Mobile Payments Applications and Challenges Jose Diaz Director, Business Development & Technical Alliances Thales e-security

Size: px
Start display at page:

Download "Mobile Payments Applications and Challenges Jose Diaz Director, Business Development & Technical Alliances Thales e-security"

Transcription

1 Mobile Payments Applications and Challenges Jose Diaz Director, Business Development & Technical Alliances Thales e-security

2 2 / Verizon Data Breach Report

3 3 / Victim Industry Source: Verizon 2013 Data Breach Investigations Report

4 4 / Compromised Data Source: Verizon 2013 Data Breach Investigations Report

5 5 / Mobile Threats Global Overview 5.6 million potentially malicious files reported on Android, of which 1.3 million are confirmed malicious by multiple AV vendors Source: APWG White Paper: Mobile Fraud, May 2013

6 6 / Trustwave 2013 Global Security Report Key points on mobile device security Android platform continues to be the focus of malware In 2012, Trustwave s malware collection for Android grew 400%, from 50,000 to over 200,000 samples Malware also appeared in the Apple itunes Store All malware discovered was quickly removed Most notable being Find and Call - malware would upload a copy of the user s address book and send SMS spam to all contacts Several new variants of Zeus family targeting BlackBerry devices, primarily in Germany, Italy and Spain Windows 8 for mobile, released late October Not much seen in way of malware or exploits directed at this operating system, so far

7 7 / Does Anybody Care? Source: Advanced Payments Report 2013 Edgar, Dunn & Company, Sponsored by First Data

8 8 / MOBILE PAYMENTS

9 9 / Mobile Banking Mobile Banking Mobile Payments It is a direct relationship between you and your bank You can view your account balances You can pay bills but: Mostly, these are only to accounts you registered to pay directly (electric, phone, etc.) You can transfer money between your accounts Interac e-transfer enables you to send money to someone with an account in Canada You may be able to make a deposit by taking a picture of a check you want to deposit You cannot walk into a store and pay for purchases with a mobile banking application

10 10 / Why is Mobile Payments Interesting? CNN Money Mobile payments are expected to hit $214 billion by Transactions made by scanning a mobile phone at the register are forecast to reach $22 billion -- up from "practically none" last year.

11 11 / The Future Trend for Payments Source: RSR research, March 2013

12 12 / Who is Leading the Way? retailers are taking their leads from innovators PayPal and Google, whose success is driven not by service providers, but by consumers themselves Source: RSR research, March 2013

13 13 / The Traditional Payments View Traditional Four Corner Model defines a tightly controlled ecosystem Consumer s Cards Merchant s Systems Network Consumer s Bank Merchant s Bank

14 14 / Mobile Acceptance Expands the Model Traditional Four Corner Model defines a tightly controlled ecosystem Consumer s Cards Network Consumer s Bank Merchant s Bank

15 15 / Mobile Acceptance (mpos) EMV Magnetic Stripe

16 16 / PCI s View on Mobile Payments

17 17 / Benefit of PCI P2PE Acquirer Domain Payments network POI (at the Merchant) Payment Gateway / P2PE Solution Provider Acquirer Switch Issuer P2PE Secure Link Data protected by payments network Reduces pain of audit compliance for merchant Eliminates card data from merchant environment Protects data from acceptance device to Gateway or Acquirer

18 18 / What About Mobile Acceptance (mpos) and P2PE? Smart Phone Or Tablet Acquirer Domain Payments network PCI-approved Secure Card Reader POI (at the Merchant) Payment Gateway / P2PE Solution Provider Acquirer Switch Issuer P2PE Secure Link Data protected by payments network Enables transaction data security for mpos Eliminates card data from mobile device and merchant environment P2PE used to protect the data An important component for mpos transactions!

19 19 / MOBILE PAYMENTS

20 20 / Paying with Mobile Brings New Challenges Traditional Four Corner Model defines a tightly controlled ecosystem Consumer s Cards Merchant s Systems Everything stays the same - but Phones are insecure They are consumer controlled Network They can t be read in stores Consumer s Bank Merchant s Bank

21 21 / New Technologies to the Rescue Readability Near Field Communications (NFC) Standardized Format Mobile Wallets (apps that host payment credentials) Security Secure Elements (micro-hsms for phones)

22 22 / So Why Hasn t it Happened Yet? 1 st NFC phone Nokia 6131 (Feb 2006) Just unlucky or ill conceived? NFC is just a protocol not an experience Apple s iphone was launched only a year later (June 07) NFC requires POS terminals to be upgraded but few merchants were motivated (other than taxis and subways) Expected penetration from 8% in 2011 to 53% in 2017

23 23 / Expanded Ecosystem Several Cooks in the Kitchen Trusted Service Managers Mobile Wallet (TSM) Providers Mobile App Developers Handset Manufacturers Mobile Network Operators (MNO) The payments industry is no longer a private club Merchant s Systems Mobile Technology Providers Network Consumer s Bank Merchant s Bank

24 24 / Paying with Mobile in Canada CIBC and Rogers RBC and Bell Other Banks have announced they will offer NFC payments

