Your Single Source. for credit, debit and pre-paid services. Fraud Risk and Mitigation
|
|
- Randolf Walker
- 8 years ago
- Views:
Transcription
1 Your Single Source for credit, debit and pre-paid services Fraud Risk and Mitigation
2 Agenda Types of Fraud Fraud Identification Notifications Next Steps 11/8/2013 2
3 Types of Fraud Lost and Stolen Cards Fraudulent Applications Account Takeover Unauthorized Use of Card Numbers Counterfeit Cards and Skimming Account Testing PIN Authentication Attacks Merchant System PIN Theft Not-Received-Items Cardholder Bust-Outs Balance Transfer Fraud Identity Theft 11/8/2013 3
4 Types of Fraud Which types of fraud has your organization experienced in the past year? Debit/credit card fraud: 84% How is a fraud incident involving your organization typically detected? Cardholder notification: 82% Which non-financial losses did your organization suffer from fraud incidents? Loss of productivity: 59% 2012 Information Security Media Group Survey 11/8/2013 4
5 FRAUD IDENTIFICATION How is fraud identified? Cardholder Notification Fraud Alert Detection System Daily Reports Compromised Card Alerts 11/8/2013 5
6 FRAUD IDENTIFICATION-Cardholder Notification If a Member alerts the Credit Union of fraudulent transactions, block and reissue the card. Determine if: Cardholder was involved in phishing, phone, smishing or any other form of fraud. Was the PIN used. Was the card number on any Compromised Alert. Can a Common Point of Purchase ( a common merchant where all the cards were used legitimately) be determined. Begin the Chargeback process/report fraud Notify ICUL Service Corp. 11/8/2013 6
7 FRAUD IDENTIFICATION-Fraud Detection System Each transaction processed through the MasterCard, Visa and Discover authorization systems is scored by the associations as well as the card processor s neural network and generates a Risk Score. This score represents the probability that the credit card transaction, signature debit transaction, ATM, or pinned POS transaction could be fraudulent. The higher the score, the greater the possibility of fraudulent activity. Alerts will be generated by your processor for investigation once they exceed the designated score threshold level. These alerts for at risk transactions can be found on the fraud application of your processor s desktop system, if applicable, or on your daily fraud reports. 11/8/2013 7
8 FRAUD IDENTIFICATION-Fraud Detection System When a Fraud Alert/phone message is received by the Cardholder from the Fraud Department of the card processor, the following steps should be taken: Cardholders should call the Credit Union to verify transactions. If the Credit Union is called, the card processor should also be notified to confirm the transactions. If you have a fraud application on your desktop system that allows you to tag the cardholder s transactions and notify the fraud department with a message, no phone call is necessary. 11/8/2013 8
9 FRAUD IDENTIFICATION-Fraud Detection System When a Fraud Alert is received by the Credit Union the following steps should be taken: Monitor fraud systems on desktop applications, if available. Review faxes, s, or reports received from the card processor and notify the cardholder immediately via phone, or mail to verify transactions. If the transactions are determined to be fraud, block and reissue the card and alert the card processor Fraud Dept. or report on the processors desktop system. The Credit Union should begin the chargeback process. The card number should be checked against prior Compromised Card Alerts received by the Credit Union. Monitor fraud alerts for similar patterns of fraudulent transactions on other cards. Attempt to determine a Common Point of Purchase (CPP is a common merchant where all the cards were used legitimately) Notify ICUL Service 11/8/2013 9
10 FRAUD IDENTIFICATION-Daily Reports Daily Authorization Reports should be monitored for: Unusual Activity Multiple declines or authorizations from the same merchant. Invalid Card Numbers Attempts to get an authorization for card numbers not issued by the credit union. Daily Fraud Reports should be monitored for: Unconfirmed Fraud These cardholders should be addressed right away Confirmed Fraud Follow up calls to the cardholder should be made 11/8/
11 FRAUD IDENTIFICATION-Compromised Card Alerts The card associations (MasterCard, VISA and Discover) or LSC Card Services sends an notification to your credit union alerting you that some of your accounts are at risk due to hacking of a merchant s database, investigation by law enforcement, or review of accounts that have been forwarded by another card association member. This is equivalent to an RA (Review and Analysis) CAMs alert that VISA sends. The notification will give details of the alert and will help to decision through how the alert should be managed. 11/8/
12 FRAUD IDENTIFICATION-Compromised Card Alerts VISA Alert ***This is a PROACTIVE ALERT provided prior to confirmation of a compromise incident or substantiated forensic evidence of a breach.*** Case Number: US a-PA Date: May 1, 2013 Entity Type: Brick & Mortar Suspected Data Elements at Risk: - Track 1: Yes - Track 2: Yes Fraud Reported: Yes Estimated Exposure Window: September 1, 2012 to December 31, /8/
