Payment Processing considerations to comply with IRS and PCI-DSS regulations and policies

Save this PDF as:
 WORD  PNG  TXT  JPG

Size: px
Start display at page:

Download "Payment Processing considerations to comply with IRS and PCI-DSS regulations and policies"

Transcription

1 itransact Presents Payment Processing considerations to comply with IRS and PCI-DSS regulations and policies Learning Objectives At the end of this course you will be able to: Prepare for IRS 6050w and 1099-k Help Your Understand the Important of credit card security standards (PCI-DSS) Apply the Durbin Amendment to the Dodd-Frank Act to clients accepting credit cards Understanding di the benefits and considerations of accepting credit cards

2 TABLE OF CONTENTS Industry Overview IRS 6050w and 1099-K Payment Card Industry Standards Durbin Amendment The Benefits and Considerations of Accepting Credit Cards All content and images in this presentation Cop right 2011 The itransact Gro p LLC All content and images in this presentation: Copyright 2011 The itransact Group LLC. All trademarks, service marks, and trade names are the property of their respective owners.

3 Payment card processing is a $3 trillion industry, expected to reach $4.2 trillion by 2012.

4 Two sides to Merchant Card Processing: The Issuing Side and the Acquiring Side The Issuing Side: Banks, Credit Unions, Airlines, etc issue a credit card to a consumer. The Issuer has a Bank that backs the card holder for purchases The Acquiring Side: The Consumer uses the card with a Merchant and the Merchant receives credit card as payment. The Acquiring bank issues merchant accounts for the retail establishment and pays the merchant the funds from the consumer ss purchase before actually receiving them from the Issuer.

5 $1.80 Interchange Fees (paid to Issuer) $0.80 Processing Fees (paid to Acquirer) $97.40 Merchant Deposit

6 Fees a Business Owner pays Interchange Paid by the Visa/Mastercard/Discover card Acquiring Bank Member Paid to the Credit Card issuer (Citi Bank, Capitol One, et al) Every Acquirer who sells merchant accounts has to pay the same interchange. Bigger companies donʼt get a price break. The cost of each interchange category varies based on card type and acceptance method. The more it costs the Card Issuer to pay for the card, the higher the interchange rate. For example, a rewards card has a higher interchange rate than a regular credit card (someone has to pay for the air miles), which has a higher interchange rate than a debit card (low risk the money is taken right from the card holders checking account) etc. Processing Fees The fees paid by the merchant in addition to Interchange. Some Acquirers label these as Discount fees and include all fees paid, including Interchange and any additional markup.

7 Types of Acquirers Most Acquirers sell merchant accounts directly to business owners via sales agents or a separate sales company (called an ISO or Independent Sales Office). Examples: Banks, Credit Unions, First Data, itransact, Elavon, Heartland, RBS World Pay, NPC Some Acquirers operate under a Third Party model, meaning that instead of offering a traditional Merchant Account to the business owner, the Acquirer owns the Merchant Account and the business owners allow the Acquirer to process credit cards in their behalf. While using a third party is generally less expensive to get started, it often comes with restrictions on how the merchant account can be used and accessed, as well as higher fees. Examples: Pay Pal

8 Processing Methods: Card Present There are essentially two ways to accept credit cards, Card Present and Card Not Present Card Present: The customer and merchant do business face-toface, the card is present at the time of sale and swiped on a credit card terminal. Authorization is immediate and a signature is obtained (or pin number entered in the case of a pin debit transaction). Card Present transactions are significantly less expensive (by about.5% on average) but require equipment that read the magnetic stripe on a credit card and can transmit and receive data live in order to get authorization. Transmission can happen over the cell phone networks, over an analog phone line, or with an internet connection. The cost of this equipment can vary widely.

9 Processing Methods: Card Not Present Card Not Present: The credit card information is processed online via the merchantʼs website or keyed into a credit card or virtual terminal (where the card information was obtained by mail or over the phone). A signature is not obtained or the authorization is not live. While generally more expensive (due to higher likelihood of fraud), the Card Not Present method is necessary for merchants who need to accept transactions online, over the phone, or by mail. It is also an attractive alternative for merchants who need mobility but would rather not pay the generally more expensive set up costs of getting a mobile credit card terminal (and instead would rather enter credit card data into their terminal over the phone from the consumer or an employee out in the field).

10 Processing Methods: Equipment/Software Pricing Smart Phone: for small or mobile merchants, most Merchant Service Providers (Acquirers) now sell applications and paraphernalia allowing a merchant to process transactions with a smart phone. Merchants can expect to pay $100-$300 $ for set up fees and equipment purchase (card reader, printer), $10-$30 for a monthly fee, and an additional $.05 $.15 per transaction. Phone Line/Internet Terminals or Point of Sale devices: Still the standard in the industry, a merchant can expect to pay $300 - $1000+ for a stand alone terminal, depending on the complexity of the device. Lease options are also common, ranging anywhere from $30 to $100 a month for 3 or 4 years. Beware of Merchant Service Providers offering free terminals as those generally come with higher rates, hidden and annual fees, and steep cancellation penalties. Mobile Terminals: for larger mobile merchants, terminals exist that have an integrated card reader and printer, that transmit and receive data over the cell phone networks. These generally range from $600-$1000 or $60-$100 a month. Internet Gateway/Virtual terminal: for Merchants who want to allow customers to purchase from them off their website and/or who want to key transactions into an online Virtual terminal. Merchants can expect to pay a setup fee from $100-$300, a monthly fee of $15-$25, and an additional $.05 to $.15 per transaction.

