WHITE PAPER SECURE PAYMENTS: A MULTI-PRONGED APPROACH

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "WHITE PAPER SECURE PAYMENTS: A MULTI-PRONGED APPROACH"

Transcription

1 SECURE PAYMENTS: A MULTI-PRONGED APPROACH EMV, ENCRYPTION, TOKENIZATION & SECURE COMMERCE ARCHITECTURE

2 With the pressure being put upon merchants these days to become EMVcompliant, it may be confusing for many as to why they must do so and, indeed, what EMV actually is. There is also the misconception that EMV alone guarantees payment security when, in fact, EMV is simply one component of a secure solution. Along with EMV, encryption and tokenization are equally important for protecting merchants and cardholders alike against payment fraud, while Verifone s Secure Commerce Architecture (SCA) puts additional security measures in place for an optimal solution. WHAT IS EMV? In 1994, Europay International, MasterCard and Visa created EMV, a worldwide standard for the interaction of chip-based smart cards and approved payment devices. An EMV chip card is a standard credit or debit card with a microprocessor chip inset into the plastic. The authentication of this chip card prevents counterfeiting and adds cardholder PIN verification methods for card-present situations, offering both online and offline authorizations. By itself, EMV exposes data in transit and at rest. Sensitive data remains in the clear, susceptible to data breaches. While other countries have seen substantial counterfeit card fraud reductions up to 56% in the UK, for example the US market has resisted implementing EMV due to the expense of reissuing cards and updating payment systems. Now, however, with American card brands desire to accelerate EMV chip card adoption in the US, a liability shift is going into effect in October 2015 (or 2017 for fuel pumps). Once the shift takes place, if fraud occurs on an EMV chip-capable card and the merchant is not EMV-capable, the acquirer or merchant, rather than the issuer, will be held liable for the counterfeit transaction. EMV certification typically takes several months. Despite the attention EMV is getting, which may lead merchants to believe that EMV is the end-all, be-all of payment security, it does not actually guarantee secure transactions on its own. Chip cards do not protect against theft of the primary account number (PAN) or expiration date; this means that the theft of chip transaction details has the potential to result in cross-channel fraud in card-not-present (CNP) environments, such as online or over the phone. Case in point: In every country that has migrated to EMV, online fraud has grown. EMV alone is not enough to be a secure solution because it is intended to authenticate the issued cards only, preventing counterfeit card usage at the point of sale (POS). By itself, EMV exposes data in transit and at rest. It does not fulfill PCI DSS requirements, nor does it protect the confidentiality of cardholder and sensitive authentication data. Sensitive data remains in the clear, susceptible to data breaches. In short, EMV is card authentication, not data protection. 2

3 THE IMPORTANCE OF ENCRYPTION AND TOKENIZATION Encryption Encryption is used to protect data from malware and other threats while it is in transit, whether within the merchant s internal systems or during transmission to payment processors. At its most basic level, the encryption process obscures the account data, encoding it so that it cannot be understood without the corresponding decryption system. End-to-end encryption (E2EE) means that the credit card number is encrypted at the first point of interaction swipe, insert, tap or manual entry of the card number and stays encrypted through the entire authorization process until it is decrypted at the acquirer. Verifone currently offers two of the most prevalent types of encryption in the payments market today: 1. VeriShield Total Protect AES 128-bit encryption, supported by nine of the top 11 payments processors in the US; and 2. ADE Triple DES encryption with DUKPT key management. Verifone also works with clients to support other types of encryption, such as: RSA Public/Private Key (PKI); and SecureData identity-based encryption from Voltage. Each of these methods employs a different encryption algorithm and uses different encryption key management. Implementations vary widely, as some are complete packages, while others are more do-it-yourself. Each encryption method also requires a back-end infrastructure for decryption of the payment data, which can take place at a merchant-based or gateway switch, or at the merchant s payment processor. Tokens Merchants cannot use encrypted PANs within their own back-end systems or with chargeback and retrieval systems because the encryption for each transaction is unique. In this case, tokens replace the PAN with a unique surrogate value and protect data at rest. The token has no direct relationship with the data it replaces and cannot be reversed by the merchant or any thief. Tokens are typically card-based, meaning each one has a one-to-one relationship with an account number; the same token will always be returned for a specific PAN. Merchants use tokens to replace previously stored PANs for any post-authorization activities, eliminating the storage of cardholder data. There are various types of tokens, generated by a bank or payment switch vendor, and these can be used even in CNP transactions, usually coupled with encryption. Token implementation is often done in tandem with encryption start-up. 3

4 Payment Security: Solution Summary Security Threats Security Measures Counterfeit cards Lost/stolen cards* In-store sales Online sales EMV Encryption Tokenization EMV Encryption Tokenization P P Breach (data at rest) P P P P Breach (data in flight) P P P P Reuse of breached data P P P P *When used with a PIN SECURE COMMERCE ARCHITECTURE Over and above encryption and tokenization, Verifone s Secure Commerce Architecture (SCA) eliminates the potential for card data breaches by removing the POS system from the payment transaction flow. As such, SCA also removes the POS from the scope of card brand and acquirer-specific EMV certifications; using the SCA agent, Verifone devices become semi-integrated to the payment processor or Verifone gateway. 4