13 FRAUD IDENTIFICATION-Compromised Card Alerts IC Internet Compromise Accounts that were compromised by means of a network intrusion or vulnerabilities discovered in point-of-sale applications. An example would be a hacker gaining access to a merchant's database Unauthorized use of internal network Entities that are identified as a CPP but do not have a forensic investigation; out of business or outright refuse to have one. The type of entity can be Brick and Mortar or ecommerce LE Law Enforcement Accounts sent to Visa Fraud Control & Investigations by law enforcement; typically as a result of the execution of a search warrant or an arrest of a suspect Accounts recovered in an investigation by law enforcement from another region RE Recovered Accounts Accounts being posted on the Internet or other miscellaneous recovered accounts not elsewhere classified RA Review and Analysis The accounts may or may not be at risk however based on the circumstances, they require a closer look by Issuers. Testing of accounts that are provided by Decision Sciences. Lost /stolen equipment, PCs, servers and data tapes track and non-track Device Tampering or Skimming PA Proactive Alert Early alert of a potential compromised event and possible at-risk accounts by means of a network intrusion or vulnerabilities discovered in point-of-sale applications A PA event is unconfirmed and the forensic investigation has not been completed 11/8/
14 FRAUD IDENTIFICATION-Compromised Card Alerts MasterCard Alerts - Account Data Compromise Notification The MasterCard Fraud Management department has been notified of a situation in which MasterCard payment accounts have been exposed to possible compromise. Case Number MCA0320-US-13 ICA xxxx 2 accounts Event Description Security breach of a US merchant s ecommerce network A data security firm has been engaged to conduct an onsite forensic investigation This Alert discloses the payment account numbers of MasterCard accounts that were exposed to compromise. Nature of Account Data Potentially At Risk Payment account number, expiration date and CVC2 At-Risk Time Period March 1, 2012 through January 14, /8/
15 FRAUD IDENTIFICATION-Compromised Card Alerts Credit Union Actions: When notification of a Compromised Card Alert is received, the following actions should take place: Evaluate the information and card numbers received in the alert. Determine how many of the compromised card numbers are still active. If you have closed card numbers that were involved in fraud, look to see if the fraud pattern that warranted the closing of the card record matches or is similar with the circumstances or fraud pattern described in the Compromised Card Alert message. 11/8/
16 FRAUD IDENTIFICATION-Compromised Card Alerts After your evaluation of the card numbers on the Compromised Card Alerts, you determine that some of the numbers have been closed because fraud has been reported, you can minimize your risk by: Consider these card records at high risk for fraud and close and reissue with a new card number. Contact your member and advise to continue monitoring card activity and to report any unauthorized transactions that post to their account. 11/8/
17 FRAUD IDENTIFICATION-Compromised Card Alerts If you haven t seen any signs of fraud that you believe could be linked to the reported account compromise card alert, and choose to monitor the active card numbers on the alert, you can minimize your risk for incidents involving the compromise of full track data by: Determining if any of the accounts were reissued after the compromise date. If so, you may not need to consider these accounts as high- risk, since they would have been reissued with a different Card Verification Value (CVV) and expiration date. 11/8/
18 FRAUD IDENTIFICATION-Compromised Card Alerts Check for upcoming expirations. Of the affected accounts, determine how many of them will be expiring in the next 30 to 180 days. Consider moving up the reissue on those accounts. Utilize Processors Neural Network fraud tools. Some of the processors are offering fraud applications that monitor transaction activity on card numbers that have been listed on a compromised account alert. Card numbers from Compromised Alerts should be saved for use in the future when cardholders report fraud. If a cardholder reports fraud, that card number should be checked against past Alerts to determine if it had been reported as compromised. If so, all cards on that list, not previously re-issued, should be blocked and reissued. 11/8/
19 Notifications If your Credit Union is seeing a pattern of fraud, the following steps should be taken: Notify the local authorities Complete a Suspicious Activity Report (SAR) Notify LSC Card Services LSC Card Services will: Notify FICO for PIN Fraud Notify VISA, MasterCard or Discover for signature Fraud Please notify LSC Card Services at with any fraud questions or assistance that your Credit Union may need. 11/8/
20 Summary Monitor, investigate, detect, analyze, and report fraudulent activity. Focus should be on these three primary functions: Prevent by following best practice recommendations and using all the fraud-prevention systems available. Detect by using the available fraud tools the card processors offer for fraud mitigation. Report by notifying processors through chargebacks and desktop system, if available and LSC Card Services 11/8/
21 What else.. Introducing the LSC Card Services Risk Management Mailbox Internal Risk Management Team that will answer your questions regarding: Fraud Trends Fraud Mitigation Best Practices Tools 11/8/
22 What else.. LSC Website Fraud-Important Information 11/8/
23 What s Next Coming Soon Open forum to promote information sharing and increase awareness of fraud activities Webinars Roundtable discussions throughout the year 11/8/
24 Questions????? 11/8/
25 Thank You Contact LSC Card Services at /8/
Visa global Compromised Account
Visa global Compromised Account RECOVERY PROGRAM WHAT EVERY MERCHANT SHOULD KNOW ABOUT GCAR WHAT EVERY MERCHANT SHOULD KNOW ABOUT GCAR WHAT The Visa Global Compromised Account Recovery (GCAR) program offers
More informationFIGHTING FRAUD: IMPROVING INFORMATION SECURITY TESTIMONY OF JOHN J. BRADY VICE PRESIDENT, MERCHANT FRAUD CONTROL MASTERCARD INTERNATIONAL
FIGHTING FRAUD: IMPROVING INFORMATION SECURITY TESTIMONY OF JOHN J. BRADY VICE PRESIDENT, MERCHANT FRAUD CONTROL MASTERCARD INTERNATIONAL Before the Subcommittee on Financial Institutions and Consumer
More informationWith the Target breach on everyone s mind, you may find these Customer Service Q & A s helpful.