11 IRS 6050w and 1099-K

12 Overview Because the IRS suspects that many merchants do not fully report their credit card processing revenue, on August 16, 2010, the IRS implemented tax code Section 6050W and related statutory changes enacted by the Housing Assistance Tax Act of 2008 (Pub. L. No ) that require Merchant Acquirers to report payments in settlement t of credit card transactions ti for each calendar year. Reporting entities will be required to file an annual information p g q return with the IRS and provide each merchant with a corresponding Form 1099-K, reporting monthly and annual gross sales.

13 Payment Card Industry Data Security Standard (PCI DSS)

14 From Wikipedia: The Payment Card Industry Data Security Standard (PCI DSS) is a worldwide information security standard defined by the Payment Card Industry Security Standards Council [with representatives from Visa, Mastercard, Discover, and American Express]. The standard was created to help payment card industry organizations that process card payments prevent credit card fraud through increased controls around data and its exposure to compromise. The standard applies to all organizations that hold, process, or exchange cardholder information from any card branded with the logo of one of the card brands.

15 Who must comply with PCI DSS? All major card brands (Visa, MC, Discover, and American Express) have Mandated that anyone who handles credit card data, including the smallest Business owner accepting credit cards, must comply py with PCI DSS. That said, The card brands do not currently enforce compliance, but if there is a breach, fines of tens of thousands of dollars could be leveled at the Merchant. How does one comply with PCI DSS? For most merchants, compliance is simply a matter of adhering to the guidelines found on the PCI website:

16 Most Merchants? The card brands categorize merchants based on the amount of credit card transactions the merchant processes annually: Level 1: Merchants who process in excess of 6 million transactions of any card brand annually Level 2: Merchants who process between 1 million and 6 million transactions of any card brand annually Level 3: Merchants who process between 20,000 and 1 million transactions of any card brand annually Level 4: All other merchants As most merchants do fewer than 20,000 transactions of any card brand Annually, most merchants are considered level 4. Merchants of level 1 3 have additional requirements that may include an onsite 3rd party assessment, a network security scan, and a Self-Assessment Questionnaire (SAQ)

17 Compliance vs. Validation Currently, level 4 merchants are not required by the card brands to validate that they are PCI compliant (though most experts suspect that that will change one day). Most Merchant Service Providers do encourage merchants to validate compliance nonetheless, for the merchantsʼ sake as well as for the sake of the Provider, who could be fined by the card brands in case of a merchant breach. Many Providers have begun leveling additional non-compliance fees to merchants who fail to validate as a way to encourage them to do so (usually $15-$30 a month). This typically equates to a Provider having a PCI program, complete with staff to help merchants validate compliance by filling out a Self-Assessment Questionnaire and, if the merchant is processing via an internet connection, to have a network system scan. Industry standard for this service is $100 to $200 annually, sometimes broken down monthly.

18 Durbin Amendment to Dodd-Frank Act

19 Overview On July 21, 2010, President Obama signed into law the Dodd-Frank Wall Street Reform and Consumer Protection Act (Pub.L , H.R. 4173). An amendment to that bill proposed by Senator Dick Durbin will force the Federal Reserve to review and lower interchange for debit card transactions. This means that after July 21, 2011 (the Fedʼs deadline), the cost to a Merchant Service Provider for debit transactions will likely decline dramatically. However, this does not necessarily guarantee that the lower cost will be Passed down from the Provider to the merchant. Thus, you could potentially help your clients save a significant ifi amount of money On their merchant processing fees by having them ask their Merchant Service Provider if they are benefitting from the lower interchange cost on Debit transactions due to the Durbin Amendment, once the new pricing Goes into effect (see next slide).

20 Be Aware of the Final Pricing It is currently not known exactly how much the cost of a debit transaction Will be lowered to. The Fedʼs current proposal is to lower cost to a cap of 12 Cents per transaction, ti but that t is being debated d and the July 21, 2011 Deadline could actually be extended by two years, pending a bill currently Being debated in the Senate. Once the new pricing goes into effect, it is unclear if the Card Brands and Associated banks will take action to compensate for their lost revenue. Most experts agree that they will, and that it will likely come in the form of Additional and/or hidden fees, and caps on the dollar amount of a debit card Transaction.

21 The Last Word Benefits and Considerations

22 Benefits and Considerations to a Business Greater Cash Flow and Savings Get paid before the customer walks out the door or leaves the website. Avoid cost associated with collection of accounts receivables. Studies show that accepting credit cards increase revenue in two ways: Dollar spent per customer increases if a business only takes cash, the customer can only spend what they have in their wallet Number of customers increases if a business does not accept credit cards, customers will often take their business elsewhere Accommodate customer s payment needs We are becoming a cashless society. Many people no longer carry check books or cash and use debit and credit cards as their primary means of paying for goods and services. Using debit and credit cards is often preferred by customers who are looking for an alternative payment method. Set up recurring charges for customers

23 About itransact Specializing in payment processing for 16 years Powered by the largest processors on the planet, servicing millions End-to-end solutions for retail, Internet, and mobile merchants Credit, debit, gift cards, e-checks To learn more about adding merchant processing to a CPA firm or helping any business save money on their merchant fees, Contact Ashleigh Parker at itransact, xt 8386 or

Payment Methods. The cost of doing business. Michelle Powell - BASYS Processing, Inc.