25 25 / EXPANDING SECURITY OPTIONS IN MOBILE DEVICE

26 26 / Trusted Execution Environment (TEE) Separate execution environment running alongside OS to provide security services to Rich OS Higher level of security than a Rich OS Not as secure as a Secure Element (SE), but lower cost Offers layer of security between a Rich OS and a SE Addresses use cases with lower security requirements Security framework within the device Isolates access to its hardware and software security resources from the Rich OS and its applications Enforces protection, confidentiality, integrity, and access rights to the resources and data belonging to Trusted Applications Trusted Applications independent of each other, cannot perform unauthorized access to security resources from other Trusted Application Source: Global Platform s White Paper The Trusted Execution Environment: Delivering Enhanced Security at a Lower Cost to the Mobile Market

27 27 / Architecture of the TEE Source: Global Platform s White Paper The Trusted Execution Environment: Delivering Enhanced Security at a Lower Cost to the Mobile Market

28 28 / Rich OS, TEE and SE Positioning Rich OS, TEE and SE Positioning Security positioning for TEE compared to Rich OS or a SE Source: Global Platform s White Paper The Trusted Execution Environment: Delivering Enhanced Security at a Lower Cost to the Mobile Market

29 29 / Summary Risk of data compromise is still high in the market Protection of payment card data is important Mobile devices are also targets for malware No question mobile is area of interest for payments mpos has been primary driver for mobile use Has caused disruption in the payments environment Whether acceptance uses traditional terminal or mobile device, there is need for protecting data Actually, even more important for a mobile device Use of P2PE helps protect payment data Payment with mobile devices brings challenges Banks in Canada have deployed NFC payment options Global Platform has introduced more security options Security is an essential part of deployments to ensure customer confidence Customers expect it!

30 30 / Any Questions?

Data Protection and Mobile Payments. Jose Diaz - Business Development & Technical Alliances Ted Heiman Key Account Manager Thales e-security

Data Protection and Mobile Payments. Jose Diaz - Business Development & Technical Alliances Ted Heiman Key Account Manager Thales e-security Data Protection and Mobile Payments Jose Diaz - Business Development & Technical Alliances Ted Heiman Key Account Manager Thales e-security 2 Today s reality It s a data-centric world. And the data is

More information

CANADA VS THE USA - THE CONTRAST AND LESSONS FOR MOBILE PAYMENTS

CANADA VS THE USA - THE CONTRAST AND LESSONS FOR MOBILE PAYMENTS CANADA VS THE USA - THE CONTRAST AND LESSONS FOR MOBILE PAYMENTS Presented by: Jacqueline Chilton, Founding Partner, Muration Group Catherine Johnston, President & CEO ACT Canada Muration Group 2014 2

More information

Making Cloud-Based Mobile Payments a Reality with Digital Issuance, Tokenization, and HCE WHITE PAPER

Making Cloud-Based Mobile Payments a Reality with Digital Issuance, Tokenization, and HCE WHITE PAPER Making Cloud-Based Mobile Payments a Reality with Digital Issuance, Tokenization, and HCE WHITE PAPER Why Cloud-Based Mobile Payments? The promise of mobile payments has captured the imagination of banks,

More information

Building Trust in a Digital World. Brian Phelps, BSc CISSP Director of Advanced Solutions Group EMEA Thales UK, Ltd.

Building Trust in a Digital World. Brian Phelps, BSc CISSP Director of Advanced Solutions Group EMEA Thales UK, Ltd. Building Trust in a Digital World Brian Phelps, BSc CISSP Director of Advanced Solutions Group EMEA Thales UK, Ltd. 2 Global incidents Equivalent of 117,339 incoming attacks per day, everyday Total number

More information

NAVIGATING THE PAYMENTS AND SECURITY LANDSCAPE

NAVIGATING THE PAYMENTS AND SECURITY LANDSCAPE NAVIGATING THE PAYMENTS AND SECURITY LANDSCAPE Payment disruptions impacting restaurant owners today An NCR Hospitality white paper Almost every month we hear a news story about another data breach that

More information

The Impact of Emerging Payment Technologies on Retail and Hospitality Businesses. National Computer Corporation www.nccusa.com

The Impact of Emerging Payment Technologies on Retail and Hospitality Businesses. National Computer Corporation www.nccusa.com The Impact of Emerging Payment Technologies on Retail and Hospitality Businesses The Impact of Emerging Payment Technologies on Retail and Hospitality Businesses Making the customer payment process convenient,

More information

Apple Pay & The New Environment for Mobile Payment Apps

Apple Pay & The New Environment for Mobile Payment Apps Apple Pay & The New Environment for Mobile Payment Apps Events, Timing & Methodology I SEPT 9 Apple Press Conference SEPT 18 2104 CPM Data Collection SEPT 25 iphone6 In-Stores Consumer Payments Monitor

More information

OVERVIEW OF MOBILE PAYMENT LANDSCAPE

OVERVIEW OF MOBILE PAYMENT LANDSCAPE OVERVIEW OF MOBILE PAYMENT LANDSCAPE NEACH FORUM September 10, 2014 Marianne Crowe Federal Reserve Bank of Boston Disclaimer: The views expressed in this presentation are those of the presenter and do

More information

OVERVIEW OF MOBILE PAYMENT LANDSCAPE Marianne Crowe Federal Reserve Bank of Boston NEACH September 10, 2014