With the Target breach on everyone s mind, you may find these Customer Service Q & A s helpful. Breach Overview Q: Media reports are stating that Target experienced a data breach. Can you provide more
More informationCyber - Security and Investigations. Ingrid Beierly August 18, 2008
Cyber - Security and Investigations Ingrid Beierly August 18, 2008 Agenda Visa Cyber - Security and Investigations Today s Targets Recent Attack Patterns Hacking Statistics (removed) Top Merchant Vulnerabilities
More informationHandling Debit Card, ATM, & Point-of-Sale Fraud
Handling Debit Card, ATM, & Point-of-Sale Fraud First Things First You have noticed fraudulent transactions involving your Debit Card, ATM, or Point-of-Sale (POS). You should contact us immediately to
More informationHandling Debit Card, ATM, & Point-of-Sale Fraud
Handling Debit Card, ATM, & Point-of-Sale Fraud First Things First You have noticed fraudulent transactions involving your Debit Card, ATM, or Point-of-Sale (POS). You should contact us immediately to
More informationEffectively Managing Data Breaches
Effectively Managing Data Breaches May 27, 2015 Stoddard Lambertson Cyber Intelligence and Investigations Justina Jow Cyber Intelligence and Investigations Disclaimer The information or recommendations
More informationHow To Spot & Prevent Fraudulent Credit Card Activity
Datalink Bankcard Services How To Spot & Prevent Fraudulent Credit Card Activity White Paper 2013 According to statistics from the U.S. Department of Justice and the Consumer Sentinel Network, credit card
More informationAvoiding Fraud. Learn to recognize the warning signs for fraud and follow these card acceptance guidelines to reduce your risk.
Avoiding Fraud Learn to recognize the warning signs for fraud and follow these card acceptance guidelines to reduce your risk. Intoduction Fraud comes in many forms and hurts merchants of all sizes. Whether
More informationBinBase.com REPORT: credit card fraud
BinBase.com REPORT: credit card fraud Whether you are a security specialist, an e-commerce web developer, or an online merchant, a knowledge of how credit card fraud works and what you can do to prevent
More informationFraud Prevention and Program Security Gord Jamieson Director Risk Management & Security Visa Canada Association
Fraud Prevention and Program Security Gord Jamieson Director Risk Management & Security Visa Canada Association Evolution of Risk Management Controls Presentation text goes here. Presentation text goes
More informationUSDA: Handling Fraud and Disputes. Deanna Hanson CPS Fraud Support Analyst
USDA: Handling Fraud and Disputes Deanna Hanson CPS Fraud Support Analyst Agenda What is fraud? Fraud trends Fraud case lifecycle Fraud and dispute process Tips to prevent fraud 2 Fraud Overview and Trends
More informationTo all GRSB debit and credit card customers:
To all GRSB debit and credit card customers: A data breach at the Target Corporation may have exposed 40 million credit/debit cards to potential fraudulent activity. If you made purchases in a Target store
More informationPCI General Policy. Effective Date: August 2008. Approval: December 17, 2015. Maintenance of Policy: Office of Student Accounts REFERENCE DOCUMENTS:
Effective Date: August 2008 Approval: December 17, 2015 PCI General Policy Maintenance of Policy: Office of Student Accounts PURPOSE: To protect against the exposure and possible theft of account and personal
More informationFraud Protection, You and Your Bank
Fraud Protection, You and Your Bank Maximize your chances to minimize your losses Presentation for Missouri GFOA April 2011 By: Terry Endres, VP, Government Treasury Solutions Phone: 314-466-6774 Terry.m.endres@baml.com
More informationInformation Technology
Credit Card Handling Security Standards Overview Information Technology This document is intended to provide guidance to merchants (colleges, departments, organizations or individuals) regarding the processing