Payment Methods. The cost of doing business. Michelle Powell - BASYS Processing, Inc. Payment Methods The cost of doing business Michelle Powell - BASYS Processing, Inc. You ve got to spend money, to make money Major Industry Topics Industry Process Flow PCI DSS Compliance Risks of Non-Compliance

More information

University Policy Accepting Credit Cards to Conduct University Business

University Policy Accepting Credit Cards to Conduct University Business BROWN UNIVERSITY University Policy Accepting Credit Cards to Conduct University Business Purpose Brown University requires all departments that are involved with credit card handling to do so in compliance

More information

The Comprehensive, Yet Concise Guide to Credit Card Processing

The Comprehensive, Yet Concise Guide to Credit Card Processing The Comprehensive, Yet Concise Guide to Credit Card Processing Written by David Rodwell CreditCardProcessing.net Terms of Use This ebook was created to provide educational information regarding payment

More information

An Education in Merchant Processing

An Education in Merchant Processing An Education in Merchant Processing Presented by: Michael Mintz COO - AMG Payment Solutions Today s Agenda Introduction and Background Important Industry Terms The Electronic Payment Process Interchange

More information

Developments in Merchant Acquiring

Developments in Merchant Acquiring September 2008 Developments in Merchant Acquiring by Terri Bradford, Payments System Research Specialist, and Christian Hung, Research Associate II hen thinking about the participants involved in card-payment

More information

. Merchant Accounts are special bank accounts issued by a merchant. . Merchant Level: This classification is based on transaction volume.

. Merchant Accounts are special bank accounts issued by a merchant. . Merchant Level: This classification is based on transaction volume. Credit Card Procedures and Policies Texas A&M Health Science Center offers university departments the convenience of accepting credit cards in payment for goods and services provided. All University departments

More information

Credit vs. Debit: The Network Perspective

Credit vs. Debit: The Network Perspective July 25, 2010 Credit vs. Debit: The Network Perspective Richard Santoro, Vice President, Government Affairs MasterCard Worldwide 1 Overview Origins of Payment Cards Four-Party Payment System Model Anatomy

More information

TREASURER S OFFICE ADMINISTRATIVE STANDARDS FOR THE TREASURER S FISCAL PROCEDURE No. 08-01 MERCHANT DEBIT AND CREDIT CARD RECEIPTS

TREASURER S OFFICE ADMINISTRATIVE STANDARDS FOR THE TREASURER S FISCAL PROCEDURE No. 08-01 MERCHANT DEBIT AND CREDIT CARD RECEIPTS TREASURER S OFFICE ADMINISTRATIVE STANDARDS FOR THE TREASURER S FISCAL PROCEDURE No. 08-01 MERCHANT DEBIT AND CREDIT CARD RECEIPTS 1. Introduction Debit and Credit Card Receipt Standards apply to the administration

More information

PCI Policies 2011. Appalachian State University

PCI Policies 2011. Appalachian State University PCI Policies 2011 Appalachian State University Table of Contents Section 1: State and Contractual Requirements Governing Campus Credit Cards A. Cash Collection Point Approval for Departments B. State Requirements

More information

Credit Card Processing 101

Credit Card Processing 101 Credit Card Processing 101 Customers have come to expect credit cards as a payment option. With ATM fees continuing to rise, some consumers may even exclusively choose to take their purchasing power to

More information

Payment Card Industry Data Security Standards

Payment Card Industry Data Security Standards Payment Card Industry Data Security Standards January 19, 2011 Marc S. Reisler, Holland & Knight Copyright 2011 Holland & Knight LLP All Rights Reserved Data Breaches Remain a Serious Concern PCI Standards

More information

How Online Payments Really Work

How Online Payments Really Work Insights for Businesses How Online Payments Really Work If you re thinking about setting up an online store, you re in good company. Shoppers are increasingly turning to online options, as their access

More information

PCI Compliance: How to ensure customer cardholder data is handled with care

PCI Compliance: How to ensure customer cardholder data is handled with care PCI Compliance: How to ensure customer cardholder data is handled with care Choosing a safe payment process for your business Contents Contents 2 Executive Summary 3 PCI compliance and accreditation 4

More information

University Policy Accepting and Handling Payment Cards to Conduct University Business

University Policy Accepting and Handling Payment Cards to Conduct University Business BROWN UNIVERSITY University Policy Accepting and Handling Payment Cards to Conduct University Business Table of Contents Purpose... 2 Scope... 2 Authorization... 2 Establishing a new account... 2 Policy

More information

Section 3.9 PCI DSS Information Security Policy Issued: June 2016 Replaces: January 2015

Section 3.9 PCI DSS Information Security Policy Issued: June 2016 Replaces: January 2015 Section 3.9 PCI DSS Information Security Policy Issued: June 2016 Replaces: January 2015 I. PURPOSE The purpose of this policy is to establish guidelines for processing charges on Payment Cards to protect

More information

PCI Compliance Overview

PCI Compliance Overview PCI Compliance Overview 1 PCI DSS Payment Card Industry Data Security Standard Standard that is applied to: Merchants Service Providers (Banks, Third party vendors, gateways) Systems (Hardware, software)

More information

FAQ s for Payment Card Processing at the University

FAQ s for Payment Card Processing at the University FAQ s for Payment Card Processing at the University 1) We are thinking about taking credit cards for payments. What do we need to know? 2) Who is the PCPC (Payment Card Process Coordinator)? 3) What is

More information

Clark University's PCI Compliance Policy

Clark University's PCI Compliance Policy ï» Clark University's PCI Compliance Policy Who Should Read this Policy: All persons who have access to credit card information, including: Every employee that accesses handles or maintains credit card

More information

Payment Card Industry Data Security Standard (PCI DSS) Q & A November 6, 2008

Payment Card Industry Data Security Standard (PCI DSS) Q & A November 6, 2008 Payment Card Industry Data Security Standard (PCI DSS) Q & A November 6, 2008 What is the PCI DSS? And what do the acronyms CISP, SDP, DSOP and DISC stand for? The PCI DSS is a set of comprehensive requirements

More information

Getting Started. Quick Reference Guide for Payment Processing

Getting Started. Quick Reference Guide for Payment Processing Getting Started Quick Reference Guide for Payment Processing In today s competitive landscape, you have many choices when it comes to selecting your payments provider, and we appreciate your business.