OVERVIEW OF MOBILE PAYMENT LANDSCAPE Marianne Crowe Federal Reserve Bank of Boston NEACH September 10, 2014 OVERVIEW OF MOBILE PAYMENT LANDSCAPE Marianne Crowe Federal Reserve Bank of Boston NEACH September 10, 2014 Disclaimer: The views expressed in this presentation are those of the presenter and do not necessarily

More information

Inside the Mobile Wallet: What It Means for Merchants and Card Issuers

Inside the Mobile Wallet: What It Means for Merchants and Card Issuers Inside the Mobile Wallet: What It Means for Merchants and Card Issuers Welcome to the age of Universal Commerce commerce that is integrated, personalized, secure, open, and smart. The lines between in-store

More information

Emerging Trends in the Payment Ecosystem: The Good, the Bad and the Ugly DAN KRAMER

Emerging Trends in the Payment Ecosystem: The Good, the Bad and the Ugly DAN KRAMER Emerging Trends in the Payment Ecosystem: The Good, the Bad and the Ugly DAN KRAMER SHAZAM, Senior Vice President Agenda The Ugly Fraud The Bad EMV? The Good Tokenization and Other Emerging Payment Options

More information

permitting close proximity communication between devices in this case a phone and a terminal.

permitting close proximity communication between devices in this case a phone and a terminal. MOBILE PAYMENT What it is. How it works. What it means for Canadians. By EnStream LP for the House of Commons Finance Committee February 13, 2014 INTRODUCTION EnStream was established by Bell, Rogers and

More information

Plugging the Holes in Mobile Security: The Rising Threat Jennifer M. Pigg, VP of Research, Yankee Group Nick Wade, Group Product Manager, Symantec

Plugging the Holes in Mobile Security: The Rising Threat Jennifer M. Pigg, VP of Research, Yankee Group Nick Wade, Group Product Manager, Symantec Plugging the Holes in Mobile Security: The Rising Threat Jennifer M. Pigg, VP of Research, Yankee Group Nick Wade, Group Product Manager, Symantec June 2011 Copyright 2011. Yankee Group Research, Inc.

More information

Practically Thinking: What Small Merchants Should Know about EMV

Practically Thinking: What Small Merchants Should Know about EMV Practically Thinking: What Small Merchants Should Know about EMV 1 Practically Thinking: What Small Merchants Should Know About EMV Overview Savvy business owners know that payments are about more than

More information

EESTEL. Association of European Experts in E-Transactions Systems. Apple iphone 6, Apple Pay, What else? EESTEL White Paper.

EESTEL. Association of European Experts in E-Transactions Systems. Apple iphone 6, Apple Pay, What else? EESTEL White Paper. EESTEL White Paper October 29, 2014 Apple iphone 6, Apple Pay, What else? On 2014, September 9 th, Apple has launched three major products: iphone 6, Apple Watch and Apple Pay. On October 17 th, Apple

More information

White Paper PCI-Validated Point-to-Point Encryption

White Paper PCI-Validated Point-to-Point Encryption White Paper PCI-Validated Point-to-Point Encryption By Christopher Kronenthal, Chief Technology Officer Contributors Executive Summary Merchants are navigating a payments landscape that continues to evolve,

More information

HCE and SIM Secure Element:

HCE and SIM Secure Element: HCE and SIM Secure Element: It s not black and white A Discussion Paper from Consult Hyperion Supported by: Date: June 2014 Authors: Steve Pannifer, Dick Clark, Dave Birch steve.pannifer@chyp.com Consult

More information

MPOS: RISK AND SECURITY

MPOS: RISK AND SECURITY MPOS: RISK AND SECURITY 2 Evolution of Payment Acceptance Consumers want to get the best deal with the minimum pain Sellers want to ensure they never turn down a sale and maximise consumer loyalty 3 Evolution

More information

Are You Ready For PCI v 3.0. Speaker: Corbin DelCarlo Institution: McGladrey LLP Date: October 6, 2014

Are You Ready For PCI v 3.0. Speaker: Corbin DelCarlo Institution: McGladrey LLP Date: October 6, 2014 Are You Ready For PCI v 3.0 Speaker: Corbin DelCarlo Institution: McGladrey LLP Date: October 6, 2014 Today s Presenter Corbin Del Carlo QSA, PA QSA Director, National Leader PCI Services Practice 847.413.6319

More information

IT TRENDS AND FUTURE CONSIDERATIONS. Paul Rainbow CPA, CISA, CIA, CISSP, CTGA

IT TRENDS AND FUTURE CONSIDERATIONS. Paul Rainbow CPA, CISA, CIA, CISSP, CTGA IT TRENDS AND FUTURE CONSIDERATIONS Paul Rainbow CPA, CISA, CIA, CISSP, CTGA AGENDA BYOD Cloud Computing PCI Fraud Internet Banking Questions The Mobile Explosion Mobile traffic data in 2011 was nearly

More information

Chris Boykin VP of Professional Services

Chris Boykin VP of Professional Services 5/30/12 Chris Boykin VP of Professional Services Future Com! 20 years! Trusted Advisors! Best of brand partners! Brand name customers! 1000 s of solutions delivered!! 1 5/30/12 insight to the future, bringing

More information

Payments Security White Paper

Payments Security White Paper Payments Security White Paper BMO Bank of Montreal CIBC National Bank of Canada RBC Royal Bank Scotiabank TD Bank Group BMO Bank of Montreal July 13, 2015 Contents Introduction... 1 Scope... 1 Guiding

