from Data Breach
Merchants often underestimate the financial impact of a breach. Direct costs include mandatory forensic audits, credit card replacement, fees, fines and breach remediation. PCI Compliance: Protect Your
More informationUniversity Policy Accepting Credit Cards to Conduct University Business
BROWN UNIVERSITY University Policy Accepting Credit Cards to Conduct University Business Purpose Brown University requires all departments that are involved with credit card handling to do so in compliance
More informationPCI DSS FAQ. The twelve requirements of the PCI DSS are defined as follows:
What is PCI DSS? PCI DSS is an acronym for Payment Card Industry Data Security Standards. PCI DSS is a global initiative intent on securing credit and banking transactions by merchants & service providers
More informationPCI Security Compliance in KANA Solutions How KANA Applications Helps Companies Comply with PCI Security Standards
PCI Security Compliance in KANA Solutions How KANA Applications Helps Companies Comply with PCI Security Standards Table of Contents PCI Security Compliance in KANA Solutions...1 The Importance of Protecting
More informationEXPANd WITH CONFIDENCE PAYMENT MANAGEMENT SOLUTIONS FOR FASTER, SAFER GLOBAL GROWTH
EXPANd WITH CONFIDENCE PAYMENT MANAGEMENT SOLUTIONS FOR FASTER, SAFER GLOBAL GROWTH ACCELERATE YOUR GLOBAL EXPANSION JOURNEY Whether you re targeting just one additional country or many, establishing digital
More informationPayment Card Industry Data Security Standards (PCI-DSS) Guide for Contact Center Managers
Payment Card Industry Data Security Standards (PCI-DSS) January 2012 Reprinted for Table of Contents Executive Summary... 1 What is PCI-DSS?... 1 Violation Notification Requirements... 7 Is PCI-DSS a Law?...
More informationMEETING PCI COMPLIANCE WITH SONICWALL GLOBAL MANAGEMENT SYSTEM
MEETING PCI COMPLIANCE WITH SONICWALL GLOBAL MANAGEMENT SYSTEM PCI DSS 1.1 compliance requirements demand a new level of administration and oversight for merchants, banks and service providers to maintain
More informationQuestions and Answers PCI Compliance (Updated May 23, 2014)
Questions and Answers PCI Compliance (Updated ) The Alberta government is working toward PCI compliance, an industry standard created by the credit card industry to improve cardholder data security. The
More informationHosted Solutions for PSAPs. Copyright 2011-2012 NICE Systems Ltd. All rights reserved.
Hosted Solutions for PSAPs Copyright 2011-2012 NICE Systems Ltd. All rights reserved. TABLE OF CONTENTS MARKET TRENDS... 3 A Convergence of Circumstances... 3 DEFINING HOSTED SOLUTIONS... 4 The Pros and
More informationPCI Data Security Standards (DSS)
ENTERPRISE APPLICATION WHITELISTING SOLUTION Achieving PCI Compliance at the Point of Sale Using Bit9 Parity TM to Protect Cardholder Data PCI: Protecting Cardholder Data As the technology used by merchants
More informationYour Compliance Classification Level and What it Means
General Information What are the Payment Card Industry (PCI) Data Security Standards? The PCI Data Security Standards represents a common set of industry tools and measurements to help ensure the safe
More informationTHE CUSTOMER JOURNEY: THE FIVE THINGS YOU NEED TO KNOW NOW WHITE PAPER. www.nice.com
THE CUSTOMER JOURNEY: THE FIVE THINGS YOU NEED TO KNOW NOW WHITE PAPER www.nice.com TABLE OF CONTENTS THE CUSTOMER JOURNEY IS A MACRO/MICRO CONCEPT... 3 A MAP IS IMPORTANT FOR ANY JOURNEY... 3 FEEDBACK
More informationPCI Data Security Standards. Presented by Pat Bergamo for the NJTC February 6, 2014
PCI Data Security Standards Presented by Pat Bergamo for the NJTC February 6, 2014 Introduction 3/3/2014 2 Your Speaker Patrick Bergamo, CISSP Director of Information Security & Delivery Delta Corporate
More informationWHITE PAPER. www.nice.com
From Contact Center to Back Office: a New Manager s Guide to the First Twelve Months www.nice.com If you re like a lot of new back office managers, you may have started your career in the contact center,
More informationPreemptive security solutions for healthcare
Helping to secure critical healthcare infrastructure from internal and external IT threats, ensuring business continuity and supporting compliance requirements. Preemptive security solutions for healthcare
More informationWhitepaper. PCI Compliance: Protect Your Business from Data Breach
Merchants often underestimate the financial impact of a breach. Direct costs include mandatory forensic audits, credit card replacement, fees, fines and breach remediation. PCI Compliance: Protect Your
More informationPayment Card Industry Data Security Standards