More information

Information Technology

Information Technology Credit Card Handling Security Standards Overview Information Technology This document is intended to provide guidance to merchants (colleges, departments, organizations or individuals) regarding the processing

More information

Accepting Credit Cards 101

Accepting Credit Cards 101 1 Accepting Credit Cards 101 Payment Cards: A Brief History and the Invention of. The Key Players: The Associations, Member Banks, Processors, Service Providers, Agents, Cardholders, and Merchants : Card

More information

The Science of Credit Card Processing

The Science of Credit Card Processing The Science of Credit Card Processing Page 1 Credit Card Processing How does credit card processing work? You may receive credit card payments from customers from a variety of sources. You may swipe their

More information

PCI DSS COMPLIANCE DATA

PCI DSS COMPLIANCE DATA PCI DSS COMPLIANCE DATA AND PROTECTION EagleHeaps FROM CONTENTS Overview... 2 The Basics of PCI DSS... 2 PCI DSS Compliance... 4 The Solution Provider Role (and Accountability).... 4 Concerns and Opportunities

More information

Payment Card Industry Data Security Standard

Payment Card Industry Data Security Standard Payment Card Industry Data Security Standard Abhinav Goyal, B.E.(Computer Science) MBA Finance Final Trimester Welingkar Institute of Management ISACA Bangalore chapter 13 th February 2010 Credit Card

More information

A Compliance Overview for the Payment Card Industry (PCI)

A Compliance Overview for the Payment Card Industry (PCI) A Compliance Overview for the Payment Card Industry (PCI) Many organizations are aware of the Payment Card Industry (PCI) and PCI compliance but are unsure if they are doing everything necessary. This

More information

POLICY & PROCEDURE DOCUMENT NUMBER: 3.3101. DIVISION: Finance & Administration. TITLE: Policy & Procedures for Credit Card Merchants

POLICY & PROCEDURE DOCUMENT NUMBER: 3.3101. DIVISION: Finance & Administration. TITLE: Policy & Procedures for Credit Card Merchants POLICY & PROCEDURE DOCUMENT NUMBER: 3.3101 DIVISION: Finance & Administration TITLE: Policy & Procedures for Credit Card Merchants DATE: October 24, 2011 Authorized by: K. Ann Mead, VP for Finance & Administration

More information

CardControl. Credit Card Processing 101. Overview. Contents

CardControl. Credit Card Processing 101. Overview. Contents CardControl Credit Card Processing 101 Overview Credit card processing is a very complex and important system for anyone that sells goods. This guide will hopefully help educate and inform new and old

More information

Appendix 1 Payment Card Industry Data Security Standards Program

Appendix 1 Payment Card Industry Data Security Standards Program Appendix 1 Payment Card Industry Data Security Standards Program PCI security standards are technical and operational requirements set by the Payment Card Industry Security Standards Council to protect

More information

Glossary ACH Acquirer Assessments: AVS Authorization Back End: Backbilling Basis Point Batch

Glossary ACH Acquirer Assessments: AVS Authorization Back End: Backbilling Basis Point Batch Glossary ACH: Automated Clearing House; an electronic payment network most commonly associated with payroll direct deposit, recurring payments, and is the network most commonly used to settle merchant

More information

Frequently Asked Questions

Frequently Asked Questions PCI Compliance Frequently Asked Questions Table of Content GENERAL INFORMATION... 2 PAYMENT CARD INDUSTRY DATA SECURITY STANDARD (PCI DSS)...2 Are all merchants and service providers required to comply

More information

GRINNELL COLLEGE CREDIT CARD PROCESSING AND SECURITY POLICY

GRINNELL COLLEGE CREDIT CARD PROCESSING AND SECURITY POLICY GRINNELL COLLEGE CREDIT CARD PROCESSING AND SECURITY POLICY PURPOSE The Payment Card Industry Data Security Standard was established by the credit card industry in response to an increase in identify theft

More information

Account Information Security. Merchant Guide

Account Information Security. Merchant Guide Account Information Security Merchant Guide At Visa, protecting our cardholders is at the core of everything we do. One of the many reasons people trust our brand is that we make buying and selling safer

More information

Your Compliance Classification Level and What it Means

Your Compliance Classification Level and What it Means General Information What are the Payment Card Industry (PCI) Data Security Standards? The PCI Data Security Standards represents a common set of industry tools and measurements to help ensure the safe

More information

SAN DIEGO STATE UNIVERSITY RESEARCH FOUNDATION CREDIT CARD PROCESSING & SECURITY POLICY MERCHANT SERVICES POLICIES & PROCEDURES

SAN DIEGO STATE UNIVERSITY RESEARCH FOUNDATION CREDIT CARD PROCESSING & SECURITY POLICY MERCHANT SERVICES POLICIES & PROCEDURES SAN DIEGO STATE UNIVERSITY RESEARCH FOUNDATION CREDIT CARD PROCESSING & SECURITY POLICY MERCHANT SERVICES POLICIES & PROCEDURES POLICY STATEMENT Introduction Some San Diego State University Research Foundation