5 In the semi-integrated model, the terminal is securely connected to the merchant acquirer. The POS does not participate in the payment message, which means it is not part of the EMV certification process. Transaction data is not vulnerable to hacking on the merchant s POS. SCA provides a variety of benefits: In the semi-integrated model, the POS does not participate in the payment message, and transaction data is not vulnerable to hacking. Best-in-class security. The SCA payment app is PA DSS-validated and listed for Verifone s MX and VX devices. Verifone is working toward full PCI P2PE 2.0 component validation for SCA against the new 2.0 standard released in July EMV in a box. SCA supports EMV via an authorization message that Verifone certifies via a gateway service or processor/acquirer direct. Verifone manages certification. Simple POS integration. POS integration typically takes two to four weeks. A single integration supports all of Verifone s latest device offerings. Speeding up adoption of new payment technologies. Abstracting the POS from payment complexity allows merchants to innovate with payments moving forward, including wallets, offers, beacons and beyond. Ongoing support. Verifone is committed to the ongoing development, evolution and compliance of the SCA app well into the future. SCA solution Verifone s SCA solution is called Point, which includes Verifone Estate Manager. Point is a comprehensive payment solution designed to help merchants simplify payments, speed payment innovation, improve payment security and reduce PCI scope in the face of increasing cost, complexity and compliance requirements for payment-related technologies. Point is payment complexity made simple. Verifone Estate Manager is a next-generation estate management tool that is an integral part of Point, though it does not require SCA for its functionality. Merchants can remotely manage, monitor and update their entire estate of terminals and payment devices. SUMMARY For the strongest possible protection from fraud, Verifone recommends that merchants use all of the above technologies jointly. To summarize, EMV cannot stand alone in providing payment security; it needs encryption and tokenization to shield cardholder data from predators at all points of the payment process. Merchants can further benefit from Secure Commerce Architecture, reducing 5

6 EMV compliance scope and removing sensitive information from the point of sale system. EMV chip technology only validates that the card is authentic and prevents counterfeiting; it supports cardholder verification and allows authorization of the transaction using the cardholder s signature. EMV is most effective with card-present transactions. Meanwhile, E2EE protects cardholder data from the point of entry to the payment card processor, shielding against malware that sniffs and captures sensitive data. It uses one-way encryption at the PIN pad, making cardholder data unusable, and reduces the merchant s applicable controls required for PCI DSS validation. To select the encryption method that best fits one s business, merchants should begin by talking to their POS device provider and their payment processor or gateway. Tokenization further reduces risk and eases PCI certification by replacing cardholder data (including the PAN) with surrogate values (tokens), eliminating the storage of cardholder data for post-transaction capture. Lastly, SCA removes the POS from payment data transmission, facilitating a secure, direct connection from the terminal to the acquirer or gateway and simplifying EMV certification. 6

7 ABOUT VERIFONE About Verifone Systems, Inc. (www.verifone.com) Verifone Systems, Inc. ( Verifone ) (NYSE: PAY) is a global leader in secure electronic payment solutions. Verifone provides expertise, solutions and services that add value to the point of sale with merchant-operated, consumer-facing and selfservice payment systems for the financial, retail, hospitality, petroleum, government and healthcare vertical markets. Verifone solutions are designed to meet the needs of merchants, processors and acquirers in developed and emerging economies worldwide Verifone, Inc. All rights reserved. Verifone and the Verifone logo are either trademarks or registered trademarks of Verifone in the United States and/or other countries. All other trademarks or brand names are the properties of their respective holders. All features and specifications are subject to change without notice. Product display image for representation purposes only. Actual product display may vary. Reproduction or posting of this document without prior Verifone approval is prohibited. 7

EMV's Role in reducing Payment Risks: a Multi-Layered Approach

EMV's Role in reducing Payment Risks: a Multi-Layered Approach EMV's Role in reducing Payment Risks: a Multi-Layered Approach April 24, 2013 Agenda EMV Rationale Why is this worth the effort? Guides how we implement it EMV Vulnerability at the POS EMV Impact on CNP

More information

Making the Move to EMV: The Risks and the Rewards

Making the Move to EMV: The Risks and the Rewards White paper A First Capital Payments Smart Guide Making the Move to EMV: The Risks and the Rewards Understanding, Implementing, and Benefitting From EMV Technology By: Hiram Hernandez, Jr. CEO, First Capital

More information

PAYMENT SECURITY. Best Practices

PAYMENT SECURITY. Best Practices PAYMENT SECURITY Best Practices At VeriFone, the protection of cardholder information is a top priority. To ensure merchants have secure payment solutions for their customers, and to help protect merchants

More information

Community Financial Institution EMV Readiness

Community Financial Institution EMV Readiness Community Financial Institution EMV Readiness EMV is a trademark owned by EMVCo LLC 2014 First Data Corporation. All Rights Reserved. Copyright 2014 First Data Corporation EMV Timeline 2011: EMV technology

More information

A Brand New Checkout Experience

A Brand New Checkout Experience A Brand New Checkout Experience EMV Transformation EMV technology is transforming the U.S. payment industry, bringing a whole new experience to the checkout counter. Introduction What is EMV? It s 3 small

More information

A Brand New Checkout Experience

A Brand New Checkout Experience A Brand New Checkout Experience EMV Transformation EMV technology is transforming the U.S. payment industry, bringing a whole new experience to the checkout counter. Introduction What is EMV? It s 3 small

More information

Tokenization: FAQs & General Information. www.tsys.com BACKGROUND. GENERAL INFORMATION What is Tokenization?