Payment Card Industry Data Security Standards Discussion Objectives Agenda Introduction PCI Overview and History The Protiviti Difference Questions and Discussion 2 2014 Protiviti Inc. CONFIDENTIAL: This
More informationPAI Secure Program Guide
PAI Secure Program Guide A complete guide to understanding the Payment Card Industry Data Security Requirements and utilizing the PAI Secure Program. Letter From the CEO Welcome to PAI Secure. As you
More informationSecureGRC TM - Cloud based SaaS
- Cloud based SaaS Single repository for regulations and standards Centralized repository for compliance related organizational data Electronic workflow to speed up communications between various entries
More informationPayment Card Industry Data Security Standard (PCI DSS)
Payment Card Industry Data Security Standard (PCI DSS) WARNING: Your company may be in noncompliance with the Payment Card Industry Data Security Standard (PCI DSS), placing it at risk of brand damage,
More informationSage ERP MAS I White Paper. Payment Processing Trends, Tips, and Tricks: What You Need to Know
I White Paper What You Need to Know Over the past few years, credit and debit card acceptance has come on the scene as a required payment option. Similarly, the number of customers using credit and debit
More informationPractically Thinking: What Small Merchants Should Know about EMV
Practically Thinking: What Small Merchants Should Know about EMV 1 Practically Thinking: What Small Merchants Should Know About EMV Overview Savvy business owners know that payments are about more than
More informationUniversity Policy Accepting and Handling Payment Cards to Conduct University Business
BROWN UNIVERSITY University Policy Accepting and Handling Payment Cards to Conduct University Business Table of Contents Purpose... 2 Scope... 2 Authorization... 2 Establishing a new account... 2 Policy
More informationRegistration and PCI DSS compliance validation
Visa Europe A Guide for Third Party Agents Registration and PCI DSS compliance validation October 2015 Version 1.1 Visa Europe 2015 Contents 1 Introduction... 4 1.1 Definitions of Agents... 4 2 Registration
More informationWhat are the PCI DSS requirements? PCI DSS comprises twelve requirements, often referred to as the digital dozen. These define the need to:
What is the PCI standards council? The Payment Card Industry Standards Council is an institution set-up by American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International
More informationComplying with PCI DSS
Complying with PCI DSS Table of Contents Complying with the New PCI DSS Rulings 1 Audio and DTMF Tone Data 2 Agent Screen Data 2 Appendix A 3 Complying with the New PCI DSS Rulings The Payment Card Industry
More informationPCI DSS 101- The background you need for understanding the PCI DSS
PCI DSS 101- The background you need for understanding the PCI DSS Produced on behalf of New Net Technologies by STEVE BROADHEAD BROADBAND TESTING 2010 broadband testing and new net technologies www.nntws.com
More informationVerizon 2014 PCI Compliance Report
Executive Summary Verizon 2014 PCI Compliance Report Highlights from our in-depth research into the current state of PCI Security compliance. In 2013, 64.4% of organizations failed to restrict each account
More informationPCI Compliance. Top 10 Questions & Answers
PCI Compliance Top 10 Questions & Answers 1. What is PCI Compliance and PCI DSS? 2. Who needs to follow the PCI Data Security Standard? 3. What happens if I don t comply? 4. What are the basic requirements
More informationMake Every Interaction Count
S ERVICE TO S ALES Make Every Interaction Count SIEZE OPORTUNITIES AT THE POINT OF CONTACT Your company s contact centers and retail stores and/or branches field thousands of inbound contacts every day
More informationPayment Card Industry Data Security Standard
Payment Card Industry Data Security Standard Abhinav Goyal, B.E.(Computer Science) MBA Finance Final Trimester Welingkar Institute of Management ISACA Bangalore chapter 13 th February 2010 Credit Card
More informationInformation Sheet. PCI DSS Overview
The payment card industry (PCI) protects cardholder data through technical and operations standard set by its Council. Compliance with PCI standards is mandatory. It is enforced by the major payment card
More informationSage 100 ERP I White Paper. Payment Processing Trends, Tips, and Tricks: What You Need to Know
Sage 100 ERP I White Paper What You Need to Know Over the past few years, credit and debit card acceptance has come on the scene as a required payment option. Similarly, the number of customers using credit
More informationPayment Card Industry Data Security Standards.