More information

Cash 257 Merchant Services and Revenue Collection

Cash 257 Merchant Services and Revenue Collection CPIM Academy Cash 257 Merchant Services and Revenue Collection 2015 Objectives Feel prepared to discuss/understand basics of merchant processing Understand Service Fees Difference between credit and debit

More information

Credit Card Processing Overview

Credit Card Processing Overview CardControl 3.0 Credit Card Processing Overview Overview Credit card processing is a very complex and important system for anyone that sells goods. This guide will hopefully help educate and inform new

More information

Cal Poly PCI DSS Compliance Training and Information. Information Security http://security.calpoly.edu 1

Cal Poly PCI DSS Compliance Training and Information. Information Security http://security.calpoly.edu 1 Cal Poly PCI DSS Compliance Training and Information Information Security http://security.calpoly.edu 1 Training Objectives Understanding PCI DSS What is it? How to comply with requirements Appropriate

More information

Merchant Card Processing Best Practices

Merchant Card Processing Best Practices Merchant Card Processing Best Practices Background: The major credit card companies (VISA, MasterCard, Discover, and American Express) have published a uniform set of data security standards that ALL merchants

More information

INFORMATION SECURITY POLICY. Policy for Credit Card Acceptance to Conduct College Business

INFORMATION SECURITY POLICY. Policy for Credit Card Acceptance to Conduct College Business DELAWARE COLLEGE OF ART AND DESIGN 600 N MARKET ST WILMINGTON DELAWARE 19801 302.622.8000 INFORMATION SECURITY POLICY including Policy for Credit Card Acceptance to Conduct College Business stuff\policies\security_information_policy_with_credit_card_acceptance.doc

More information

PC-DSS Compliance Strategies. 2011 NDUS CIO Retreat July 27, 2011 Theresa Semmens, CISA

PC-DSS Compliance Strategies. 2011 NDUS CIO Retreat July 27, 2011 Theresa Semmens, CISA PC-DSS Compliance Strategies 2011 NDUS CIO Retreat July 27, 2011 Theresa Semmens, CISA True or False Now that my institution has outsourced credit card processing, I don t have to worry about compliance?

More information

GLOSSARY OF MOST COMMONLY USED TERMS IN THE MERCHANT SERVICES INDUSTRY

GLOSSARY OF MOST COMMONLY USED TERMS IN THE MERCHANT SERVICES INDUSTRY GLOSSARY OF MOST COMMONLY USED TERMS IN THE MERCHANT SERVICES INDUSTRY Acquiring Bank The bank or financial institution that accepts credit and/or debit card payments for products or services on behalf

More information

SellWise User Group. Thursday, February 19, 2015

SellWise User Group. Thursday, February 19, 2015 SellWise User Group Thursday, February 19, 2015 Slides and recording posted on scouting.org/financeimpact Look on the Council Fiscal Management Tab, then look at the bottom left for Sellwise Support/User

More information

Office of Finance and Treasury

Office of Finance and Treasury Office of Finance and Treasury How to Accept & Process Credit and Debit Card Transactions Procedure Related Policy Title Credit Card Processing Policy For University Merchant Locations Responsible Executive

More information

Standards for Business Processes, Paper and Electronic Processing

Standards for Business Processes, Paper and Electronic Processing Payment Card Acceptance Information and Procedure Guide (for publication on the Treasury Webpages) A companion guide to University policy 6120, Payment Card Acceptance Standards for Business Processes,

More information

POLICY SECTION 509: Electronic Financial Transaction Procedures

POLICY SECTION 509: Electronic Financial Transaction Procedures Page 1 POLICY SECTION 509: Electronic Financial Transaction Procedures Source: NDSU President NDSU VP for Finance and Administration NDSU VP for Information Technology A. Purpose / Rationale Many NDSU

More information

UCSB Credit Card Processing and PCI Compliance

UCSB Credit Card Processing and PCI Compliance UCSB Credit Card Processing and PCI Compliance Sandra Featherson Associate Director of Controls Campus Credit Card Coordinator May 2011 Agenda Campus Credit Card Process Overview Terminology Approval/Acceptance

More information

Interchange Optimization: Are you getting the best rate?

Interchange Optimization: Are you getting the best rate? 2012 Interchange Optimization: Are you getting the best rate? Northpark Town Center 1200 Abernathy Road, Suite 1700 Atlanta, Georgia 30328 (800) 846-1305 www.optimizedpmts.com There are many costs associated

More information

CPIM Academy. Cash 257 Merchant Services and Revenue Collection

CPIM Academy. Cash 257 Merchant Services and Revenue Collection CPIM Academy Cash 257 Merchant Services and Revenue Collection 2015 Objectives Feel prepared to discuss/understand basics of merchant processing Understand Service Fees Difference between credit and debit

More information

Third Party Agent Registration and PCI DSS Compliance Validation Guide

Third Party Agent Registration and PCI DSS Compliance Validation Guide Visa Europe Third Party Agent Registration and PCI DSS Compliance Validation Guide May 2016 Version 1.3 Visa Europe 2015 Contents 1 Introduction... 4 1.1 Definitions of Agents... 4 2 Registration Process...