More information

mobile payment acceptance Solutions Visa security best practices version 3.0

mobile payment acceptance Solutions Visa security best practices version 3.0 mobile payment acceptance Visa security best practices version 3.0 Visa Security Best Practices for, Version 3.0 Since Visa s first release of this best practices document in 2011, we have seen a rapid

More information

The Canadian Migration to EMV. Prepared By:

The Canadian Migration to EMV. Prepared By: The Canadian Migration to EMV Prepared By: December 1993 Everyone But The USA Is Migrating The international schemes decided Smart Cards are the way forward Europay, MasterCard & Visa International Produced

More information

Stronger(Security(and( Mobile'Payments'! Dramatically*Faster!and$ Cheaper'to'Implement"

Stronger(Security(and( Mobile'Payments'! Dramatically*Faster!and$ Cheaper'to'Implement !!!! Stronger(Security(and( Mobile'Payments'! Dramatically*Faster!and$ Cheaper'to'Implement" Here$is$a$simple,$cost$effective$way$to$achieve$transaction$security$for$ mobile$payments$that$allows$easy$and$secure$provisioning$of$cards.$

More information

A HOLISTIC APPROACH TO MERCHANT PAYMENT SECURITY. 2016, Vantiv, LLC. All rights reserved.

A HOLISTIC APPROACH TO MERCHANT PAYMENT SECURITY. 2016, Vantiv, LLC. All rights reserved. A HOLISTIC APPROACH TO MERCHANT PAYMENT SECURITY A HOLISTIC APPROACH TO MERCHANT PAYMENT SECURITY WHY DEALERS AND ACQUIRERS ARE PIVOTAL TO SECURING THE MERCHANT PAYMENT ENVIRONMENT. For the past fifteen

More information

Mobile Device Security and Privacy. Discussion - Planning Considerations for a Successful Mobile Device Program

Mobile Device Security and Privacy. Discussion - Planning Considerations for a Successful Mobile Device Program Mobile Device Security and Privacy Discussion - Planning Considerations for a Successful Mobile Device Program August 2012 Discussion Topics Mobile Device Definition and Characteristics Mobile Device Access

More information

Best practices for choosing and integrating a mobile payments platform. A GlobalOnePay White Paper

Best practices for choosing and integrating a mobile payments platform. A GlobalOnePay White Paper Best practices for choosing and integrating a mobile payments platform A GlobalOnePay White Paper Mobile commerce (mcommerce) purchases and in-app payments made on mobile devices are rapidly becoming just

More information

The future of contactless mobile payment: with or without Secure Element?

The future of contactless mobile payment: with or without Secure Element? The future of contactless mobile payment: with or without Secure Element? By Sylvain Godbert, mobile payment and security expert at Nextendis By Jean-Philippe Amiel, director of Nextendis February, 2015

More information

The State of Pay. A mobile revolution. semble.co.nz

The State of Pay. A mobile revolution. semble.co.nz The State of Pay A mobile revolution semble.co.nz 2 November 2015 2 Overview The introduction of the mobile wallet represents the most significant evolution in payments for New Zealand since the Eftpos

More information

Bringing Mobile Payments to Market for an International Retailer

Bringing Mobile Payments to Market for an International Retailer Bringing Mobile Payments to Market for an International Retailer Founded in 2011, Clearbridge Mobile has emerged as a world class studio developing state of the art wearable and mobile wallet / payment

More information

Preparing for EMV chip card acceptance

Preparing for EMV chip card acceptance Preparing for EMV chip card acceptance Ben Brown Vice President, Regional Sales Manager, Wells Fargo Merchant Services Lily Page Vice President, Wholesale ereceivables, Wells Fargo Merchant Services June

More information

NFC Application Mobile Payments

NFC Application Mobile Payments NFC Application Mobile Payments Public MobileKnowledge June 2014 Agenda Introduction to payments Card based payments Mobile based payments NFC based payments mpos solutions NXP Product portfolio Successful

More information

We believe First Data is well positioned to take advantage of all of these trends given the breadth of our solutions and our global operating

We believe First Data is well positioned to take advantage of all of these trends given the breadth of our solutions and our global operating Given recent payment data breaches, clients are increasingly demanding robust security and fraud solutions; and Financial institutions continue to outsource and leverage technology providers given their

More information

rguest Pay Gateway: A Solution Review

rguest Pay Gateway: A Solution Review rguest Pay Gateway: A Solution Review TABLE OF CONTENTS Introduction...3 Why P2PE?...4 PCI P2PE Standards...4 Buyer Beware...6 PCI DSS Scope Reduction...6 P2PE Payment Terminals...7 The Payment Information

More information

Bringing Security & Interoperability to Mobile Transactions. Critical Considerations

Bringing Security & Interoperability to Mobile Transactions. Critical Considerations Bringing Security & Interoperability to Mobile Transactions Critical Considerations April 2012 Transactions 2 Table of Contents 1. Introduction... 3 2. Section 1: Facing up the challenges of a connected

More information

Android pay. Frequently asked questions

Android pay. Frequently asked questions Android pay Frequently asked questions June 2015 Android Pay - FAQs In May 2015, Android Pay was announced by Google. Android Pay is Google s payments solution that allows consumers to do in-store and