Tokenization: FAQs & General Information. www.tsys.com BACKGROUND. GENERAL INFORMATION What is Tokenization? FAQ Tokenization: FAQs & General Information BACKGROUND As technology evolves, consumers are increasingly making their purchases online or through mobile devices and digital wallet applications and their

More information

EMV and Small Merchants:

EMV and Small Merchants: September 2014 EMV and Small Merchants: What you need to know Mike English Executive Director, Product Development Heartland Payment Systems 2014 Heartland Payment Systems, Inc. All trademarks, service

More information

E M V I M P L E M E N TAT I O N T O O L S F O R S U C C E S S, P C I & S E C U R I T Y. February 2014

E M V I M P L E M E N TAT I O N T O O L S F O R S U C C E S S, P C I & S E C U R I T Y. February 2014 E M V I M P L E M E N TAT I O N T O O L S F O R S U C C E S S, P C I & S E C U R I T Y February 2014 A G E N D A EMV Overview EMV Industry Announcements EMV Transaction Differences, What to Expect Solution

More information

Introductions 1 min 4

Introductions 1 min 4 1 2 1 Minute 3 Introductions 1 min 4 5 2 Minutes Briefly Introduce the topics for discussion. We will have time for Q and A following the webinar. 6 Randy - EMV History / Chip Cards /Terminals 5 Minutes

More information

Payment Card Industry (PCI) Data Security Standard. PCI DSS Applicability in an EMV Environment A Guidance Document Version 1

Payment Card Industry (PCI) Data Security Standard. PCI DSS Applicability in an EMV Environment A Guidance Document Version 1 Payment Card Industry (PCI) Data Security Standard PCI DSS Applicability in an EMV Environment A Guidance Document Version 1 Release date: 5 October 2010 Table of Contents 1 Executive Summary... 3 1.1

More information

What is EMV? What is different?

What is EMV? What is different? U.S. consumers are receiving new debit and credit cards with embedded chip technology that better stores and protects cardholder information. These new chip cards are part of the new card standard, Europay,

More information

Preparing for EMV chip card acceptance

Preparing for EMV chip card acceptance Preparing for EMV chip card acceptance Ben Brown Vice President, Regional Sales Manager, Wells Fargo Merchant Services Lily Page Vice President, Wholesale ereceivables, Wells Fargo Merchant Services June

More information

EMV DEBIT ROUTING VERIFONE.COM

EMV DEBIT ROUTING VERIFONE.COM EMV Debit Routing Overview Complying with the EMVCo requirements, card network requirements and meeting the Durbin Amendment debit routing regulation (Regulation II), while managing debit card processing

More information

Emerging Trends in the Payment Ecosystem: The Good, the Bad and the Ugly DAN KRAMER

Emerging Trends in the Payment Ecosystem: The Good, the Bad and the Ugly DAN KRAMER Emerging Trends in the Payment Ecosystem: The Good, the Bad and the Ugly DAN KRAMER SHAZAM, Senior Vice President Agenda The Ugly Fraud The Bad EMV? The Good Tokenization and Other Emerging Payment Options

More information

Heartland Secure. By: Michael English. A Heartland Payment Systems White Paper 2014. Executive Director, Product Development

Heartland Secure. By: Michael English. A Heartland Payment Systems White Paper 2014. Executive Director, Product Development A Heartland Payment Systems White Paper 2014 Heartland Secure. By: Michael English Executive Director, Product Development 2014 Heartland Payment Systems. All trademarks, service marks and trade names

More information

EMV and Restaurants: What you need to know. Mike English. October 2014. Executive Director, Product Development Heartland Payment Systems

EMV and Restaurants: What you need to know. Mike English. October 2014. Executive Director, Product Development Heartland Payment Systems October 2014 EMV and Restaurants: What you need to know Mike English Executive Director, Product Development Heartland Payment Systems 2014 Heartland Payment Systems, Inc. All trademarks, service marks

More information

EMV and Restaurants What you need to know! November 19, 2014

EMV and Restaurants What you need to know! November 19, 2014 EMV and Restaurants What you need to know! Mike English Executive Director of Product Development Kristi Kuehn Sr. Director, Compliance November 9, 204 Agenda EMV overview Timelines Chip Card Liability

More information

Enterprise Payments for

Enterprise Payments for Enterprise Payments for Table of Contents I. Introducing CardConnect II. III. IV. Gartner Tokenization Reporting Featuring CardConnect PCI Compliance, EMV & True Payment Security CardConnect for SAP V.

More information

A RE T HE U.S. CHIP RULES ENOUGH?

A RE T HE U.S. CHIP RULES ENOUGH? August 2015 A RE T HE U.S. CHIP RULES ENOUGH? A longer term view of security and the payments landscape is needed. Abstract: The United States is finally modernizing its card payment systems and confronting

More information

EMV and Chip Cards Key Information On What This Is, How It Works and What It Means

EMV and Chip Cards Key Information On What This Is, How It Works and What It Means EMV and Chip Cards Key Information On What This Is, How It Works and What It Means Document Purpose This document is intended to provide information about the concepts behind and the processes involved

More information

The Relationship Between PCI, Encryption and Tokenization: What you need to know

The Relationship Between PCI, Encryption and Tokenization: What you need to know October 2014 The Relationship Between PCI, Encryption and Tokenization: What you need to know Mike English Executive Director, Product Development Heartland Payment Systems 2014 Heartland Payment Systems,

More information

Understand the Business Impact of EMV Chip Cards

Understand the Business Impact of EMV Chip Cards Understand the Business Impact of EMV Chip Cards 3 What About Mail/Telephone Order and ecommerce? 3 What Is EMV 3 How Chip Cards Work 3 Contactless Technology 4 Background: Behind the Curve 4 Liability