More information

IT Security Compliance PCI DSS FOR MERCHANTS THE PAYMENT CARD INDUSTRY DATE SECURITY STANDARD WHITE PAPER

IT Security Compliance PCI DSS FOR MERCHANTS THE PAYMENT CARD INDUSTRY DATE SECURITY STANDARD WHITE PAPER July 9 th, 2012 Prepared By: Mark Akins PCI QSA, CISSP, CISA WHITE PAPER IT Security Compliance PCI DSS FOR MERCHANTS THE PAYMENT CARD INDUSTRY DATE SECURITY STANDARD PCI DSS for Merchants The Payment

More information

PAYMENT CARD INDUSTRY (PCI) COMPLIANCE HISTORY & OVERVIEW

PAYMENT CARD INDUSTRY (PCI) COMPLIANCE HISTORY & OVERVIEW PAYMENT CARD INDUSTRY (PCI) COMPLIANCE HISTORY & OVERVIEW David Kittle Chief Information Officer Chris Ditmarsch Network & Security Administrator Smoker Friendly International / The Cigarette Store Corp

More information

D. DFA: Mississippi Department of Finance and Administration.

D. DFA: Mississippi Department of Finance and Administration. MISSISSIPPI DEPARTMENT OF FINANCE AND ADMINISTRATION ADMINISTRATIVE RULE PAYMENTS BY CREDIT CARD, CHARGE CARD, DEBIT CARDS OR OTHER FORMS OF ELECTRONIC PAYMENT OF AMOUNTS OWED TO STATE AGENCIES The Department

More information

1/18/10. Walt Conway. PCI DSS in Context. Some History The Digital Dozen Key Players Cardholder Data Outsourcing Conclusions. PCI in Higher Education

1/18/10. Walt Conway. PCI DSS in Context. Some History The Digital Dozen Key Players Cardholder Data Outsourcing Conclusions. PCI in Higher Education PCI in Higher Education Walter Conway, QSA 403 Labs, LLC Walt Conway PCI consultant, blogger, trainer, speaker, author Former Visa VP Help schools become PCI compliant Represent Higher Education at PCI

More information

Registration and PCI DSS compliance validation

Registration and PCI DSS compliance validation Visa Europe A Guide for Third Party Agents Registration and PCI DSS compliance validation October 2015 Version 1.1 Visa Europe 2015 Contents 1 Introduction... 4 1.1 Definitions of Agents... 4 2 Registration

More information

12/4/2013. Regulatory Updates. Eric M. Wright, CPA, CITP. Schneider Downs & Co., Inc. December 5, 2013

12/4/2013. Regulatory Updates. Eric M. Wright, CPA, CITP. Schneider Downs & Co., Inc. December 5, 2013 Regulatory Updates Eric M. Wright, CPA, CITP Schneider Downs & Co., Inc. December 5, 2013 Eric M. Wright, CPA, CITP Eric has been involved with Information Technology with Schneider Downs since 1983. He

More information

2.1.2 CARDHOLDER DATA SECURITY

2.1.2 CARDHOLDER DATA SECURITY University of Oxford Finance Division FINANCIAL POLICY 2.1.2 CARDHOLDER DATA SECURITY Date: 21 March 2013 Version: 2.1.2 Status: Approved Author: Simon Blee Bridget Midwinter TABLE OF CONTENTS Page EXECUTIVE

More information

Understanding Your Merchant Fees Presented by:

Understanding Your Merchant Fees Presented by: Understanding Your Merchant Fees Presented by: Melinda Speer Terry Endres VP Strategic Sales Executive SVP Treasury Management Officer Health, Institutions, & Government Government Treasury Services Chicago,

More information

PayLeap Guide. One Stop

PayLeap Guide. One Stop PayLeap Guide One Stop PayLeap does it all. Take payments in person? Check. Payments over the phone or by mail? Check. Payments from mobile devices? Of course. Online payments? No problem. In addition

More information

Merchant guide to PCI DSS

Merchant guide to PCI DSS Merchant guide to PCI DSS Contents What is PCI DSS and why was it introduced?... 3 Who needs to become PCI DSS compliant?... 3 BOIPA Simple PCI DSS - 3 step approach to helping businesses... 3 What does

More information

Guide to Payment Processing

Guide to Payment Processing Guide to Payment Processing What s Inside: Industry Players Components of Payment Processing Reading Your Merchant Statement Understanding Fees Processing Methods Trends Need-to-Know Vocabulary Guide to

More information

Choosing the Right Merchant Account Provider. 5 Essential Factors Every Business Owner Must Understand Before Choosing a Payment Processing Provider

Choosing the Right Merchant Account Provider. 5 Essential Factors Every Business Owner Must Understand Before Choosing a Payment Processing Provider Choosing the Right Merchant Account Provider 5 Essential Factors Every Business Owner Must Understand Before Choosing a Payment Processing Provider 5 Essential Factors Starting to accept credit cards at

More information

PCI Compliance 101: Payment Card. Your Presenter: 7/19/2011. Data Security Standards Compliance. Wednesday, July 20, 2011 2:00 pm 3:00 pm EDT

PCI Compliance 101: Payment Card. Your Presenter: 7/19/2011. Data Security Standards Compliance. Wednesday, July 20, 2011 2:00 pm 3:00 pm EDT PCI Compliance 101: Payment Card Industry Basics Data Security Standards Compliance Wednesday, July 20, 2011 2:00 pm 3:00 pm EDT This complimentary webinar is brought to you by ASAE-Endorsed Business Solutions

More information

Important Info for Youth Sports Associations

Important Info for Youth Sports Associations Important Info for Youth Sports Associations What the Heck is PCI DSS and Why Should I Care? Joe Posey Terrapin Financial Services Your Club is an ecommerce Business You accept online registration over

More information

Before You Swipe: Best Practices in Accepting Credit, Debit and Pre-Paid. Paid Card Payments

Before You Swipe: Best Practices in Accepting Credit, Debit and Pre-Paid. Paid Card Payments Before You Swipe: Best Practices in Accepting Credit, Debit and Pre-Paid Paid Card Payments Sean Christy, Sutherland Robyn Miller, Pro Bono Partnership of Atlanta March 22, 2012 Mission of Pro Bono Partnership

More information

Tools to help you purchase your POS System

Tools to help you purchase your POS System Tools to help you purchase your POS System Purchasing any technology can be confusing, and this applies to the purchase of a point-of-sale (POS) System. This document will provide you with a checklist

More information

Credit Card Processing Overview

Credit Card Processing Overview Credit Card Processing Overview New Agent Development Training First Data Learning Organization Copyright 2009, First Data Corporation. All Rights Reserved. Developed by: 26 Rev: 01/23/09/1.0 Objectives

More information

Why Is Compliance with PCI DSS Important?

