Your Single Source. for credit, debit and pre-paid services. Fraud Risk and Mitigation

Save this PDF as:
Size: px
Start display at page:

Download "Your Single Source. for credit, debit and pre-paid services. Fraud Risk and Mitigation"

Transcription

1 Your Single Source for credit, debit and pre-paid services Fraud Risk and Mitigation

2 Agenda Types of Fraud Fraud Identification Notifications Next Steps 11/8/2013 2

3 Types of Fraud Lost and Stolen Cards Fraudulent Applications Account Takeover Unauthorized Use of Card Numbers Counterfeit Cards and Skimming Account Testing PIN Authentication Attacks Merchant System PIN Theft Not-Received-Items Cardholder Bust-Outs Balance Transfer Fraud Identity Theft 11/8/2013 3

4 Types of Fraud Which types of fraud has your organization experienced in the past year? Debit/credit card fraud: 84% How is a fraud incident involving your organization typically detected? Cardholder notification: 82% Which non-financial losses did your organization suffer from fraud incidents? Loss of productivity: 59% 2012 Information Security Media Group Survey 11/8/2013 4

5 FRAUD IDENTIFICATION How is fraud identified? Cardholder Notification Fraud Alert Detection System Daily Reports Compromised Card Alerts 11/8/2013 5

6 FRAUD IDENTIFICATION-Cardholder Notification If a Member alerts the Credit Union of fraudulent transactions, block and reissue the card. Determine if: Cardholder was involved in phishing, phone, smishing or any other form of fraud. Was the PIN used. Was the card number on any Compromised Alert. Can a Common Point of Purchase ( a common merchant where all the cards were used legitimately) be determined. Begin the Chargeback process/report fraud Notify ICUL Service Corp. 11/8/2013 6

7 FRAUD IDENTIFICATION-Fraud Detection System Each transaction processed through the MasterCard, Visa and Discover authorization systems is scored by the associations as well as the card processor s neural network and generates a Risk Score. This score represents the probability that the credit card transaction, signature debit transaction, ATM, or pinned POS transaction could be fraudulent. The higher the score, the greater the possibility of fraudulent activity. Alerts will be generated by your processor for investigation once they exceed the designated score threshold level. These alerts for at risk transactions can be found on the fraud application of your processor s desktop system, if applicable, or on your daily fraud reports. 11/8/2013 7

8 FRAUD IDENTIFICATION-Fraud Detection System When a Fraud Alert/phone message is received by the Cardholder from the Fraud Department of the card processor, the following steps should be taken: Cardholders should call the Credit Union to verify transactions. If the Credit Union is called, the card processor should also be notified to confirm the transactions. If you have a fraud application on your desktop system that allows you to tag the cardholder s transactions and notify the fraud department with a message, no phone call is necessary. 11/8/2013 8

9 FRAUD IDENTIFICATION-Fraud Detection System When a Fraud Alert is received by the Credit Union the following steps should be taken: Monitor fraud systems on desktop applications, if available. Review faxes, s, or reports received from the card processor and notify the cardholder immediately via phone, or mail to verify transactions. If the transactions are determined to be fraud, block and reissue the card and alert the card processor Fraud Dept. or report on the processors desktop system. The Credit Union should begin the chargeback process. The card number should be checked against prior Compromised Card Alerts received by the Credit Union. Monitor fraud alerts for similar patterns of fraudulent transactions on other cards. Attempt to determine a Common Point of Purchase (CPP is a common merchant where all the cards were used legitimately) Notify ICUL Service 11/8/2013 9

10 FRAUD IDENTIFICATION-Daily Reports Daily Authorization Reports should be monitored for: Unusual Activity Multiple declines or authorizations from the same merchant. Invalid Card Numbers Attempts to get an authorization for card numbers not issued by the credit union. Daily Fraud Reports should be monitored for: Unconfirmed Fraud These cardholders should be addressed right away Confirmed Fraud Follow up calls to the cardholder should be made 11/8/

11 FRAUD IDENTIFICATION-Compromised Card Alerts The card associations (MasterCard, VISA and Discover) or LSC Card Services sends an notification to your credit union alerting you that some of your accounts are at risk due to hacking of a merchant s database, investigation by law enforcement, or review of accounts that have been forwarded by another card association member. This is equivalent to an RA (Review and Analysis) CAMs alert that VISA sends. The notification will give details of the alert and will help to decision through how the alert should be managed. 11/8/