More informationNew Account Reference Guide
New Account Reference Guide Welcome to BBVA Compass Merchant Services Thank you for choosing BBVA Compass as your Merchant Services provider. BBVA Compass is dedicated to providing your business with the
More informationFrequently Asked Questions
PCI Compliance Frequently Asked Questions Table of Content GENERAL INFORMATION... 2 PAYMENT CARD INDUSTRY DATA SECURITY STANDARD (PCI DSS)...2 Are all merchants and service providers required to comply
More informationMitigating Fraud Risk Through Card Data Verification
Risk Management Best Practices 11 September 2014 Mitigating Fraud Risk Through Card Data Verification AP, Canada, CEMEA, LAC, U.S. Issuers, Processors With a number of cardholder payment options (e.g.,
More informationData Security for the Hospitality
M&T Bank and SecurityMetrics Present: Data Security for the Hospitality Industry Featuring Lee Pierce, SecurityMetricsStrategicStrategic Accounts Dave Ellis, SecurityMetrics Forensic Investigator Doug
More informationHeartland Secure. By: Michael English. A Heartland Payment Systems White Paper 2014. Executive Director, Product Development
A Heartland Payment Systems White Paper 2014 Heartland Secure. By: Michael English Executive Director, Product Development 2014 Heartland Payment Systems. All trademarks, service marks and trade names
More informationLangara College PCI Awareness Training
Langara College PCI Awareness Training Have you heard of PCI? Due to the increase of credit card fraud and identity theft, major credit card companies like Visa, MasterCard and Amex have formed a security
More informationWhat To Do if Compromised. Visa USA Fraud Investigations and Incident Management Procedures
What To Do if Compromised Visa USA Fraud Investigations and Incident Management Procedures Table of Contents Introduction......................................................... 1 Identifying and Detecting
More informationFranchise Data Compromise Trends and Cardholder. December, 2010
Franchise Data Compromise Trends and Cardholder Security Best Practices December, 2010 Franchise Data Security Agenda Cardholder Data Compromise Overview Breach Commonalities Hacking Techniques Franchisee
More informationCommercial Payments Overview. Visa Commercial Partnerships October 2013
Commercial Payments Overview Visa Commercial Partnerships October 2013 Agenda Commercial Payments VisaNet Commercial Payments Trends Fraud/Risk Mitigation Regulatory update Visa Commercial Payments Overview
More informationPayment Methods. The cost of doing business. Michelle Powell - BASYS Processing, Inc.
Payment Methods The cost of doing business Michelle Powell - BASYS Processing, Inc. You ve got to spend money, to make money Major Industry Topics Industry Process Flow PCI DSS Compliance Risks of Non-Compliance
More informationEMV and Small Merchants:
September 2014 EMV and Small Merchants: What you need to know Mike English Executive Director, Product Development Heartland Payment Systems 2014 Heartland Payment Systems, Inc. All trademarks, service
More informationWhat To Do if Compromised. Visa USA Fraud Investigations and Incident Management Procedures
What To Do if Compromised Visa USA Fraud Investigations and Incident Management Procedures Table of Contents Introduction......................................................... 1 Security Breach Reporting............................................
More informationUCSD Credit Card Processing Policy & Procedure
UCSD Credit Card Processing Policy & Procedure The Payment Process UCSD accepts Visa, MasterCard, American Express and Discover credit cards. We perform credit transactions only, no debit sales with cash
More informationProtecting the POS Answers to Your Frequently Asked Questions
Protecting the POS Answers to Your Frequently Asked Questions PROTECTING THE POS What is skimming? Skimming is the transfer of electronic data from one magnetic stripe to another for fraudulent purposes.