More information

EMV and Encryption + Tokenization: A Layered Approach to Security

EMV and Encryption + Tokenization: A Layered Approach to Security EMV and Encryption + Tokenization: A Layered Approach to Security 2012 First Data Corporation. All trademarks, service marks and trade names referenced in this material are the property of their respective

More information

What Merchants Need to Know About EMV

What Merchants Need to Know About EMV Effective November 1, 2014 1. What is EMV? EMV is the global standard for card present payment processing technology and it s coming to the U.S. EMV uses an embedded chip in the card that holds all the

More information

EMV : Frequently Asked Questions for Merchants

EMV : Frequently Asked Questions for Merchants EMV : Frequently Asked Questions for Merchants The information in this document is offered on an as is basis, without warranty of any kind, either expressed, implied or statutory, including but not limited

More information

Plotting a Course for EMV Compliance

Plotting a Course for EMV Compliance Plotting a Course for EMV Compliance Plotting a Course for EMV Compliance PCI compliance...emv compliance by now, you ve heard repeatedly that your store or restaurant must be EMV-compliant by the recently

More information

Payments simplified. 1

Payments simplified. 1 1 Payments simplified. T H E PAY M E N T I N D U S T RY A I N T W H AT I T U S E D T O B E 2 Complexity is increasing, More change in next 5, than last 50 Emerging payments / loyalty / rewards / coupons

More information

OpenEdge Research & Development Group April 2015

OpenEdge Research & Development Group April 2015 2015: Security, Merchant Readiness & the Coming Liability Shift OpenEdge Research & Development Group April 2015 solutions@openedgepay.com openedgepay.com 2015: Security, Merchant Table of Contents The

More information

THE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP

THE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP THE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP WHERE IS THE U.S. PAYMENT CARD INDUSTRY NOW? WHERE IS IT GOING? Today, payment and identification cards of all types (credit

More information

EMV Frequently Asked Questions for Merchants May, 2014

EMV Frequently Asked Questions for Merchants May, 2014 EMV Frequently Asked Questions for Merchants May, 2014 Copyright 2014 Vantiv All rights reserved. Disclaimer The information in this document is offered on an as is basis, without warranty of any kind,

More information

Apple Pay. Frequently Asked Questions UK Launch

Apple Pay. Frequently Asked Questions UK Launch Apple Pay Frequently Asked Questions UK Launch Version 1.0 2015 First Data Corporation. All Rights Reserved. All trademarks, service marks and trade names referenced in this material are the property of

More information

Save Money on Credit Card Processing. So how do you save money on credit card processing? It is a very simple process.

Save Money on Credit Card Processing. So how do you save money on credit card processing? It is a very simple process. My main responsibility as a Regional Account Manager for IMD is obtain the absolute lowest possible merchant fees for you as a business. Why? The more customers we can save money, the more volume of business

More information

PCI Compliance Overview

PCI Compliance Overview PCI Compliance Overview 1 PCI DSS Payment Card Industry Data Security Standard Standard that is applied to: Merchants Service Providers (Banks, Third party vendors, gateways) Systems (Hardware, software)

More information

RETAIL BANKING SOLUTIONS. Enhancing Your Customer s Branch Experience. Comprehensive Services Tailored for Retail Banks. Vault-Like Security

RETAIL BANKING SOLUTIONS. Enhancing Your Customer s Branch Experience. Comprehensive Services Tailored for Retail Banks. Vault-Like Security lightly-attended, self-service kiosks equipped with the MX 800 Series to further cut costs and increase revenues by more efficiently serving customers with routine transactions. DRIVE-THRU SELF-SERVICE

More information

Credit Card Processing, Point of Sale, ecommerce

Credit Card Processing, Point of Sale, ecommerce Credit Card Processing, Point of Sale, ecommerce Compliance, Self Auditing, and More John Benson Kurt Willey HACKS REGULATIONS Greater Risk for Merchants Topics Compliance Changes Scans Self Audits

More information

Corbin Del Carlo Director, National Leader PCI Services. October 5, 2015

Corbin Del Carlo Director, National Leader PCI Services. October 5, 2015 PCI compliance: v3.1 Key Considerations Corbin Del Carlo Director, National Leader PCI Services October 5, 2015 Today s Presenter Corbin Del Carlo QSA, PA QSA Director, National Leader PCI Services Practice

More information

What Issuers Need to Know Top 25 Questions on EMV Chip Cards and Personalization

What Issuers Need to Know Top 25 Questions on EMV Chip Cards and Personalization Frequently Asked Questions What Issuers Need to Know Top 25 Questions on EMV Chip Cards and Personalization Issuers across the United States are beginning to embark in the planning and execution phase

More information

EMV FAQs for developers

EMV FAQs for developers EMV FAQs for developers You accept the Information presented herein as is, without any representation as to its accuracy or completeness. What are the three levels of EMV certification? There are three

More information

E2EE and PCI Compliancy. Martin Holloway VSP Sales Director VeriFone NEMEA

E2EE and PCI Compliancy. Martin Holloway VSP Sales Director VeriFone NEMEA E2EE and PCI Compliancy Martin Holloway VSP Sales Director VeriFone NEMEA Security Breaches In The News 2 Security Breaches In The News 3 Security Breaches In The News 4 Security Breaches In The News 5

More information

MULTI-LAYERED SECURITY STRENGTHENS PAYMENT STRUCTURES

MULTI-LAYERED SECURITY STRENGTHENS PAYMENT STRUCTURES MULTI-LAYERED SECURITY STRENGTHENS PAYMENT STRUCTURES How to Prepare a Comprehensive Strategy How to Prepare a Comprehensive Strategy The lines have been drawn in retail data security. While security threats

More information

How Secure are Contactless Payment Systems?