12 FRAUD IDENTIFICATION-Compromised Card Alerts VISA Alert ***This is a PROACTIVE ALERT provided prior to confirmation of a compromise incident or substantiated forensic evidence of a breach.*** Case Number: US a-PA Date: May 1, 2013 Entity Type: Brick & Mortar Suspected Data Elements at Risk: - Track 1: Yes - Track 2: Yes Fraud Reported: Yes Estimated Exposure Window: September 1, 2012 to December 31, /8/

13 FRAUD IDENTIFICATION-Compromised Card Alerts IC Internet Compromise Accounts that were compromised by means of a network intrusion or vulnerabilities discovered in point-of-sale applications. An example would be a hacker gaining access to a merchant's database Unauthorized use of internal network Entities that are identified as a CPP but do not have a forensic investigation; out of business or outright refuse to have one. The type of entity can be Brick and Mortar or ecommerce LE Law Enforcement Accounts sent to Visa Fraud Control & Investigations by law enforcement; typically as a result of the execution of a search warrant or an arrest of a suspect Accounts recovered in an investigation by law enforcement from another region RE Recovered Accounts Accounts being posted on the Internet or other miscellaneous recovered accounts not elsewhere classified RA Review and Analysis The accounts may or may not be at risk however based on the circumstances, they require a closer look by Issuers. Testing of accounts that are provided by Decision Sciences. Lost /stolen equipment, PCs, servers and data tapes track and non-track Device Tampering or Skimming PA Proactive Alert Early alert of a potential compromised event and possible at-risk accounts by means of a network intrusion or vulnerabilities discovered in point-of-sale applications A PA event is unconfirmed and the forensic investigation has not been completed 11/8/

14 FRAUD IDENTIFICATION-Compromised Card Alerts MasterCard Alerts - Account Data Compromise Notification The MasterCard Fraud Management department has been notified of a situation in which MasterCard payment accounts have been exposed to possible compromise. Case Number MCA0320-US-13 ICA xxxx 2 accounts Event Description Security breach of a US merchant s ecommerce network A data security firm has been engaged to conduct an onsite forensic investigation This Alert discloses the payment account numbers of MasterCard accounts that were exposed to compromise. Nature of Account Data Potentially At Risk Payment account number, expiration date and CVC2 At-Risk Time Period March 1, 2012 through January 14, /8/

15 FRAUD IDENTIFICATION-Compromised Card Alerts Credit Union Actions: When notification of a Compromised Card Alert is received, the following actions should take place: Evaluate the information and card numbers received in the alert. Determine how many of the compromised card numbers are still active. If you have closed card numbers that were involved in fraud, look to see if the fraud pattern that warranted the closing of the card record matches or is similar with the circumstances or fraud pattern described in the Compromised Card Alert message. 11/8/

16 FRAUD IDENTIFICATION-Compromised Card Alerts After your evaluation of the card numbers on the Compromised Card Alerts, you determine that some of the numbers have been closed because fraud has been reported, you can minimize your risk by: Consider these card records at high risk for fraud and close and reissue with a new card number. Contact your member and advise to continue monitoring card activity and to report any unauthorized transactions that post to their account. 11/8/

17 FRAUD IDENTIFICATION-Compromised Card Alerts If you haven t seen any signs of fraud that you believe could be linked to the reported account compromise card alert, and choose to monitor the active card numbers on the alert, you can minimize your risk for incidents involving the compromise of full track data by: Determining if any of the accounts were reissued after the compromise date. If so, you may not need to consider these accounts as high- risk, since they would have been reissued with a different Card Verification Value (CVV) and expiration date. 11/8/

18 FRAUD IDENTIFICATION-Compromised Card Alerts Check for upcoming expirations. Of the affected accounts, determine how many of them will be expiring in the next 30 to 180 days. Consider moving up the reissue on those accounts. Utilize Processors Neural Network fraud tools. Some of the processors are offering fraud applications that monitor transaction activity on card numbers that have been listed on a compromised account alert. Card numbers from Compromised Alerts should be saved for use in the future when cardholders report fraud. If a cardholder reports fraud, that card number should be checked against past Alerts to determine if it had been reported as compromised. If so, all cards on that list, not previously re-issued, should be blocked and reissued. 11/8/