More information

Changing Consumer Purchasing Patterns. John Mayleben, CPP SVP, Technology and Product Development Michigan Retailers Association

Changing Consumer Purchasing Patterns. John Mayleben, CPP SVP, Technology and Product Development Michigan Retailers Association Changing Consumer Purchasing Patterns John Mayleben, CPP SVP, Technology and Product Development Michigan Retailers Association Michigan Retailers Association! Michigan Retailers Association is trade

More information

Beginner s Guide to Point of Sale

Beginner s Guide to Point of Sale Beginner s Guide to Point of Sale Are you looking to purchase your first restaurant POS system? Interested in switching to a new restaurant POS? Enjoy reading online guides with informative graphics? Our

More information

What Merchants Need to Know About EMV

What Merchants Need to Know About EMV Effective November 1, 2014 1. What is EMV? EMV is the global standard for card present payment processing technology and it s coming to the U.S. EMV uses an embedded chip in the card that holds all the

More information

Enabling Seamless & Secure Mobility in BYOD, Corporate-Owned and Hybrid Environments

Enabling Seamless & Secure Mobility in BYOD, Corporate-Owned and Hybrid Environments Enabling Seamless & Secure Mobility in BYOD, Corporate-Owned and Hybrid Environments Efficiently and Cost- Effectively Managing Mobility Risks in the Age of IT Consumerization Table of Contents EXECUTIVE

More information

PCI Security Standards Council

PCI Security Standards Council PCI Security Standards Council Bob Russo, General Manager 2013 Why PCI Matters Applying PCI How You Can Participate Agenda About the PCI Council Open, global forum Founded 2006 Guiding open standards for

More information

C23: NFC Mobile Payment Ecosystem & Business Model. Jane Cloninger Director

C23: NFC Mobile Payment Ecosystem & Business Model. Jane Cloninger Director C23: NFC Mobile Payment Ecosystem & Business Model Jane Cloninger Director The mobile phone is the most successful communication device in history Global mobile subscribers (millions) 5,000 4,500 4,000

More information

Enterprise Mobile Security Survey

Enterprise Mobile Security Survey Enterprise Mobile Security Survey Fielded December, 2010 Executive Summary Paul Roberts, Editor, Threatpost Enterprises Facing Security Gap with Mobile Devices A Threatpost.com survey of 120 enterprise

More information

Payment Security Update

Payment Security Update Payment Security Update Rick Dakin, CEO & Cofounder October 2, 2014 Agenda Coalfire Introduction Changing Environment Threats Technology Compliance Mobile Security Recent Data Breaches Risk Management

More information

PCI PA-DSS Requirements. For hardware vendors

PCI PA-DSS Requirements. For hardware vendors PCI PA-DSS Requirements For hardware vendors PCI security services UL's streamlined PCI PA-DSS certification services get your product to market faster. UL is world leader in advancing safety. Through

More information

Global Encryption and Key Management Trends Study

Global Encryption and Key Management Trends Study Global Encryption and Key Management Trends Study SPONSORED BY THALES E-SECURITY INDEPENDENTLY CONDUCTED BY PONEMON INSTITUTE LLC PUBLICATION DATE: APRIL 2015 www.thalesgroup.com Background Data Rise of

More information

The Explosion of Mobile Technology; What s the Impact on the Financial Services Industry?

The Explosion of Mobile Technology; What s the Impact on the Financial Services Industry? The Explosion of Mobile Technology; What s the Impact on the Financial Services Industry? Presented by: on Financial Services 1 A look at the state of mobile technology in 2012 on Financial Services 2

More information

PCI and EMV Compliance Checkup

PCI and EMV Compliance Checkup PCI and EMV Compliance Checkup ATM Security Jim Pettitt Director, ATM Security Diebold Incorporated Agenda ATM threats today Top of mind risk PCI Impact on Security U.S. EMV Migration Conclusions / recommendations

More information

Mobile Application Security. Helping Organizations Develop a Secure and Effective Mobile Application Security Program

Mobile Application Security. Helping Organizations Develop a Secure and Effective Mobile Application Security Program Mobile Application Security Helping Organizations Develop a Secure and Effective Mobile Application Security Program by James Fox fox_james@bah.com Shahzad Zafar zafar_shahzad@bah.com Mobile applications

More information

A Brand New Checkout Experience

A Brand New Checkout Experience A Brand New Checkout Experience EMV Transformation EMV technology is transforming the U.S. payment industry, bringing a whole new experience to the checkout counter. Introduction What is EMV? It s 3 small

More information

A Brand New Checkout Experience

A Brand New Checkout Experience A Brand New Checkout Experience EMV Transformation EMV technology is transforming the U.S. payment industry, bringing a whole new experience to the checkout counter. Introduction What is EMV? It s 3 small

More information

A Solution to the Mobile Wallet Conundrum

A Solution to the Mobile Wallet Conundrum A Solution to the Mobile Wallet Conundrum 2014 Cortex MCP Page 1 Introduction: A new approach is needed to make the Mobile Wallet mainstream More people than ever are using smartphones to place and take

More information

Best Practices in Mobile Device Management (MDM) Assoc. Prof. Dr. Thanachart Numnonda Executive Director IMC Institute