More informationCard Network Update Chip (EMV) Acceptance in the United States At-A-Glance
Card Network Update Chip (EMV) Acceptance in the United States At-A-Glance Allegiance Merchant Services is committed to assisting you in navigating through the various considerations that you may face
More informationIdentifying Security. Payment System. Federal Reserve Bank. Ellen Richey Chief Enterprise Risk Officer Visa Inc. Visa Public
Identifying Security Issues in the Retail Payment System Federal Reserve Bank Chicago Ellen Richey Chief Enterprise Risk Officer Visa Inc. June 5, 2008 Agenda 1. The Data Security Landscape 2. Recent Trends
More informationDATA BREACHES AND ITS IMPACT ON CONSUMERS
DATA BREACHES AND ITS IMPACT ON CONSUMERS AGENDA About UNCLE Credit Union Current Trends Financial Industry Target Breach EMV 3 Layers Of Prevention Cybersecurity Framework Protecting Your Identity Legislative
More informationGuideline on Debit or Credit Cards Usage
CMSGu2012-04 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Debit or Credit Cards Usage National Computer Board Mauritius
More informationMasterCard Debit Card Disputes and Fraud Claims
MasterCard Debit Card Disputes and Fraud Claims For the credit union to process your MasterCard dispute or fraud claim in a timely manner, please follow this comprehensive member guide. Rutgers Federal
More informationJosiah Wilkinson Internal Security Assessor. Nationwide
Josiah Wilkinson Internal Security Assessor Nationwide Payment Card Industry Overview PCI Governance/Enforcement Agenda PCI Data Security Standard Penalties for Non-Compliance Keys to Compliance Challenges
More informationAIS Webinar. Payment Application Security. Hap Huynh Business Leader Visa Inc. 1 April 2009
AIS Webinar Payment Application Security Hap Huynh Business Leader Visa Inc. 1 April 2009 1 Agenda Security Environment Payment Application Security Overview Questions and Comments Payment Application
More informationHOME DEPOT DATA BREACH
HOME DEPOT DATA BREACH This notice contains important information about the data breach announced by Home Depot, affecting some debit and credit cards used at Home Depot stores beginning April 2014. Data
More informationThe need for a secure & trusted payment instrument in e-commerce. Ali AlMeshal
The need for a secure & trusted payment instrument in e-commerce Ali AlMeshal In Physical/Real World Hand over card Visual check Swipe in POS Online authorization Receipt with signature panel Sign or Pin
More informationPayment Card Industry Data Security Standard (PCI DSS) Q & A November 6, 2008
Payment Card Industry Data Security Standard (PCI DSS) Q & A November 6, 2008 What is the PCI DSS? And what do the acronyms CISP, SDP, DSOP and DISC stand for? The PCI DSS is a set of comprehensive requirements
More informationStatement of. Carlos Minetti. Discover Financial Services. Before the. Subcommittee on Oversight and Investigations. of the
Statement of Carlos Minetti Discover Financial Services Before the Subcommittee on Oversight and Investigations of the Committee on Financial Services United States House of Representatives July 21, 2005
More informationADVANCING FRAUD MANAGEMENT FOR MORE SECURE PAYMENTS ADVANCING COMMERCE
FOR MORE SECURE PAYMENTS THE PEOPLE, PERSPECTIVE, AND PRODUCTS CUSTOMERS TRUST TO SAFEGUARD PAYMENT CARD DATA MasterCard is Committed to Helping Secure the Payment System For more than 40 years, MasterCard
More informationEMV and Restaurants What you need to know! November 19, 2014
EMV and Restaurants What you need to know! Mike English Executive Director of Product Development Kristi Kuehn Sr. Director, Compliance November 9, 204 Agenda EMV overview Timelines Chip Card Liability
More informationEMV EMV TABLE OF CONTENTS
2 TABLE OF CONTENTS Intro... 2 Are You Ready?... 3 What Is?... 4 Why?... 5 What Does Mean To Your Business?... 6 Checklist... 8 3 U.S. Merchants 60% are expected to convert to -enabled devices by 2015.
More informationFREQUENTLY ASKED QUESTIONS - CHARGEBACKS
FREQUENTLY ASKED QUESTIONS - CHARGEBACKS # Questions Answer 1 What is a Chargeback? A Chargeback is the term used by Banks for debiting a merchant s bank account due to successful return of a transaction
More informationUnderstanding a Data Compromise and How to Respond. A Communications Guide for Issuers
Understanding a Data Compromise and How to Respond A Communications Guide for Issuers Who Should Use this Guide: Front-Line Marketing, Communications and Product Contacts at Issuing Financial Institutions.
More informationFraud Prevention Issuer s Best Practice Guide
Issuer s Best Practice Guide Rev. March 2011 www.fisglobal.com Copyright 2006 by FIS Card Services, Inc., a wholly owned subsidiary of FIS, Inc. All rights reserved. Printed in the United States of America.