19 Notifications If your Credit Union is seeing a pattern of fraud, the following steps should be taken: Notify the local authorities Complete a Suspicious Activity Report (SAR) Notify LSC Card Services LSC Card Services will: Notify FICO for PIN Fraud Notify VISA, MasterCard or Discover for signature Fraud Please notify LSC Card Services at with any fraud questions or assistance that your Credit Union may need. 11/8/

20 Summary Monitor, investigate, detect, analyze, and report fraudulent activity. Focus should be on these three primary functions: Prevent by following best practice recommendations and using all the fraud-prevention systems available. Detect by using the available fraud tools the card processors offer for fraud mitigation. Report by notifying processors through chargebacks and desktop system, if available and LSC Card Services 11/8/

21 What else.. Introducing the LSC Card Services Risk Management Mailbox Internal Risk Management Team that will answer your questions regarding: Fraud Trends Fraud Mitigation Best Practices Tools 11/8/

22 What else.. LSC Website Fraud-Important Information 11/8/

23 What s Next Coming Soon Open forum to promote information sharing and increase awareness of fraud activities Webinars Roundtable discussions throughout the year 11/8/

24 Questions????? 11/8/

25 Thank You Contact LSC Card Services at /8/

Visa global Compromised Account

Visa global Compromised Account Visa global Compromised Account RECOVERY PROGRAM WHAT EVERY MERCHANT SHOULD KNOW ABOUT GCAR WHAT EVERY MERCHANT SHOULD KNOW ABOUT GCAR WHAT The Visa Global Compromised Account Recovery (GCAR) program offers

More information

FIGHTING FRAUD: IMPROVING INFORMATION SECURITY TESTIMONY OF JOHN J. BRADY VICE PRESIDENT, MERCHANT FRAUD CONTROL MASTERCARD INTERNATIONAL

FIGHTING FRAUD: IMPROVING INFORMATION SECURITY TESTIMONY OF JOHN J. BRADY VICE PRESIDENT, MERCHANT FRAUD CONTROL MASTERCARD INTERNATIONAL FIGHTING FRAUD: IMPROVING INFORMATION SECURITY TESTIMONY OF JOHN J. BRADY VICE PRESIDENT, MERCHANT FRAUD CONTROL MASTERCARD INTERNATIONAL Before the Subcommittee on Financial Institutions and Consumer

More information

With the Target breach on everyone s mind, you may find these Customer Service Q & A s helpful.

With the Target breach on everyone s mind, you may find these Customer Service Q & A s helpful. With the Target breach on everyone s mind, you may find these Customer Service Q & A s helpful. Breach Overview Q: Media reports are stating that Target experienced a data breach. Can you provide more

More information

Cyber - Security and Investigations. Ingrid Beierly August 18, 2008

Cyber - Security and Investigations. Ingrid Beierly August 18, 2008 Cyber - Security and Investigations Ingrid Beierly August 18, 2008 Agenda Visa Cyber - Security and Investigations Today s Targets Recent Attack Patterns Hacking Statistics (removed) Top Merchant Vulnerabilities

More information

Handling Debit Card, ATM, & Point-of-Sale Fraud

Handling Debit Card, ATM, & Point-of-Sale Fraud Handling Debit Card, ATM, & Point-of-Sale Fraud First Things First You have noticed fraudulent transactions involving your Debit Card, ATM, or Point-of-Sale (POS). You should contact us immediately to

More information

Handling Debit Card, ATM, & Point-of-Sale Fraud

Handling Debit Card, ATM, & Point-of-Sale Fraud Handling Debit Card, ATM, & Point-of-Sale Fraud First Things First You have noticed fraudulent transactions involving your Debit Card, ATM, or Point-of-Sale (POS). You should contact us immediately to

More information

Effectively Managing Data Breaches

Effectively Managing Data Breaches Effectively Managing Data Breaches May 27, 2015 Stoddard Lambertson Cyber Intelligence and Investigations Justina Jow Cyber Intelligence and Investigations Disclaimer The information or recommendations

More information

How To Spot & Prevent Fraudulent Credit Card Activity

How To Spot & Prevent Fraudulent Credit Card Activity Datalink Bankcard Services How To Spot & Prevent Fraudulent Credit Card Activity White Paper 2013 According to statistics from the U.S. Department of Justice and the Consumer Sentinel Network, credit card

More information

Avoiding Fraud. Learn to recognize the warning signs for fraud and follow these card acceptance guidelines to reduce your risk.