How Secure are Contactless Payment Systems? SESSION ID: HT-W01 How Secure are Contactless Payment Systems? Matthew Ngu Engineering Manager RSA, The Security Division of EMC Chris Scott Senior Software Engineer RSA, The Security Division of EMC 2

More information

NAVIGATING THE PAYMENTS AND SECURITY LANDSCAPE

NAVIGATING THE PAYMENTS AND SECURITY LANDSCAPE NAVIGATING THE PAYMENTS AND SECURITY LANDSCAPE Payment disruptions impacting restaurant owners today An NCR Hospitality white paper Almost every month we hear a news story about another data breach that

More information

True Protection To The Core

True Protection To The Core True Protection To The Core Intelligent Security Solutions from VeriFone Every Day. In Everything We Do. VeriFone Builds Absolutely The Highest Transaction Data Security Into Our Business. And Yours. We

More information

DATA SECURITY, FRAUD PREVENTION AND COMPLIANCE

DATA SECURITY, FRAUD PREVENTION AND COMPLIANCE DATA SECURITY, FRAUD PREVENTION AND COMPLIANCE December 2015 English_General This presentation was prepared exclusively for the benefit and internal use of the J.P. Morgan client or potential client to

More information

Understanding the Role of Hardware Data Encryption in EMV and P2PE from the CEO s Perspective

Understanding the Role of Hardware Data Encryption in EMV and P2PE from the CEO s Perspective Understanding the Role of Hardware Data Encryption in EMV and P2PE from the CEO s Perspective Futurex. An Innovative Leader in Encryption Solutions. For over 30 years, more than 15,000 customers worldwide

More information

THE ROAD TO U.S. EMV MIGRATION Information and Strategies to Help Your Institution Make the Change

THE ROAD TO U.S. EMV MIGRATION Information and Strategies to Help Your Institution Make the Change THE ROAD TO U.S. EMV MIGRATION Information and Strategies to Help Your Institution Make the Change Advancements in technological capabilities, along with increasing levels of counterfeit fraud, led the

More information

Payment Methods. The cost of doing business. Michelle Powell - BASYS Processing, Inc.

Payment Methods. The cost of doing business. Michelle Powell - BASYS Processing, Inc. Payment Methods The cost of doing business Michelle Powell - BASYS Processing, Inc. You ve got to spend money, to make money Major Industry Topics Industry Process Flow PCI DSS Compliance Risks of Non-Compliance

More information

Dates VISA MasterCard Discover American Express. support EMV. International ATM liability shift 2

Dates VISA MasterCard Discover American Express. support EMV. International ATM liability shift 2 Network Updates Summer 2013 We are committed to working closely with you on achieving your business goals. As a part of this commitment, we carefully monitor Network changes and summarize them for your

More information

Card Network Update Chip (EMV) Acceptance in the United States At-A-Glance

Card Network Update Chip (EMV) Acceptance in the United States At-A-Glance Card Network Update Chip (EMV) Acceptance in the United States At-A-Glance Allegiance Merchant Services is committed to assisting you in navigating through the various considerations that you may face

More information

WHITE PAPER U.S. JOINING WORLDWIDE EMV MOVEMENT

WHITE PAPER U.S. JOINING WORLDWIDE EMV MOVEMENT U.S. JOINING WORLDWIDE EMV MOVEMENT EXECUTIVE SUMMARY The U.S. payments industry has relied on magnetic stripe-based card technology for decades, but most countries have or are in the process of transitioning

More information

Flexible and secure. acceo tender retail. payment solution. tender-retail.acceo.com

Flexible and secure. acceo tender retail. payment solution. tender-retail.acceo.com Flexible and secure payment solution acceo tender retail payment solution tender-retail.acceo.com Take control of your payment transactions ACCEO Tender Retail is a specialized middleware that handles

More information

Apple Pay. Frequently Asked Questions UK

Apple Pay. Frequently Asked Questions UK Apple Pay Frequently Asked Questions UK Version 1.0 (July 2015) First Data Merchant Solutions is a trading name of First Data Europe Limited, a private limited company incorporated in England (company

More information

Prevention Is Better Than Cure EMV and PCI

Prevention Is Better Than Cure EMV and PCI Prevention Is Better Than Cure EMV and PCI Prevention Is Better Than Cure An independent view on the effectiveness of EMV and PCI in case of large-scale card compromise. Over the past couple of months,

More information

Fighting Today s Cybercrime

Fighting Today s Cybercrime SECURELY ENABLING BUSINESS Fighting Today s Cybercrime Ongoing PCI Compliance Using Data-Centric Security Technologies HOUSEKEEPING ITEMS All phone lines have been muted for the duration of the webinar.