Payment Card Industry Data Security Standards. Your guide to protecting cardholder data Helping you manage the risk. Credit Card fraud and data compromises are an increasingly serious problem, costing
More informationHow To Comply With The Pci Ds.S.A.S
PCI Compliance and the Data Security Standards Introduction The PCI DSS, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of
More informationWhite Paper Achieving PCI Data Security Standard Compliance through Security Information Management. White Paper / PCI
White Paper Achieving PCI Data Security Standard Compliance through Security Information Management White Paper / PCI Contents Executive Summary... 1 Introduction: Brief Overview of PCI...1 The PCI Challenge:
More informationBradley University Credit Card Security Incident Response Team (Response Team)
Credit Card Security Incident Response Plan Bradley University has a thorough data security policy 1. To address credit cardholder security, the major card brands (Visa, MasterCard, American Express, Discover
More informationCards at School. Why Banks View Campuses as High Risk Customers. Payments
Cards at School Why Banks View Campuses as High Risk Customers Dennis W. Reedy, CTP, Managing Director, Treasury Operations, Indiana University Walter Conway, Walter Conway Associates, LLC Accepting credit
More informationNeed to be PCI DSS compliant and reduce the risk of fraud?
Need to be PCI DSS compliant and reduce the risk of fraud? NCR Security lessens your PCI compliance burden and protects the integrity of your network An NCR White Paper Experience a new world of interaction
More informationPayment Card Industry Data Security Standard (PCI DSS) Q & A November 6, 2008
Payment Card Industry Data Security Standard (PCI DSS) Q & A November 6, 2008 What is the PCI DSS? And what do the acronyms CISP, SDP, DSOP and DISC stand for? The PCI DSS is a set of comprehensive requirements
More informationBarracuda Web Site Firewall Ensures PCI DSS Compliance
Barracuda Web Site Firewall Ensures PCI DSS Compliance E-commerce sales are estimated to reach $259.1 billion in 2007, up from the $219.9 billion earned in 2006, according to The State of Retailing Online
More informationGuidance Notes PCI DSS Compliance as it relates to Call Recording
Guidance Notes PCI DSS Compliance as it relates to Call Recording Published by DMA Contact Centres & Telemarketing Council First edition Contents Disclaimer...2 1. Background...3 2. The fundamental storage
More informationPayment Card Industry Data Security Standard (PCI DSS)
Payment Card Industry Data Security Standard (PCI DSS) What is PCI SSC? A 12 year old independent industry standards body providing oversight of the development and management of Payment Card Industry
More informationPCI Compliance: How to ensure customer cardholder data is handled with care
PCI Compliance: How to ensure customer cardholder data is handled with care Choosing a safe payment process for your business Contents Contents 2 Executive Summary 3 PCI compliance and accreditation 4
More informationThe 12 Essentials of PCI Compliance How it Differs from HIPPA Compliance Understand & Implement Effective PCI Data Security Standard Compliance
Date: 07/19/2011 The 12 Essentials of PCI Compliance How it Differs from HIPPA Compliance Understand & Implement Effective PCI Data Security Standard Compliance PCI and HIPAA Compliance Defined Understand
More informationTHE 2016 NICE CUSTOMER EXCELLENCE AWARDS PROGRAM
The NICE Customer Excellence awards program celebrates and honors organizations using NICE products and services to drive creative, innovative customer interactions. With an extensive portfolio of technology,
More informationSecurityMetrics Introduction to PCI Compliance
SecurityMetrics Introduction to PCI Compliance Card Data Compromise What is a card data compromise? A card data compromise occurs when payment card information is stolen from a merchant. Some examples
More informationPayment Card Industry Data Security Standards
Payment Card Industry Data Security Standards January 19, 2011 Marc S. Reisler, Holland & Knight Copyright 2011 Holland & Knight LLP All Rights Reserved Data Breaches Remain a Serious Concern PCI Standards
More informationCHEAT SHEET: PCI DSS 3.1 COMPLIANCE
CHEAT SHEET: PCI DSS 3.1 COMPLIANCE WHAT IS PCI DSS? Payment Card Industry Data Security Standard Information security standard for organizations that handle data for debit, credit, prepaid, e-purse, ATM,
More informationPayment Card Industry Data Security Standard Training. Chris Harper Vice President of Technical Services Secure Enterprise Computing, Inc.
Payment Card Industry Data Security Standard Training Chris Harper Vice President of Technical Services Secure Enterprise Computing, Inc. March 27, 2012 Agenda Check-In 9:00-9:30 PCI Intro and History
More informationFranchise Data Compromise Trends and Cardholder. December, 2010
Franchise Data Compromise Trends and Cardholder Security Best Practices December, 2010 Franchise Data Security Agenda Cardholder Data Compromise Overview Breach Commonalities Hacking Techniques Franchisee
More informationAnd Take a Step on the IG Career Path
How to Develop a PCI Compliance Program And Take a Step on the IG Career Path Andrew Altepeter Any organization that processes customer payment cards must comply with the Payment Card Industry s Data Security
More information11/24/2014. PCI Compliance: Major Changes in e-quantum/quantum Net
PCI Compliance: Major Changes in e-quantum/quantum Net 1 Credit Card Fraud By some estimates, credit card fraud will cost legitimates businesses hundreds of billions of dollars world wide this year. If
More informationTokenization Amplified XiIntercept. The ultimate PCI DSS cost & scope reduction mechanism
Tokenization Amplified XiIntercept The ultimate PCI DSS cost & scope reduction mechanism Paymetric White Paper Tokenization Amplified XiIntercept 2 Table of Contents Executive Summary 3 PCI DSS 3 The PCI
More informationWhite Paper: Are there Payment Threats Lurking in Your Hospital?