More informationDATA BREACHES: HOW IT IMPACTS THE CUSTOMER & THE FINANCIAL INSTITUTION. Prepared For: First Citizens Federal Credit Union 3/18/2015
DATA BREACHES: HOW IT IMPACTS THE CUSTOMER & THE FINANCIAL INSTITUTION. Prepared For: First Citizens Federal Credit Union TABLE OF CONTENTS Data Breach Trends Financial Institutions Impact How First Citizens
More informationEMV and Restaurants: What you need to know. Mike English. October 2014. Executive Director, Product Development Heartland Payment Systems
October 2014 EMV and Restaurants: What you need to know Mike English Executive Director, Product Development Heartland Payment Systems 2014 Heartland Payment Systems, Inc. All trademarks, service marks
More informationHow to Help Prevent Fraud
TD Canada Trust How to Help Prevent Fraud Merchant Services tips to help protect your business Fraud Awareness All credit cards issued in Canada are designed with special security features to help deter
More informationCredit/Debit Card Processing Requirements and Best Practices. Adele Honeyman Oregon State Treasury Training Specialist
Credit/Debit Card Processing Requirements and Best Practices Adele Honeyman Oregon State Treasury Training Specialist 1 What? What do I need to know about excepting credit cards? Who s involved, how it
More informationOakland Family Services - Was Your Email Hacked?
Oakland Family Services Information Breach FAQs 1. What happened? An unauthorized individual remotely gained access to the email account of one Oakland Family Services employee July 14, 2015 resulting
More informationTarget Data Breach Survey of Illinois Banks. Executive Summary
Target Data Breach Survey of Illinois Banks Executive Summary February 2014 www.ilbanker.com Target Data Breach Survey of Illinois Banks Executive Summary In December of 2013, just days before the holidays,
More informationThis notice contains important information about the data breaches announced by Home Depot, Kmart and Dairy Queen.
RECENT DATA BREACHES This notice contains important information about the data breaches announced by Home Depot, Kmart and Dairy Queen. Data security is a number one priority at Northwest. We take every
More informationPolicy for Protecting Customer Data
Policy for Protecting Customer Data Store Name Store Owner/Manager Protecting our customer and employee information is very important to our store image and on-going business. We believe all of our employees
More informationOuachita Baptist University. Identity Theft Policy and Program
Ouachita Baptist University Identity Theft Policy and Program Under the Federal Trade Commission s Red Flags Rule, Ouachita Baptist University is required to establish an Identity Theft Prevention Program
More informationTarget Security Breach
Target Security Breach Lessons Learned for Retailers and Consumers 2014 Pointe Solutions, Inc. PO Box 41, Exton, PA 19341 USA +1 610 524 1230 Background In the aftermath of the Target breach that affected
More informationFor more information on SQL injection, please refer to the Visa Data Security Alert, SQL Injection Attacks, available at www.visa.
Global Partner Management Notice Subject: Visa Data Security Alert Malicious Software and Internet Protocol Addresses Dated: April 10, 2009 Announcement: The protection of account information is a responsibility
More informationRetrieval & Chargeback Best Practices
Retrieval & Chargeback Best Practices A Merchant User s Guide to Help Manage Disputes Version Three November, 2010 www.firstdata.com THIS PAGE INTENTIONALLY LEFT BLANK. Developed by: First Data Payment
More informationBest safe and secure practices
Best safe and secure practices For cards transactions BANKOMAT DEF 3 MNO 6 CLEAR - CANCEL x WXY 9 ENTER O BANKOMAT Maintaining the card and PIN number Using a card is highly valuable and provides opportunities
More informationFREQUENTLY ASKED QUESTIONS
FREQUENTLY ASKED QUESTIONS 1. What is the YES BANK MasterCard SecureCode? The MasterCard SecureCode is a service offered by YES BANK in partnership with MasterCard. This authentication is basically a password
More informationPayments Fraud: It's Not Fun & Games
Payments Fraud: It's Not Fun & Games Claudia Swendseid Senior Vice President Payments Information & Outreach Office Federal Reserve Bank of Minneapolis NACHA Payments 2015 Claudia Swendseid Senior Vice
More informationSeptember 20, 2013 Senior IT Examiner Gene Lilienthal
Cyber Crime September 20, 2013 Senior IT Examiner Gene Lilienthal The following presentation are views and opinions of the speaker and does not necessarily reflect the views of the Federal Reserve Bank
More informationMerchant Account Service
QuickBooks Online Edition Feature Guide Merchant Account Service C o n t e n t s Introduction............................. 2 What is a merchant account?.................. 2 What types of credit cards can
More informationHow To Protect Your Credit Card Information From Being Stolen
Visa Account Information Security Tool Kit Welcome to the Visa Account Information Security Program 2 Contents 1. Securing cardholder data is everyone s concern 4 2. Visa Account Information Security (AIS)
More informationPowering e-commerce Globally. What Can I Do to Minimize E-Commerce Chargebacks?