Avoiding Fraud. Learn to recognize the warning signs for fraud and follow these card acceptance guidelines to reduce your risk. Avoiding Fraud Learn to recognize the warning signs for fraud and follow these card acceptance guidelines to reduce your risk. Intoduction Fraud comes in many forms and hurts merchants of all sizes. Whether

More information

BinBase.com REPORT: credit card fraud

BinBase.com REPORT: credit card fraud BinBase.com REPORT: credit card fraud Whether you are a security specialist, an e-commerce web developer, or an online merchant, a knowledge of how credit card fraud works and what you can do to prevent

More information

Fraud Prevention and Program Security Gord Jamieson Director Risk Management & Security Visa Canada Association

Fraud Prevention and Program Security Gord Jamieson Director Risk Management & Security Visa Canada Association Fraud Prevention and Program Security Gord Jamieson Director Risk Management & Security Visa Canada Association Evolution of Risk Management Controls Presentation text goes here. Presentation text goes

More information

USDA: Handling Fraud and Disputes. Deanna Hanson CPS Fraud Support Analyst

USDA: Handling Fraud and Disputes. Deanna Hanson CPS Fraud Support Analyst USDA: Handling Fraud and Disputes Deanna Hanson CPS Fraud Support Analyst Agenda What is fraud? Fraud trends Fraud case lifecycle Fraud and dispute process Tips to prevent fraud 2 Fraud Overview and Trends

More information

To all GRSB debit and credit card customers:

To all GRSB debit and credit card customers: To all GRSB debit and credit card customers: A data breach at the Target Corporation may have exposed 40 million credit/debit cards to potential fraudulent activity. If you made purchases in a Target store

More information

PCI General Policy. Effective Date: August 2008. Approval: December 17, 2015. Maintenance of Policy: Office of Student Accounts REFERENCE DOCUMENTS:

PCI General Policy. Effective Date: August 2008. Approval: December 17, 2015. Maintenance of Policy: Office of Student Accounts REFERENCE DOCUMENTS: Effective Date: August 2008 Approval: December 17, 2015 PCI General Policy Maintenance of Policy: Office of Student Accounts PURPOSE: To protect against the exposure and possible theft of account and personal

More information

Fraud Protection, You and Your Bank

Fraud Protection, You and Your Bank Fraud Protection, You and Your Bank Maximize your chances to minimize your losses Presentation for Missouri GFOA April 2011 By: Terry Endres, VP, Government Treasury Solutions Phone: 314-466-6774 Terry.m.endres@baml.com

More information

Information Technology

Information Technology Credit Card Handling Security Standards Overview Information Technology This document is intended to provide guidance to merchants (colleges, departments, organizations or individuals) regarding the processing

More information

New Account Reference Guide

New Account Reference Guide New Account Reference Guide Welcome to BBVA Compass Merchant Services Thank you for choosing BBVA Compass as your Merchant Services provider. BBVA Compass is dedicated to providing your business with the

More information

Frequently Asked Questions

Frequently Asked Questions PCI Compliance Frequently Asked Questions Table of Content GENERAL INFORMATION... 2 PAYMENT CARD INDUSTRY DATA SECURITY STANDARD (PCI DSS)...2 Are all merchants and service providers required to comply

More information

Mitigating Fraud Risk Through Card Data Verification

Mitigating Fraud Risk Through Card Data Verification Risk Management Best Practices 11 September 2014 Mitigating Fraud Risk Through Card Data Verification AP, Canada, CEMEA, LAC, U.S. Issuers, Processors With a number of cardholder payment options (e.g.,

More information

Data Security for the Hospitality

Data Security for the Hospitality M&T Bank and SecurityMetrics Present: Data Security for the Hospitality Industry Featuring Lee Pierce, SecurityMetricsStrategicStrategic Accounts Dave Ellis, SecurityMetrics Forensic Investigator Doug

More information

Heartland Secure. By: Michael English. A Heartland Payment Systems White Paper 2014. Executive Director, Product Development

Heartland Secure. By: Michael English. A Heartland Payment Systems White Paper 2014. Executive Director, Product Development A Heartland Payment Systems White Paper 2014 Heartland Secure. By: Michael English Executive Director, Product Development 2014 Heartland Payment Systems. All trademarks, service marks and trade names

More information

Langara College PCI Awareness Training

Langara College PCI Awareness Training Langara College PCI Awareness Training Have you heard of PCI? Due to the increase of credit card fraud and identity theft, major credit card companies like Visa, MasterCard and Amex have formed a security

More information

What To Do if Compromised. Visa USA Fraud Investigations and Incident Management Procedures