Best Practices in Mobile Device Management (MDM) Assoc. Prof. Dr. Thanachart Numnonda Executive Director IMC Institute Best Practices in Mobile Device Management (MDM) Assoc. Prof. Dr. Thanachart Numnonda Executive Director IMC Institute Technology Trends 2 Gartner Top 10 Strategic Technology Trends 2012 2013 Media tablets

More information

SELLING PAYMENT SYSTEMS SERVICES & SOLUTIONS

SELLING PAYMENT SYSTEMS SERVICES & SOLUTIONS SELLING PAYMENT SYSTEMS SERVICES & SOLUTIONS A RESELLER S GUIDE CONTENTS New Sales Opportunities : EMV Mandate Means New Business... 3 New POS Will Need Both EMV and PCI... 3 Growing Demand for NFC Transactions...

More information

Mobile Payment Solutions: Best Practices and Guidelines

Mobile Payment Solutions: Best Practices and Guidelines Presented by the Mobile Payments Committee of the Electronic Transactions Association Mobile Payment Solutions: Best Practices and Guidelines ETA s Best Practices and Guidelines for Mobile Payment Solutions

More information

Evolving Mobile Payments Industry Landscape

Evolving Mobile Payments Industry Landscape Evolving Mobile Payments Industry Landscape Mobile Banking: Can the Unbanked Bank on It? Sargent Shriver National Center on Poverty Law webinar August 16, 2012 Marianne Crowe Federal Reserve Bank of Boston

More information

White Paper PCI-Validated Point-to-Point Encryption On Microsoft Azure. By Christopher Kronenthal, Chief Technology Officer

White Paper PCI-Validated Point-to-Point Encryption On Microsoft Azure. By Christopher Kronenthal, Chief Technology Officer White Paper PCI-Validated Point-to-Point Encryption On Microsoft Azure By Christopher Kronenthal, Chief Technology Officer Advanced Commerce Platform Foreword 2015 will bring incredible change and innovation

More information

To ensure independence, PSC does not represent, resell or receive commissions from any third party hardware, software or solutions vendors.

To ensure independence, PSC does not represent, resell or receive commissions from any third party hardware, software or solutions vendors. About PSC With offices in the USA, Canada, UK and Australia, PSC is a leading PCI, PA DSS, and P2PE assessor, PCI Forensics Company and Approved Scanning Vendor. PSC is one of an elite few companies qualified

More information

Securing the future of mobile services. SIMalliance Open Mobile API. An Introduction v2.0. Security, Identity, Mobility

Securing the future of mobile services. SIMalliance Open Mobile API. An Introduction v2.0. Security, Identity, Mobility 1 An Introduction v2.0 September 2015 Document History 2 Version Date Editor Remarks 1.0 06/04/2011 OMAPI Working Group Public release 2.0 27/09/2015 OMAPI Working Group Public release Copyright 2015 SIMalliance

More information

Why Email Encryption is Essential to the Safety of Your Business

Why Email Encryption is Essential to the Safety of Your Business Why Email Encryption is Essential to the Safety of Your Business What We ll Cover Email is Like a Postcard o The Cost of Unsecured Email 5 Steps to Implement Email Encryption o Know Your Compliance Regulations

More information

All Things Payments & EMV. www.thestrawgroup.com / www.paymentspulse.com

All Things Payments & EMV. www.thestrawgroup.com / www.paymentspulse.com All Things Payments & EMV www.thestrawgroup.com / www.paymentspulse.com Section 1: Payments Primer History and major payments milestones Merchants having the ability to accept card brands is the foundation

More information

OpenEdge Research & Development Group April 2015

OpenEdge Research & Development Group April 2015 2015: Security, Merchant Readiness & the Coming Liability Shift OpenEdge Research & Development Group April 2015 solutions@openedgepay.com openedgepay.com 2015: Security, Merchant Table of Contents The

More information

DATA SECURITY: EVERYTHING YOU NEED TO KNOW

DATA SECURITY: EVERYTHING YOU NEED TO KNOW DATA SECURITY: EVERYTHING YOU NEED TO KNOW! Data Breaches: Where, What and Why! Federal and State Regulations to Protect Data! EMV Chip Technology! PIN or Signature?! Existing and Emerging Security Options!

More information

Thoughts on PCI DSS 3.0. September, 2014

Thoughts on PCI DSS 3.0. September, 2014 Thoughts on PCI DSS 3.0 September, 2014 Speaker Today Jeff Sanchez is a Managing Director in Protiviti s Los Angeles office. He joined Protiviti in 2002 after spending 10 years with Arthur Andersen s Technology

More information

EMV-TT. Now available on Android. White Paper by

EMV-TT. Now available on Android. White Paper by EMV-TT A virtualised payment system with the following benefits: MNO and TSM independence Full EMV terminal and backend compliance Scheme agnostic (MasterCard and VISA supported) Supports transactions

More information

PREVENTING PAYMENT CARD DATA BREACHES

PREVENTING PAYMENT CARD DATA BREACHES NEW SCIENCE TRANSACTION SECURITY ARTICLE PREVENTING PAYMENT CARD DATA BREACHES DECEMBER 2014 UL.COM/NEWSCIENCE NEW SCIENCE TRANSACTION SECURITY OVERVIEW From research on the latest electronic transaction