Why Is Compliance with PCI DSS Important? Why Is Compliance with PCI DSS Important? The members of PCI Security Standards Council (American Express, Discover, JCB, MasterCard, and Visa) continually monitor cases of account data compromise. These

More information

A Glossary of Key Terms for the Vendor to Surcharge to Make Card Payments a Price Competitive Payment Channel By: Scott Blakeley, Esq.

A Glossary of Key Terms for the Vendor to Surcharge to Make Card Payments a Price Competitive Payment Channel By: Scott Blakeley, Esq. A Glossary of Key Terms for the Vendor to Surcharge to Make Card Payments a Price Competitive Payment Channel By: Scott Blakeley, Esq. & Brad Boe Abstract Customers have payment channel choices, whether

More information

Sales are the lifeblood of any small business. If you can t close the deal and get customers to buy, your business won t last very long.

Sales are the lifeblood of any small business. If you can t close the deal and get customers to buy, your business won t last very long. 1 Sales are the lifeblood of any small business. If you can t close the deal and get customers to buy, your business won t last very long. That s really all there is to it. So doesn t it just make sense

More information

CREDIT CARD MERCHANT PROCEDURES. Revised 01/21/2014 Prepared by: NIU Merchant Services

CREDIT CARD MERCHANT PROCEDURES. Revised 01/21/2014 Prepared by: NIU Merchant Services CREDIT CARD MERCHANT PROCEDURES Revised 01/21/2014 Prepared by: NIU Merchant Services CREDIT CARD MERCHANT PROCEDURES Contents Role of NIU Merchant Services 2 Security. 3 Method of Payment 3 Departmental

More information

Payment Card Industry Data Security Standard Training. Chris Harper Vice President of Technical Services Secure Enterprise Computing, Inc.

Payment Card Industry Data Security Standard Training. Chris Harper Vice President of Technical Services Secure Enterprise Computing, Inc. Payment Card Industry Data Security Standard Training Chris Harper Vice President of Technical Services Secure Enterprise Computing, Inc. March 27, 2012 Agenda Check-In 9:00-9:30 PCI Intro and History

More information

Questions and Answers PCI Compliance (Updated May 23, 2014)

Questions and Answers PCI Compliance (Updated May 23, 2014) Questions and Answers PCI Compliance (Updated ) The Alberta government is working toward PCI compliance, an industry standard created by the credit card industry to improve cardholder data security. The

More information

Credit Card Handling Security Standards

Credit Card Handling Security Standards Credit Card Handling Security Standards Overview This document is intended to provide guidance to merchants (colleges, departments, auxiliary organizations or individuals) regarding the processing of charges

More information

WHITE PAPER. PCI Basics: What it Takes to Be Compliant

WHITE PAPER. PCI Basics: What it Takes to Be Compliant WHITE PAPER PCI Basics: What it Takes to Be Compliant Introduction A long-running worldwide advertising campaign by Visa states that the card is accepted everywhere you want to be. Unfortunately, and through

More information

Frequently Asked Questions

Frequently Asked Questions I ccount Information System (IS) Program Frequently sked Questions Q What is IS? ccount Information Security, or IS, is a Risk Management program by Visa aimed to protect account and/or transaction information

More information

Payment Card Acceptance Administrative Policy

Payment Card Acceptance Administrative Policy Administrative Procedure Approved By: Brandon Gilliland, Associate Vice President for Finance & Controller Effective Date: October 1, 2014 History: Approval Date: September 25, 2014 Revisions: Type: Administrative

More information

What are the PCI DSS requirements? PCI DSS comprises twelve requirements, often referred to as the digital dozen. These define the need to:

What are the PCI DSS requirements? PCI DSS comprises twelve requirements, often referred to as the digital dozen. These define the need to: What is the PCI standards council? The Payment Card Industry Standards Council is an institution set-up by American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International

More information

VISA EUROPE ACCOUNT INFORMATION SECURITY (AIS) PROGRAMME FREQUENTLY ASKED QUESTIONS (FAQS)

VISA EUROPE ACCOUNT INFORMATION SECURITY (AIS) PROGRAMME FREQUENTLY ASKED QUESTIONS (FAQS) VISA EUROPE ACCOUNT INFORMATION SECURITY (AIS) PROGRAMME FREQUENTLY ASKED QUESTIONS (FAQS) Q1: What is the purpose of the AIS programme? Q2: What exactly is the Payment Card Industry (PCI) Data Security

More information

Payment Card Industry Data Security Standards

Payment Card Industry Data Security Standards Payment Card Industry Data Security Standards The payment card industry data security standard PCI DSS Visa and MasterCard have developed the Payment Card Industry Data Security Standard or PCI DSS as

More information

Merchant Processing. Trends and Truths. Roger Raney TransFirst Regional Sales Manager rraney@transfirst.com 941.704.5858

Merchant Processing. Trends and Truths. Roger Raney TransFirst Regional Sales Manager rraney@transfirst.com 941.704.5858 Merchant Processing Trends and Truths Karen Miles US Rice Producers Association Financial Director karen@usriceproducers.com 713.974.7423 Roger Raney TransFirst Regional Sales Manager rraney@transfirst.com