What To Do if Compromised. Visa USA Fraud Investigations and Incident Management Procedures What To Do if Compromised Visa USA Fraud Investigations and Incident Management Procedures Table of Contents Introduction......................................................... 1 Identifying and Detecting

More information

Franchise Data Compromise Trends and Cardholder. December, 2010

Franchise Data Compromise Trends and Cardholder. December, 2010 Franchise Data Compromise Trends and Cardholder Security Best Practices December, 2010 Franchise Data Security Agenda Cardholder Data Compromise Overview Breach Commonalities Hacking Techniques Franchisee

More information

Commercial Payments Overview. Visa Commercial Partnerships October 2013

Commercial Payments Overview. Visa Commercial Partnerships October 2013 Commercial Payments Overview Visa Commercial Partnerships October 2013 Agenda Commercial Payments VisaNet Commercial Payments Trends Fraud/Risk Mitigation Regulatory update Visa Commercial Payments Overview

More information

Payment Methods. The cost of doing business. Michelle Powell - BASYS Processing, Inc.

Payment Methods. The cost of doing business. Michelle Powell - BASYS Processing, Inc. Payment Methods The cost of doing business Michelle Powell - BASYS Processing, Inc. You ve got to spend money, to make money Major Industry Topics Industry Process Flow PCI DSS Compliance Risks of Non-Compliance

More information

EMV and Small Merchants:

EMV and Small Merchants: September 2014 EMV and Small Merchants: What you need to know Mike English Executive Director, Product Development Heartland Payment Systems 2014 Heartland Payment Systems, Inc. All trademarks, service

More information

What To Do if Compromised. Visa USA Fraud Investigations and Incident Management Procedures

What To Do if Compromised. Visa USA Fraud Investigations and Incident Management Procedures What To Do if Compromised Visa USA Fraud Investigations and Incident Management Procedures Table of Contents Introduction......................................................... 1 Security Breach Reporting............................................

More information

UCSD Credit Card Processing Policy & Procedure

UCSD Credit Card Processing Policy & Procedure UCSD Credit Card Processing Policy & Procedure The Payment Process UCSD accepts Visa, MasterCard, American Express and Discover credit cards. We perform credit transactions only, no debit sales with cash

More information

Protecting the POS Answers to Your Frequently Asked Questions

Protecting the POS Answers to Your Frequently Asked Questions Protecting the POS Answers to Your Frequently Asked Questions PROTECTING THE POS What is skimming? Skimming is the transfer of electronic data from one magnetic stripe to another for fraudulent purposes.

More information

Card Network Update Chip (EMV) Acceptance in the United States At-A-Glance

Card Network Update Chip (EMV) Acceptance in the United States At-A-Glance Card Network Update Chip (EMV) Acceptance in the United States At-A-Glance Allegiance Merchant Services is committed to assisting you in navigating through the various considerations that you may face

More information

Identifying Security. Payment System. Federal Reserve Bank. Ellen Richey Chief Enterprise Risk Officer Visa Inc. Visa Public

Identifying Security. Payment System. Federal Reserve Bank. Ellen Richey Chief Enterprise Risk Officer Visa Inc. Visa Public Identifying Security Issues in the Retail Payment System Federal Reserve Bank Chicago Ellen Richey Chief Enterprise Risk Officer Visa Inc. June 5, 2008 Agenda 1. The Data Security Landscape 2. Recent Trends

More information

DATA BREACHES AND ITS IMPACT ON CONSUMERS

DATA BREACHES AND ITS IMPACT ON CONSUMERS DATA BREACHES AND ITS IMPACT ON CONSUMERS AGENDA About UNCLE Credit Union Current Trends Financial Industry Target Breach EMV 3 Layers Of Prevention Cybersecurity Framework Protecting Your Identity Legislative

More information

Guideline on Debit or Credit Cards Usage

Guideline on Debit or Credit Cards Usage CMSGu2012-04 Mauritian Computer Emergency Response Team CERT-MU SECURITY GUIDELINE 2011-02 Enhancing Cyber Security in Mauritius Guideline on Debit or Credit Cards Usage National Computer Board Mauritius

More information

MasterCard Debit Card Disputes and Fraud Claims

MasterCard Debit Card Disputes and Fraud Claims MasterCard Debit Card Disputes and Fraud Claims For the credit union to process your MasterCard dispute or fraud claim in a timely manner, please follow this comprehensive member guide. Rutgers Federal