More information

welcome to liber8:payment

welcome to liber8:payment liber8:payment welcome to liber8:payment Our self-service kiosks free up staff time and improve the overall patron experience. liber8:payment further enhances these benefits by providing the convenience

More information

Newtek, The Small Business Authority 855-2thesba www.thesba.com. thesba.com 855-2thesba

Newtek, The Small Business Authority 855-2thesba www.thesba.com. thesba.com 855-2thesba thesba.com 855-2thesba EMV Chip Technology, Secure Electronic Payments The world of payments is evolving. We are starting to see an evolution from typical static magnetic strip cards to more intelligent

More information

U.S. Smart Card Migration: Stripe to EMV Claudia Swendseid, Federal Reserve Bank of Minneapolis Terry Dooley, SHAZAM Kristine Oberg, Elavon

U.S. Smart Card Migration: Stripe to EMV Claudia Swendseid, Federal Reserve Bank of Minneapolis Terry Dooley, SHAZAM Kristine Oberg, Elavon U.S. Smart Card Migration: Stripe to EMV Claudia Swendseid, Federal Reserve Bank of Minneapolis Terry Dooley, SHAZAM Kristine Oberg, Elavon UMACHA Navigating Payments 2014 October 8, 2014 Who We Are Claudia

More information

Suzanne Lynch Professor of Practice Economic Crime Utica College sl6-15 1

Suzanne Lynch Professor of Practice Economic Crime Utica College sl6-15 1 Suzanne Lynch Professor of Practice Economic Crime Utica College sl6-15 1 The most significant trend is decreasing paper payments and increasing electronic payments. Many organizations are also seeing

More information

Changing Consumer Purchasing Patterns. John Mayleben, CPP SVP, Technology and Product Development Michigan Retailers Association

Changing Consumer Purchasing Patterns. John Mayleben, CPP SVP, Technology and Product Development Michigan Retailers Association Changing Consumer Purchasing Patterns John Mayleben, CPP SVP, Technology and Product Development Michigan Retailers Association Michigan Retailers Association! Michigan Retailers Association is trade

More information

EMV GATHERS STEAM AS U.S. MOVES TOWARD LIABILITY SHIFT

EMV GATHERS STEAM AS U.S. MOVES TOWARD LIABILITY SHIFT W H I T E P A P E R EMV GATHERS STEAM AS U.S. MOVES TOWARD LIABILITY SHIFT Approaching deadlines will shift liability of card-present counterfeit fraud from issuers to acquirers and merchants. That combined

More information

Secure Payments Framework Workgroup

Secure Payments Framework Workgroup Secure Payments Framework Workgroup EMV for the US Hospitality Industry Version 1.0 About HTNG Hotel Technology Next Generation (HTNG) is a non-profit association with a mission to foster, through collaboration

More information

GLOSSARY OF MOST COMMONLY USED TERMS IN THE MERCHANT SERVICES INDUSTRY

GLOSSARY OF MOST COMMONLY USED TERMS IN THE MERCHANT SERVICES INDUSTRY GLOSSARY OF MOST COMMONLY USED TERMS IN THE MERCHANT SERVICES INDUSTRY Acquiring Bank The bank or financial institution that accepts credit and/or debit card payments for products or services on behalf

More information

How Multi-Pay Tokens Can Reduce Security Risks and the PCI Compliance Burden for ecommerce Merchants

How Multi-Pay Tokens Can Reduce Security Risks and the PCI Compliance Burden for ecommerce Merchants How Multi-Pay Tokens Can Reduce Security Risks and the PCI Compliance Burden for ecommerce Merchants 2012 First Data Corporation. All trademarks, service marks and trade names referenced in this material

More information

PARTNERING FOR SUCCESS: NAVIGATING THE EMV IMPLEMENTATION PROCESS

PARTNERING FOR SUCCESS: NAVIGATING THE EMV IMPLEMENTATION PROCESS PARTNERING FOR SUCCESS: NAVIGATING THE EMV IMPLEMENTATION PROCESS November 2014 Contents The EMV Standard...3 Reducing Counterfeit Card Fraud... 3 Reducing Card Theft Fraud... 3 Chip and PIN vs. Chip and

More information

VISA BEST PRACTICES - Data Field Encryption Version 1.0 Evaluation

VISA BEST PRACTICES - Data Field Encryption Version 1.0 Evaluation Terminal vendors Third party security assessors VISA BEST PRACTICES - Data Field Encryption Version 1.0 Evaluation Best Practice: E2ee Evaluation - Ver E Final Type: Security 21 October 2011 In brief POS

More information

The Merchant and EMV: What You Need to Know to Prepare for the Magstripe to EMV Transition

The Merchant and EMV: What You Need to Know to Prepare for the Magstripe to EMV Transition Research Brief The Merchant and EMV: What You Need to Know to Prepare for the Magstripe to EMV Transition Glenbrook Partners 2014 1 Table of Contents Executive Summary 3 Why, and How, Now? 4 The Pace is

More information

NCR CONNECTED PAYMENTS The vision for payment acceptance in restaurants

NCR CONNECTED PAYMENTS The vision for payment acceptance in restaurants NCR CONNECTED PAYMENTS The vision for payment acceptance in restaurants For more information visit ncr.com or contact us at hospitality.information@ncr.com A winning combination of payment security and

More information

CPIM Academy. Cash 257 Merchant Services and Revenue Collection

CPIM Academy. Cash 257 Merchant Services and Revenue Collection CPIM Academy Cash 257 Merchant Services and Revenue Collection 2015 Objectives Feel prepared to discuss/understand basics of merchant processing Understand Service Fees Difference between credit and debit

More information

Smart Card Security Access Modules in VeriFone Omni 3350 Countertop and Omni 3600 Portable Terminals

Smart Card Security Access Modules in VeriFone Omni 3350 Countertop and Omni 3600 Portable Terminals Security Access Module White Paper Smart Card Security Access Modules in VeriFone Omni 3350 Countertop and Omni 3600 Portable Terminals With the proliferation of smart card solutions, VeriFone s use of

