11/24/2014. PCI Compliance: Major Changes in e-quantum/quantum Net

Transcription

1 PCI Compliance: Major Changes in e-quantum/quantum Net 1

2 Credit Card Fraud By some estimates, credit card fraud will cost legitimates businesses hundreds of billions of dollars world wide this year. If your company accepts, process, or stores credit card data, PCI Compliance is a requirement. The PCI DSS is a multifaceted security standard that includes requirements for The PCI security DSS is a management, multifaceted policies, security standard procedures, that includes network requirements architecture, for software design and other critical security protective management, measures. policies, procedures, network architecture, software design and other critical This comprehensive protective measures. standard is intended to help organizations proactively protect This comprehensive customer account standard data. is intended to help organizations proactively protect PCI DSS is primarily concerned with the customer Processing, account Storage data. and Transmission of the Primary Account Number (PAN) on the PCI DSS front is primarily of every Debit concerned and Credit with Card, the and its protection. Processing, Storage and Transmission of the Primary Account Number (PAN) on the front of every Debit and Credit Card, and its protection PCI DSS Joint effort of VISA International MasterCard Worldwide American Express Discover Financial Services JCB Includes 12 security requirements (approx. 940 individual responses) First version (1.0) published in December Current version of the standards is 3.0 released August, Cost has exceeded $100,000 Go to the PCISecuritystandards.org website for more information 2

3 Why Become PCI Compliant? The penalties too severe to not maintain compliance Protect customers personal data Boost customer confidence through a higher level of data security Lower exposure to financial losses and remediation costs Maintain customer trust and safeguard the reputation of the brand Provide a complete health check for any business that stores or transmit customer information Credit Card Process Play 3

4 Credit Card Clearing and Settlement What PCI Means To Your Company e Quantum/Quantum Net: Credit card data will no longer be stored in e Quantum or Q Net. Credit card payment data processing and storage will be done by certified PCI Compliant "Vault" with which we are integrated. The "Vault" with which we are currently integrating is PayTrace and Authorize.net. This has been selected after extensive research regarding capabilities, storage and transaction fees. 4

5 Payment Tokenization Tokenization is the process of replacing sensitive card information and billing information with a unique identifier. The unique identifier is called a payment token. The token is stored in e Quantum and Quantum Net instead of the credit card number. Tokenization protects sensitive cardholder information in order to comply with PCI industry standards. Requirements You must be on e Quantum Version 11 and the NEW Q Net. If you are using any gateway but PayTrace, you will need to contact PowerPay. PowerPay will set your company up on PayTrace or Authorize.net and send you your user s name and password. E Quantum Support will setup your Merchant Account with PayTrace or Authorize.net. 5

6 The new Quantum Net will only use SubCategories or Collapsible. You will need to upgrade your clients sites to either of these skins. This new Q Net will include the new PCI Compliant and Manager s Approval programs. e Quantum will need internet access for credit card communications. All stored credit card numbers are removed from e Quantum. Heather Hunsicker, Relationship Manager Phone: ext hhunsicker@powerpay.biz If you currently using PowerPay and are using the PayTrace gateway, no change is needed. If you are using PowerPay but using another gateway, you will need to switch to PayTrace or Authorize.net If you are using another merchant, you will need to be on PayTrace Professional API version or Authorize.net. 6

7 Why we selected PayTrace Level 3 Processing for Visa and MasterCard Customer s Credit Card Profile will be stored within PayTrace s Payment Card Industry Data Security Standards (PCI DSS) Validated solution. Unlimited number of customers records can be stored. No payment data is stored on your network, your computers or e Quantum or Quantum Net servers. All customer payment account numbers are encrypted as they enter the PayTrace system. The data is stored within PayTraces Tier 3 highavailability data center. 7

8 Convenience and Piece of Mind Customer information is available at your fingertips. Stored customer credit card numbers that are part of your customers profiles. Can be used to process payments without asking your customer for their card number each time they make a purchase. Pays on customizable Authorize.Net Website. Authorize.Net handles all the secure transaction process payment data collection, data submission and the response to the customer while keeping Authorize.Net virtually transparent. Data stored on Authorize.Net PCI compliant servers (reduces risk to you the merchant) 8

9 Activate Gateway The PayTrace gateway has been activated at no charge for all distributors. For Gateway questions contact Sales at quantum.com or Setup the Gateway PowerPay will provide the User ID and Password. 9

10 Warning Message Select Your Companywide Default Merchant Account 10

11 Adding Credit Cards To Client Or Ship To Only the last four digits of the card displays Expiration date and name appears for PayTrace and Authorize.net. Add credit card will open your browser to the cc gateway. Edit credit card will open browser to cc gateway Delete the card, deletes the attached card from this client. Set as default, flags cc card for PO s and Releases, Check box appears Hold/Unhold 11

12 PayTrace Profile Screen Billing name, address, credit card number and expiration date. CVC Credit Verification Code is not available for PayTrace. Authorize.net Profile Screen 12

13 Q Net Checkout Screen Continue To Secure Payment Customer Enters Credit Card Information 13

14 Integration Confirmation Q Net Order Confirmation 14

15 Enter Credit Info on Purchase Order The card information is not stored in e Quantum. The edit button connects e Quantum to the Pay Trace website. A window displays while e Quantum is connecting to the website. Edit Client Info View or Edit the information, click Save Customer Profile. The information is saved on the website. 15

16 Credit Card On the Invoice Setup a Credit Card Surcharge On The Invoice 16

17 Credit Card Surcharge Is An Add On Cost On The Invoice Charge Through AR 17

18 Accessing The Transaction Transactions can be accessed from the dashboard or go to Virtual Terminal to select Transactions. Searching For The Transaction Enter Search Criteria View Transaction or Customer information Search Results 18

19 Transaction Information Transaction Information Customer Information Tracking the Status Status changes to Pending Settlement after charging through e Quantum. 19

20 Transaction Information Customer Information 20

21 View and Print Transaction Details View/print receipt View/print transaction details Receipt 21

22 Transaction Details For A Charge Checkout Design Upload your logo Customize colors Preview 22

23 Customize The Customer s Credit Card Entry Screen Customize the web site Upload your logo Customize site colors 23