More information

Less is More: Streamlining Commerce for the Campus Advantage

Less is More: Streamlining Commerce for the Campus Advantage Less is More: Streamlining Commerce for the Campus Advantage AGENDA Campus Commerce is BIG Business $$$ Revenue Opportunity is Growing Campus Cards are Used Everywhere for Almost Anything Technology What

More information

Creating a trust infrastructure to support mobile payments

Creating a trust infrastructure to support mobile payments www.thales-esecurity.com Thales e-security Creating a trust infrastructure to support mobile payments Hardening cryptographic security for HCE, SE, P2P and more White Paper October 2014 Contents Scope

More information

U.S. Mobile Payments Landscape NCSL Legislative Summit 2013

U.S. Mobile Payments Landscape NCSL Legislative Summit 2013 U.S. Mobile Payments Landscape NCSL Legislative Summit 2013 Marianne Crowe Vice President, Payment Strategies Federal Reserve Bank of Boston August 13, 2013 2 Agenda Overview of Mobile Payments Landscape

More information

EMV and Small Merchants:

EMV and Small Merchants: September 2014 EMV and Small Merchants: What you need to know Mike English Executive Director, Product Development Heartland Payment Systems 2014 Heartland Payment Systems, Inc. All trademarks, service

More information

Mobile Near-Field Communications (NFC) Payments

Mobile Near-Field Communications (NFC) Payments Mobile Near-Field Communications (NFC) Payments OCTOBER 2013 GENERAL INFORMATION American Express continues to develop its infrastructure and capabilities to support growing market interest in mobile payments

More information

PCI P2PE 2.0. What Does it Mean for Merchants and Processors? September 10, 2015

PCI P2PE 2.0. What Does it Mean for Merchants and Processors? September 10, 2015 PCI P2PE 2.0 What Does it Mean for Merchants and Processors? September 10, 2015 Agenda Housekeeping Presenters About Conexxus Presentation Q& A 2015 Conexxus Webinar Schedule* Month/Date Webinar Title

More information

My CEO wants an ipad now what? Mobile Security for the Enterprise

My CEO wants an ipad now what? Mobile Security for the Enterprise My CEO wants an ipad now what? Mobile Security for the Enterprise Agenda Introductions Emerging Mobile Trends Mobile Risk Landscape Response Framework Closing Thoughts 2 Introductions Amandeep Lamba Manager

More information

ICS Presents: The October 1st 2015 Credit Card Liability Shift: This Impacts Everyone!

ICS Presents: The October 1st 2015 Credit Card Liability Shift: This Impacts Everyone! ICS Presents: The October 1st 2015 Credit Card Liability Shift: This Impacts Everyone! Presenters: Cliff Gray Senior Associate of The Strawhecker Group Jon Bonham CISA, Coalfire The opinions of the contributors

More information

Corbin Del Carlo Director, National Leader PCI Services. October 5, 2015

Corbin Del Carlo Director, National Leader PCI Services. October 5, 2015 PCI compliance: v3.1 Key Considerations Corbin Del Carlo Director, National Leader PCI Services October 5, 2015 Today s Presenter Corbin Del Carlo QSA, PA QSA Director, National Leader PCI Services Practice

More information

Suzanne Lynch Professor of Practice Economic Crime Utica College sl6-15 1

Suzanne Lynch Professor of Practice Economic Crime Utica College sl6-15 1 Suzanne Lynch Professor of Practice Economic Crime Utica College sl6-15 1 The most significant trend is decreasing paper payments and increasing electronic payments. Many organizations are also seeing

More information

Apple Pay & The New Environment for Mobile Payment Apps

Apple Pay & The New Environment for Mobile Payment Apps Apple Pay & The New Environment for Mobile Payment Apps November 3, 2014 Greg Weed Greg.Weed@phoenixmi.com 828-697-9192 Events, Timing & Methodology I SEPT 9 Apple Press Conference SEPT 18 2104 CPM Data

More information

Twelve Transformational Digital Retail Technologies Explained (Part 1)

Twelve Transformational Digital Retail Technologies Explained (Part 1) Retail Technologies Explained (Part 1) Will these 12 emerging technologies transform retailing? You decide! Twelve Transformational Digital Retail Technologies Explained (Part 1) Retail Technologies Explained

More information

"Secure insight, anytime, anywhere."

Secure insight, anytime, anywhere. "Secure insight, anytime, anywhere." THE MOBILE PARADIGM Mobile technology is revolutionizing the way information is accessed, distributed and consumed. This 5th way of computing will dwarf all others

More information

welcome to liber8:payment

welcome to liber8:payment liber8:payment welcome to liber8:payment Our self-service kiosks free up staff time and improve the overall patron experience. liber8:payment further enhances these benefits by providing the convenience

More information

Card Acceptance Best Practices to Manage Rates and Minimize Risk

Card Acceptance Best Practices to Manage Rates and Minimize Risk Card Acceptance Best Practices to Manage Rates and Minimize Risk Kim Jackson VP, Transfund Merchant Services April 23, 2014 BOK Financial is registered with the National Association of State Boards of

More information

A RE T HE U.S. CHIP RULES ENOUGH?