Powering e-commerce Globally What Can I Do to Minimize E-Commerce Chargebacks? Chargebacks are not going away. And now there are new rules. Selling products and services online and using credit cards for
More informationKey Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking
Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking SUMMARY The Payment Card Industry Data Security Standard (PCI DSS) defines 12 high-level security requirements directed
More informationMerchant Services. How to help protect your business
Please immediately report any suspicious activity involving credit card or debit card use to TD Merchant Services at 1-800-6-116 For more information, visit www.tdmerchantservices.com Merchant Services
More information* Any merchant that has suffered a hack that resulted in an account data compromise may be escalated to a higher validation level.
Q: What is PCI? A: The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain
More informationFraud and Identity Theft. Megan Stearns, Credit Counselor
Fraud and Identity Theft Megan Stearns, Credit Counselor Agenda Fraud and identity theft statistics Fraud Identity theft Identity theft prevention Protecting your Social Security Number Online prevention
More informationTravel Card. Cardholder Frequently Asked Questions. June 2014 T.FQ.S.20141.E
Travel Card Cardholder Frequently Asked Questions Travel Card (1) Where can I use my card? Your card may be used anywhere debit cards are accepted. The brand marks on your card indicate where the card
More informationCREDIT CARD MERCHANT POLICY. All campuses served by Louisiana State University (LSU) Office of Accounting Services
Louisiana State University Finance and Administrative Services Operating Procedure FASOP: AS-22 CREDIT CARD MERCHANT POLICY Scope: All campuses served by Louisiana State University (LSU) Office of Accounting
More informationSTATE EMPLOYEES CREDIT UNION VISA GIFT CARD TERMS AND CONDITIONS Effective September 2013
STATE EMPLOYEES CREDIT UNION VISA GIFT CARD TERMS AND CONDITIONS Effective September 2013 This Cardholder Agreement ( Agreement") sets forth the terms and conditions of your SECU Visa Gift Card ( Card
More informationEMV FAQs. Contact us at: CS@VancoPayments.com. Visit us online: VancoPayments.com
EMV FAQs Contact us at: CS@VancoPayments.com Visit us online: VancoPayments.com What are the benefits of EMV cards to merchants and consumers? What is EMV? The acronym EMV stands for an organization formed
More informationSECTION: SUBJECT: PCI-DSS General Guidelines and Procedures
1. Introduction 1.1. Purpose and Background 1.2. Central Coordinator Contact 1.3. Payment Card Industry Data Security Standards (PCI-DSS) High Level Overview 2. PCI-DSS Guidelines - Division of Responsibilities
More informationPAYROLL CARD FREQUENTLY ASKED QUESTIONS
The following document provides answers to frequently asked questions regarding the Umpqua Bank Payroll Card. Contact Customer Care at 800-650-7141 with questions. Card Basics Q. How does the Payroll Card
More informationPCI DSS Security Awareness Training for University of Tennessee Credit Card Merchants. UT System Administration Information Security Office
PCI DSS Security Awareness Training for University of Tennessee Credit Card Merchants UT System Administration Information Security Office Agenda Overview of PCI DSS Compliance versus Non-Compliance PCI
More informationCITY OF MARQUETTE, MICHIGAN CITY COMMISSION POLICY
CITY OF MARQUETTE, MICHIGAN CITY COMMISSION POLICY Policy Number: 2008-02 Date Adopted: October 27, 2008 Department: Administrative SUBJECT: IDENTITY THEFT PREVENTION PROGRAM I. OBJECTIVE: A. To protect
More informationHarvard University Payment Card Industry (PCI) Compliance Business Process Documentation
Harvard University Payment Card Industry (PCI) Compliance Business Process Documentation Business Process: Documented By: PCI Data Security Breach Stephanie Breen Creation Date: 1/19/06 Updated 11/5/13
More informationProtecting Yourself When You're a Victim of Identity Theft, Forgery or Fraud
Protecting Yourself When You're a Victim of Identity Theft, Forgery or Fraud Credit Card Fraud If someone has stolen or is fraudulently using credit cards that are issued to you (including any ATM/Debit/Check
More informationAcceptance to Minimize Fraud
Best Practices for Credit Card Acceptance to Minimize Fraud By implementing best practices in credit card processing, you decrease the likelihood of fraudulent transactions and chargebacks. In general,
More informationFraud Minimisation Guide ANZ Merchant Business Solutions
Fraud Minimisation Guide ANZ Merchant Business Solutions INTRODUCTION Fraud can occur in and is a risk for any business that accepts credit cards and it can have a significant financial impact on your
More informationFall Conference November 19 21, 2013 Merchant Card Processing Overview
Fall Conference November 19 21, 2013 Merchant Card Processing Overview Agenda Industry Definition Process Flows Processing Costs Chargeback's Payment Card Industry (PCI) Guidelines for Convenience Fees
More informationVisa Student Card Terms and Conditions. These are your Student Card Terms and Conditions.