More information

FOR A BARRIER-FREE PAYMENT PROCESSING SOLUTION

FOR A BARRIER-FREE PAYMENT PROCESSING SOLUTION FOR A BARRIER-FREE PAYMENT PROCESSING SOLUTION MAKE THE SWITCH TO MONEXgroup ecommerce I Mobile I Wireless I Integrated I Countertop Solutions IN-STORE ON-THE-GO ONLINE Accept secure debit and credit card

More information

Digital Payment Solutions TSYS Enterprise Tokenization:

Digital Payment Solutions TSYS Enterprise Tokenization: Digital Payment Solutions TSYS Enterprise : FAQs & General Information FAQ TSYS DIGITAL DIGITAL PAYMENT PAYMENTS SOLUTIONS SOLUTIONS Account Holder Experience Apple Pay 1 Android Pay 2 Samsung Pay 2 Issuer

More information

PCI DSS FAQ. The twelve requirements of the PCI DSS are defined as follows:

PCI DSS FAQ. The twelve requirements of the PCI DSS are defined as follows: What is PCI DSS? PCI DSS is an acronym for Payment Card Industry Data Security Standards. PCI DSS is a global initiative intent on securing credit and banking transactions by merchants & service providers

More information

EMV EMV TABLE OF CONTENTS

EMV EMV TABLE OF CONTENTS 2 TABLE OF CONTENTS Intro... 2 Are You Ready?... 3 What Is?... 4 Why?... 5 What Does Mean To Your Business?... 6 Checklist... 8 3 U.S. Merchants 60% are expected to convert to -enabled devices by 2015.

More information

Question & Answer. Answer:

Question & Answer. Answer: What is a chip card? A chip card is a standard-size plastic debit or credit card that contains an embedded microchip, as well as the traditional magnetic stripe. The chip protects in-store payments because

More information

The Adoption of EMV Technology in the U.S. By Dave Ewald Global Industry Sales Consultant Datacard Group

The Adoption of EMV Technology in the U.S. By Dave Ewald Global Industry Sales Consultant Datacard Group The Adoption of EMV Technology in the U.S. By Dave Ewald Global Industry Sales Consultant Datacard Group Abstract: Visa Inc. and MasterCard recently announced plans to accelerate chip migration in the

More information

EMV/NFC/MOBILE PAYMENTS THE TIME IS NOW THE OPPORTUNITY IS HUGE

EMV/NFC/MOBILE PAYMENTS THE TIME IS NOW THE OPPORTUNITY IS HUGE EMV/NFC/MOBILE PAYMENTS THE TIME IS NOW THE OPPORTUNITY IS HUGE REMEMBER WHEN. What year did VeriFone release the Tranz 330 2 REMEMBER WHEN. 1987 3 WHAT IS CHANGING? EVERYTHING Legislation PCI EMV NFC

More information

PCI Security Standards Council

PCI Security Standards Council PCI Security Standards Council Jeremy King, European Director 2013 Why PCI Matters Applying PCI How You Can Participate Agenda 2 Why PCI Matters Applying PCI How You Can Participate Agenda About the PCI

More information

Practically Thinking: What Small Merchants Should Know about EMV

Practically Thinking: What Small Merchants Should Know about EMV Practically Thinking: What Small Merchants Should Know about EMV 1 Practically Thinking: What Small Merchants Should Know About EMV Overview Savvy business owners know that payments are about more than

More information

Universal Transaction Gateway (UTG ), 4Go, and i4go are covered by

Universal Transaction Gateway (UTG ), 4Go, and i4go are covered by Universal Transaction Gateway (UTG ), 4Go, and i4go are covered by Universal Transaction one or Gateway more of (UTG ), the 4Go, following and i4go U.S. are covered Pat. by Nos.: one or more 7770789, of

More information

FOR A BARRIER-FREE PAYMENT PROCESSING SOLUTION

FOR A BARRIER-FREE PAYMENT PROCESSING SOLUTION FOR A BARRIER-FREE PAYMENT PROCESSING SOLUTION MAKE THE SWITCH TO MONEXgroup ecommerce I Mobile I Wireless I Integrated I Countertop Solutions PAYMENTS IN-STORE PAYMENTS ON-THE-GO PAYMENTS ONLINE Accept

More information

Credit Card Processing Overview

Credit Card Processing Overview CardControl 3.0 Credit Card Processing Overview Overview Credit card processing is a very complex and important system for anyone that sells goods. This guide will hopefully help educate and inform new

More information

Payments Transformation - EMV comes to the US

Payments Transformation - EMV comes to the US Accenture Payment Services Payments Transformation - EMV comes to the US In 1993 Visa, MasterCard and Europay (EMV) came together and formed EMVCo 1 to tackle the global challenge of combatting fraudulent

More information

PCI Point To Point Encryption (P2PE) An Overview

PCI Point To Point Encryption (P2PE) An Overview PCI Point To Point Encryption (P2PE) An Overview Moderator Name: Erik Winkler Panelists Names: Sonjay Shepherd HiTouch Business Services, Adam Sommer MasterCard Definition of consists of cardholder data

More information

Chip Card (EMV ) CAL-Card FAQs

Chip Card (EMV ) CAL-Card FAQs U.S. Bank Chip Card (EMV ) CAL-Card FAQs Below are answers to some frequently asked questions about the migration to U.S. Bank chipenabled CAL-Cards. This guide can help ensure that you are prepared for