A RE T HE U.S. CHIP RULES ENOUGH? August 2015 A RE T HE U.S. CHIP RULES ENOUGH? A longer term view of security and the payments landscape is needed. Abstract: The United States is finally modernizing its card payment systems and confronting

More information

EMV mobile Point of Sale (mpos) Initial Considerations

EMV mobile Point of Sale (mpos) Initial Considerations EMV mobile Point of Sale EMV mobile Point of Sale (mpos) Initial Considerations Version 1.1 June 2014 2014 EMVCo, LLC ( EMVCo ). All rights reserved. Any and all uses of the EMV Specifications ( Materials

More information

PCI DSS 101 FOR CTOs AND BUSINESS EXECUTIVES

PCI DSS 101 FOR CTOs AND BUSINESS EXECUTIVES PCI DSS 101 FOR CTOs AND BUSINESS EXECUTIVES CUTTING THROUGH THE COMPLEXITY AND CONFUSION Over the years, South African retailers have come under increased pressure to gain PCI DSS (Payment Card Industry

More information

Evolution of Payments. Ottawa 2013

Evolution of Payments. Ottawa 2013 Evolution of Payments Ottawa 2013 Bringing Together Conference Themes Members Access to services Convenience Innovation New entrants Partners Delivery Technology Mobile Cloud / SAS 3 Common Elements of

More information

EMV Delivery of Mobile, Parking and Unattended Payments. Elavon

EMV Delivery of Mobile, Parking and Unattended Payments. Elavon EMV Delivery of Mobile, Parking and Unattended Payments Elavon Elavon-At-A-Glance Elavon s primary business model is growth through partnerships; more than 1,500 Financial Institution partners serving

More information

IDENTITY & ACCESS. BYOD and Mobile Security Seizing Opportunities, Eliminating Risks in a Dynamic Landscape

IDENTITY & ACCESS. BYOD and Mobile Security Seizing Opportunities, Eliminating Risks in a Dynamic Landscape IDENTITY & ACCESS BYOD and Mobile Security Seizing Opportunities, Eliminating Risks in a Dynamic Landscape Introduction How does your enterprise view the BYOD (Bring Your Own Device) trend opportunity

More information

Ensuring the security of your mobile business intelligence

Ensuring the security of your mobile business intelligence IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive

More information

How Secure are Contactless Payment Systems?

How Secure are Contactless Payment Systems? SESSION ID: HT-W01 How Secure are Contactless Payment Systems? Matthew Ngu Engineering Manager RSA, The Security Division of EMC Chris Scott Senior Software Engineer RSA, The Security Division of EMC 2

More information

Protecting against Mobile Attacks

Protecting against Mobile Attacks 2014-APR-17 Protecting against Mobile Attacks Frankie Wong Security Analyst, HKCERT 1 Image source: http://www.techweekeurope.co.uk/news/mobile-malware-record-mcafee-125537 2 Agenda Attacks moving to mobile

More information

4 Steps to Effective Mobile Application Security

4 Steps to Effective Mobile Application Security Mobile Application Security Whitepaper 4 Steps to Effective Mobile Application Security Table of Contents Executive Summary 3 Mobile Security Risks in Enterprise Environments 4 The Shortcomings of Traditional

More information

RETHINKING ORC: NRF S CYBER SECURITY EFFORTS. OMG Cross Domain Threat & Risk Information Exchange Day, March 23, 2015

RETHINKING ORC: NRF S CYBER SECURITY EFFORTS. OMG Cross Domain Threat & Risk Information Exchange Day, March 23, 2015 RETHINKING ORC: NRF S CYBER SECURITY EFFORTS OMG Cross Domain Threat & Risk Information Exchange Day, March 23, 2015 No Organization is Secure Source: http://www.informationisbeautiful.net An Average

More information

Mobile Device Strategy

Mobile Device Strategy Mobile Device Strategy Technology Experience Bulletin, TEB: 2012-01 Mobile Device Strategy Two years ago, the Administrative Office of Pennsylvania Courts (AOPC) standard mobile phone was the Blackberry.

More information

That Point of Sale is a PoS

That Point of Sale is a PoS SESSION ID: HTA-W02 That Point of Sale is a PoS Charles Henderson Vice President Managed Security Testing Trustwave @angus_tx David Byrne Senior Security Associate Bishop Fox Agenda POS Architecture Breach

More information

toast EMV in 2015: How Restaurants Can Prepare for the New Chip-and-Pin Standard

toast EMV in 2015: How Restaurants Can Prepare for the New Chip-and-Pin Standard toast EMV in 2015: How Restaurants Can Prepare for the New Chip-and-Pin Standard Table of Contents For more than 40 years, merchants and consumers have used magnetic stripe credit cards and compatible

More information

BUSINESS PROTECTION. PERSONAL PRIVACY. ONE DEVICE.

BUSINESS PROTECTION. PERSONAL PRIVACY. ONE DEVICE. BUSINESS PROTECTION. PERSONAL PRIVACY. ONE DEVICE. Enhanced Security for Your Network and Business Intelligence. Work Hard. Rest Easy. Today, employees are always on, which for you means always vulnerable.

More information

Credential Management for Cloud Computing

Credential Management for Cloud Computing Credential Management for Cloud Computing Workshop Cloud Security, 16.07.2014 Dr. Johannes Luyken Page 1 Security breaches increase in their impact by exploiting online access to confidential data that

More information