Visa Student Card Terms and Conditions These are your Student Card Terms and Conditions. "Agreement" means these Visa Student Card Terms and Conditions. "We" "us" and "our" refer to Bank-Fund Staff Federal
More informationPRACTICAL MONEY GUIDES DEBIT CARD BASICS. What you need to know about using your debit card
PRACTICAL MONEY GUIDES DEBIT CARD BASICS What you need to know about using your debit card MONEY IN THE BANK If credit cards mean pay later, debit cards mean pay now. These cards are issued by your bank,
More informationIdentity Theft Packet
BOULDER POLICE DEPARTMENT 1805 33 rd Street Boulder, CO 80301 Identity Theft Packet ** Use this packet when the crime involves the stealing of someone's identity, such as when a victim finds out that someone
More informationUniversity Policy Accepting and Handling Payment Cards to Conduct University Business
BROWN UNIVERSITY University Policy Accepting and Handling Payment Cards to Conduct University Business Table of Contents Purpose... 2 Scope... 2 Authorization... 2 Establishing a new account... 2 Policy
More informationCREDIT CARD PROCESSING POLICY AND PROCEDURES
CREDIT CARD PROCESSING POLICY AND PROCEDURES Note: For purposes of this document, debit cards are treated the same as credit cards. Any reference to credit cards includes credit and debit card transactions.
More informationAppendix 1 - Credit Card Security Incident Response Plan
Appendix 1 - Credit Card Security Incident Response Plan 1 Contents Revisions/Approvals... i Purpose... 2 Scope/Applicability... 2 Authority... 2 Security Incident Response Team... 2 Procedures... 3 Incident
More information1. Ask what your financial institution knows or has personally experienced with regard to internal and external data breaches.
Part 1: Internal & External Data Breach Vulnerabilities Presented on: Thursday, February 12, 2 3 ET Co presented by: Ann Davidson VP of Risk Consulting at Allied Solutions Joe Majka CSO at Verifone 1 Breakdown
More informationPROTECTION OF OUR MERCHANTS AND REFERRAL PARTNERS IS OUR FIRST CONCERN
PCI Q: What is PCI? A: The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information
More informationThis policy applies to all GPC units that process, transmit, or handle cardholder information in a physical or electronic format.
Policy Number: 339 Policy Title: Credit Card Processing Policy, Procedure, & Standards Review Date: 07-23-15 Approval Date: 07-27-15 POLICY: All individuals involved in handling credit and debit card transactions
More informationA multi-layered approach to payment card security.
A multi-layered approach to payment card security. CARD-NOT-PRESENT 1 A recent research study revealed that Visa cards are the most widely used payment method at Canadian websites, on the phone, or through
More informationNEWS BULLETIN 2015-16
NEWS BULLETIN Maine Automobile Dealers Association 180 Civic Center Drive P. O. Box 2667 Augusta, Maine 04338-2667 DIAL 623-3882 e-mail:info@maineautodealers.com FAX 623-2318 DISTRIBUTION General Manager
More informationA+FCU GIFT CARD TERMS AND CONDITIONS
PO Box 14867 Austin, TX 78761-4867 512-302-6800 800-252-8148 www.aplusfcu.org A+FCU GIFT CARD TERMS AND CONDITIONS These terms and conditions ( Agreement ) govern the issuance and use of the A+ FCU Gift
More informationWhy Data Security is Critical to Your Brand
Why Data Security is Critical to Your Brand Why security is critical to your brand Cybercriminals do not discriminate based on industry or business size. Security is expensive. At least, it is if you wait
More information2014 Payments Fraud Survey
2014 Payments Fraud Survey Summary of Consolidated Results Payments Information & Outreach Office Federal Reserve Bank of Minneapolis December 2014 Topics Survey Methodology & Respondent Profile Fraud
More informationGetting Started. Quick Reference Guide for Payment Processing
Getting Started Quick Reference Guide for Payment Processing In today s competitive landscape, you have many choices when it comes to selecting your payments provider, and we appreciate your business.
More informationPOLICY & PROCEDURE DOCUMENT NUMBER: 3.3101. DIVISION: Finance & Administration. TITLE: Policy & Procedures for Credit Card Merchants
POLICY & PROCEDURE DOCUMENT NUMBER: 3.3101 DIVISION: Finance & Administration TITLE: Policy & Procedures for Credit Card Merchants DATE: October 24, 2011 Authorized by: K. Ann Mead, VP for Finance & Administration
More informationUNL PAYMENT CARD POLICY AND PROCEDURES. Table of Contents
UNL PAYMENT CARD POLICY AND PROCEDURES Table of Contents Payment Card Merchant Security Standards Policy and Procedures... 2 Introduction... 4 Payment Card Industry Data Security Standard... 4 Definitions...
More information