More information

PREVENTING PAYMENT CARD DATA BREACHES

PREVENTING PAYMENT CARD DATA BREACHES NEW SCIENCE TRANSACTION SECURITY ARTICLE PREVENTING PAYMENT CARD DATA BREACHES DECEMBER 2014 UL.COM/NEWSCIENCE NEW SCIENCE TRANSACTION SECURITY OVERVIEW From research on the latest electronic transaction

More information

VERIFONE PAYWARE SOLUTIONS

VERIFONE PAYWARE SOLUTIONS VERIFONE PAYWARE SOLUTIONS PAYMENTS ARE JUST THE BEGINNING. Supports multiple applications, systems, users and locations. PAYware Solutions With a wide range of card acceptance software solutions, VeriFone

More information

Are You Ready For PCI v 3.0. Speaker: Corbin DelCarlo Institution: McGladrey LLP Date: October 6, 2014

Are You Ready For PCI v 3.0. Speaker: Corbin DelCarlo Institution: McGladrey LLP Date: October 6, 2014 Are You Ready For PCI v 3.0 Speaker: Corbin DelCarlo Institution: McGladrey LLP Date: October 6, 2014 Today s Presenter Corbin Del Carlo QSA, PA QSA Director, National Leader PCI Services Practice 847.413.6319

More information

EMV HANDBOOK EMV: A MERCHANT S PRIMER WHO, WHAT, WHERE & WHY

EMV HANDBOOK EMV: A MERCHANT S PRIMER WHO, WHAT, WHERE & WHY EMV HANDBOOK EMV: A MERCHANT S PRIMER October 1, 2015 marks a major milestone in the U.S. payments landscape. As of that date, liability for fraudulent, counterfeit credit and debit card transactions shifts

More information

UNIVERSITY CONTROLLER S OFFICE

UNIVERSITY CONTROLLER S OFFICE UNIVERSITY CONTROLLER S OFFICE Payment Card Industry (PCI) Security Standards Training Guide (updated for 3.1 requirements) February 2016 Disclaimer: The information in this guide is current as of the

More information

OpenEdge Research & Development Group April 2015

OpenEdge Research & Development Group April 2015 2015: Development, Merchant Readiness & the Coming Liability Shift OpenEdge Research & Development Group April 2015 developers@openedgepay.com openedgepay.com 2015: Development, Merchant Table of Contents

More information

DATA SECURITY, FRAUD PREVENTION AND PCI COMPLIANCE. March 2015

DATA SECURITY, FRAUD PREVENTION AND PCI COMPLIANCE. March 2015 DATA SECURITY, FRAUD PREVENTION AND PCI COMPLIANCE March 2015 This presentation was prepared exclusively for the benefit and internal use of the J.P. Morgan client or potential client to whom it is directly

More information

Euronet s EMV Chip Solutions Superior Protection with Enhanced Security against Fraud

Euronet s EMV Chip Solutions Superior Protection with Enhanced Security against Fraud Serving millions of people worldwide with electronic payment convenience. Euronet s EMV Chip Solutions Superior Protection with Enhanced Security against Fraud Copyright 2011 Euronet Worldwide, Inc. All

More information

OpenEdge Research & Development Group May 2015

OpenEdge Research & Development Group May 2015 Pulse of the Market: Merchant Survey Findings on EMV Knowledge, Attitudes & Readiness OpenEdge Research & Development Group May 2015 developers@openedgepay.com openedgepay.com Table of Contents Overview...

More information

PAYWARE MERCHANT MANAGED SERVICE

PAYWARE MERCHANT MANAGED SERVICE PAYWARE MERCHANT MANAGED SERVICE PAYware MerchanT Managed Service We focus on payments, so you can drive sales Whether you re selling goods or services, managing your own internal high volume payments

More information

Guide to Data Field Encryption

Guide to Data Field Encryption Guide to Data Field Encryption Contents Introduction 2 Common Concepts and Glossary 3 Encryption 3 Data Field Encryption 3 Cryptography 3 Keys and Key Management 5 Secure Cryptographic Device 7 Considerations

More information

Target Security Breach

Target Security Breach Target Security Breach Lessons Learned for Retailers and Consumers 2014 Pointe Solutions, Inc. PO Box 41, Exton, PA 19341 USA +1 610 524 1230 Background In the aftermath of the Target breach that affected

More information

Visa Recommended Practices for EMV Chip Implementation in the U.S.

Visa Recommended Practices for EMV Chip Implementation in the U.S. CHIP ADVISORY #20, UPDATED JULY 11, 2012 Visa Recommended Practices for EMV Chip Implementation in the U.S. Summary As issuers, acquirers, merchants, processors and vendors plan and begin programs to adopt

More information

EMV FAQs. Contact us at: CS@VancoPayments.com. Visit us online: VancoPayments.com

EMV FAQs. Contact us at: CS@VancoPayments.com. Visit us online: VancoPayments.com EMV FAQs Contact us at: CS@VancoPayments.com Visit us online: VancoPayments.com What are the benefits of EMV cards to merchants and consumers? What is EMV? The acronym EMV stands for an organization formed

More information

Cash 257 Merchant Services and Revenue Collection

Cash 257 Merchant Services and Revenue Collection CPIM Academy Cash 257 Merchant Services and Revenue Collection 2015 Objectives Feel prepared to discuss/understand basics of merchant processing Understand Service Fees Difference between credit and debit

More information