White Paper: Are there Payment Threats Lurking in Your Hospital? With all the recent high profile stories about data breaches, payment security is a hot topic in healthcare today. There s been a steep
More informationPCI Compliance Top 10 Questions and Answers
Where every interaction matters. PCI Compliance Top 10 Questions and Answers White Paper October 2013 By: Peer 1 Hosting Product Team www.peer1.com Contents What is PCI Compliance and PCI DSS? 3 Who needs
More informationAchieving PCI Compliance for Your Site in Acquia Cloud
Achieving PCI Compliance for Your Site in Acquia Cloud Introduction PCI Compliance applies to any organization that stores, transmits, or transacts credit card data. PCI Compliance is important; failure
More informationUnderstanding PCI Compliance
Understanding PCI Compliance www.cognoscape.com Understanding PCI Compliance What is PCI Compliance? What exactly is PCI compliance? PCI stands for Payment Card Industry, and the compliance component ensures
More informationP R O G R E S S I V E S O L U T I O N S
PCI DSS: PCI DSS is a set of technical and operational mandates designed to ensure that all organizations that process, store or transmit credit card information maintain a secure environment and safeguard
More informationPCI DSS READINESS AND RESPONSE
PCI DSS READINESS AND RESPONSE EMC Consulting Services offers a lifecycle approach to holistic, proactive PCI program management ESSENTIALS Partner with EMC Consulting for your PCI program management and
More informationFrequently Asked Questions
PCI Compliance Frequently Asked Questions Table of Content GENERAL INFORMATION... 2 PAYMENT CARD INDUSTRY DATA SECURITY STANDARD (PCI DSS)...2 Are all merchants and service providers required to comply
More informationCREDIT CARD PROCESSING & SECURITY POLICY
FINANCE AND TREASURY POLICIES AND PROCEDURES E071 CREDIT CARD PROCESSING & SECURITY POLICY PURPOSE The purpose of this policy is to establish guidelines for processing charges/credits on Credit Cards to
More informationIBM Security Privileged Identity Manager helps prevent insider threats
IBM Security Privileged Identity Manager helps prevent insider threats Securely provision, manage, automate and track privileged access to critical enterprise resources Highlights Centrally manage privileged
More informationA RE T HE U.S. CHIP RULES ENOUGH?
August 2015 A RE T HE U.S. CHIP RULES ENOUGH? A longer term view of security and the payments landscape is needed. Abstract: The United States is finally modernizing its card payment systems and confronting
More informationWhite Paper. Ensuring Network Compliance with NetMRI. An Opportunity to Optimize the Network. Netcordia
White Paper Ensuring Network Compliance with NetMRI An Opportunity to Optimize the Network Netcordia Copyright Copyright 2006 Netcordia, Inc. All Rights Reserved. Restricted Rights Legend This document
More informationPAYMENT CARD INDUSTRY (PCI) COMPLIANCE HISTORY & OVERVIEW
PAYMENT CARD INDUSTRY (PCI) COMPLIANCE HISTORY & OVERVIEW David Kittle Chief Information Officer Chris Ditmarsch Network & Security Administrator Smoker Friendly International / The Cigarette Store Corp
More informationPCI DSS COMPLIANCE DATA
PCI DSS COMPLIANCE DATA AND PROTECTION EagleHeaps FROM CONTENTS Overview... 2 The Basics of PCI DSS... 2 PCI DSS Compliance... 4 The Solution Provider Role (and Accountability).... 4 Concerns and Opportunities
More informationQuality Programs for Regulatory Compliance
Quality Programs for Regulatory Compliance Roy Garris, IconATG Regulatory Compliance Practice Manager (866) 785-4266 http://www.iconatg.com info@iconatg.com Version 1.00 Application Vulnerabilities Put
More informationSecurity Information Lifecycle
Security Information Lifecycle By Eric Ogren Security Analyst, April 2006 Copyright 2006. The, Inc. All Rights Reserved. Table of Contents Executive Summary...2 Figure 1... 2 The Compliance Climate...4
More information