More information

Payment Cardholder Data Handling Procedures (required to accept any credit card payments)

Payment Cardholder Data Handling Procedures (required to accept any credit card payments) Payment Cardholder Data Handling Procedures (required to accept any credit card payments) Introduction: The Procedures that follow will allow the University to be in compliance with the Payment Card Industry

More information

2.0 PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS (PCI-DSS)

2.0 PAYMENT CARD INDUSTRY DATA SECURITY STANDARDS (PCI-DSS) CSU, Chico Credit Card Handling Security Standard Effective Date: July 28, 2015 1.0 INTRODUCTION This standard provides guidance to ensure that credit card acceptance and ecommerce processes comply with

More information

Sales Rep Frequently Asked Questions

Sales Rep Frequently Asked Questions V 02.21.13 Sales Rep Frequently Asked Questions OMEGA Processing Data Protection Program February 2013 - Updated In response to a national rise in data breaches and system compromises, OMEGA Processing

More information

Two Approaches to PCI-DSS Compliance

Two Approaches to PCI-DSS Compliance Disclaimer Copyright Michael Chapple and Jane Drews, 2006. This work is the intellectual property of the authors. Permission is granted for this material to be shared for non-commercial, educational purposes,

More information

Failure to follow the following procedures may subject the state to significant losses, including:

Failure to follow the following procedures may subject the state to significant losses, including: SUBJECT: Policy and Procedures PAGE: 1 of 5 INTRODUCTION During fiscal year 2014, State of Wisconsin agencies accepted approximately 6 million credit/debit card payments through the following payment channels:

More information

Sage ERP MAS I White Paper. Payment Processing Trends, Tips, and Tricks: What You Need to Know

Sage ERP MAS I White Paper. Payment Processing Trends, Tips, and Tricks: What You Need to Know I White Paper What You Need to Know Over the past few years, credit and debit card acceptance has come on the scene as a required payment option. Similarly, the number of customers using credit and debit

More information

Q: What is PCI? Q: To whom does PCI apply? Q: Where can I find the PCI Data Security Standards (PCI DSS)? Q: What are the PCI compliance deadlines?

Q: What is PCI? Q: To whom does PCI apply? Q: Where can I find the PCI Data Security Standards (PCI DSS)? Q: What are the PCI compliance deadlines? Q: What is PCI? A: The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain

More information

PCI DSS. CollectorSolutions, Incorporated

PCI DSS. CollectorSolutions, Incorporated PCI DSS Robert Cothran President CollectorSolutions www.collectorsolutions.com CollectorSolutions, Incorporated Founded as Florida C corporation in 1999 Approximately 235 clients in 35 states Targeted

More information

PCI DSS Compliance Services January 2016

PCI DSS Compliance Services January 2016 PCI DSS Compliance Services January 2016 20160104-Galitt-PCI DSS Compliance Services.pptx Agenda 1. Introduction 2. Overview of the PCI DSS standard 3. PCI DSS compliance approach Copyright Galitt 2 Introduction

More information

Brown Smith Wallace, LLC

Brown Smith Wallace, LLC Brown Smith Wallace, LLC Successful Software Selection Whitepaper Series How to Adhere to Payment Card Industry Data Security Standards By Ron Schmittling, CPA/CITP, QSA, CISA, CIA To learn more about

More information

How to read your statement basics IRS Reporting Early Termination Fees Contract Renewals Equipment Leases & Free Equipment PCI Compliance General

How to read your statement basics IRS Reporting Early Termination Fees Contract Renewals Equipment Leases & Free Equipment PCI Compliance General 2 How to read your statement basics IRS Reporting Early Termination Fees Contract Renewals Equipment Leases & Free Equipment PCI Compliance General info Q&A 3 Calculate your Effective Rate Total Processing

More information

PCI DSS 101 FOR CTOs AND BUSINESS EXECUTIVES

PCI DSS 101 FOR CTOs AND BUSINESS EXECUTIVES PCI DSS 101 FOR CTOs AND BUSINESS EXECUTIVES CUTTING THROUGH THE COMPLEXITY AND CONFUSION Over the years, South African retailers have come under increased pressure to gain PCI DSS (Payment Card Industry

More information

PROTECTION OF OUR MERCHANTS AND REFERRAL PARTNERS IS OUR FIRST CONCERN

PROTECTION OF OUR MERCHANTS AND REFERRAL PARTNERS IS OUR FIRST CONCERN PCI Q: What is PCI? A: The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information

More information

Sage 100 ERP I White Paper. Payment Processing Trends, Tips, and Tricks: What You Need to Know

Sage 100 ERP I White Paper. Payment Processing Trends, Tips, and Tricks: What You Need to Know Sage 100 ERP I White Paper What You Need to Know Over the past few years, credit and debit card acceptance has come on the scene as a required payment option. Similarly, the number of customers using credit

More information

P R O G R E S S I V E S O L U T I O N S

P R O G R E S S I V E S O L U T I O N S PCI DSS: PCI DSS is a set of technical and operational mandates designed to ensure that all organizations that process, store or transmit credit card information maintain a secure environment and safeguard

More information

WISCONSIN ACCOUNTING MANUAL Department of Administration State Controller s Office

WISCONSIN ACCOUNTING MANUAL Department of Administration State Controller s Office BACKGROUND State of Wisconsin agencies accepted more than 6 million credit/debit card payments annually through the following payment channels: Point of Sale (State agency location) Point of Sale (Retail-agent

More information