More information

Josiah Wilkinson Internal Security Assessor. Nationwide

Josiah Wilkinson Internal Security Assessor. Nationwide Josiah Wilkinson Internal Security Assessor Nationwide Payment Card Industry Overview PCI Governance/Enforcement Agenda PCI Data Security Standard Penalties for Non-Compliance Keys to Compliance Challenges

More information

AIS Webinar. Payment Application Security. Hap Huynh Business Leader Visa Inc. 1 April 2009

AIS Webinar. Payment Application Security. Hap Huynh Business Leader Visa Inc. 1 April 2009 AIS Webinar Payment Application Security Hap Huynh Business Leader Visa Inc. 1 April 2009 1 Agenda Security Environment Payment Application Security Overview Questions and Comments Payment Application

More information

HOME DEPOT DATA BREACH

HOME DEPOT DATA BREACH HOME DEPOT DATA BREACH This notice contains important information about the data breach announced by Home Depot, affecting some debit and credit cards used at Home Depot stores beginning April 2014. Data

More information

The need for a secure & trusted payment instrument in e-commerce. Ali AlMeshal

The need for a secure & trusted payment instrument in e-commerce. Ali AlMeshal The need for a secure & trusted payment instrument in e-commerce Ali AlMeshal In Physical/Real World Hand over card Visual check Swipe in POS Online authorization Receipt with signature panel Sign or Pin

More information

Payment Card Industry Data Security Standard (PCI DSS) Q & A November 6, 2008

Payment Card Industry Data Security Standard (PCI DSS) Q & A November 6, 2008 Payment Card Industry Data Security Standard (PCI DSS) Q & A November 6, 2008 What is the PCI DSS? And what do the acronyms CISP, SDP, DSOP and DISC stand for? The PCI DSS is a set of comprehensive requirements

More information

Statement of. Carlos Minetti. Discover Financial Services. Before the. Subcommittee on Oversight and Investigations. of the

Statement of. Carlos Minetti. Discover Financial Services. Before the. Subcommittee on Oversight and Investigations. of the Statement of Carlos Minetti Discover Financial Services Before the Subcommittee on Oversight and Investigations of the Committee on Financial Services United States House of Representatives July 21, 2005

More information

ADVANCING FRAUD MANAGEMENT FOR MORE SECURE PAYMENTS ADVANCING COMMERCE

ADVANCING FRAUD MANAGEMENT FOR MORE SECURE PAYMENTS ADVANCING COMMERCE FOR MORE SECURE PAYMENTS THE PEOPLE, PERSPECTIVE, AND PRODUCTS CUSTOMERS TRUST TO SAFEGUARD PAYMENT CARD DATA MasterCard is Committed to Helping Secure the Payment System For more than 40 years, MasterCard

More information

EMV and Restaurants What you need to know! November 19, 2014

EMV and Restaurants What you need to know! November 19, 2014 EMV and Restaurants What you need to know! Mike English Executive Director of Product Development Kristi Kuehn Sr. Director, Compliance November 9, 204 Agenda EMV overview Timelines Chip Card Liability

More information

EMV EMV TABLE OF CONTENTS

EMV EMV TABLE OF CONTENTS 2 TABLE OF CONTENTS Intro... 2 Are You Ready?... 3 What Is?... 4 Why?... 5 What Does Mean To Your Business?... 6 Checklist... 8 3 U.S. Merchants 60% are expected to convert to -enabled devices by 2015.

More information

FREQUENTLY ASKED QUESTIONS - CHARGEBACKS

FREQUENTLY ASKED QUESTIONS - CHARGEBACKS FREQUENTLY ASKED QUESTIONS - CHARGEBACKS # Questions Answer 1 What is a Chargeback? A Chargeback is the term used by Banks for debiting a merchant s bank account due to successful return of a transaction

More information

Understanding a Data Compromise and How to Respond. A Communications Guide for Issuers

Understanding a Data Compromise and How to Respond. A Communications Guide for Issuers Understanding a Data Compromise and How to Respond A Communications Guide for Issuers Who Should Use this Guide: Front-Line Marketing, Communications and Product Contacts at Issuing Financial Institutions.

More information

Fraud Prevention Issuer s Best Practice Guide

Fraud Prevention Issuer s Best Practice Guide Issuer s Best Practice Guide Rev. March 2011 www.fisglobal.com Copyright 2006 by FIS Card Services, Inc., a wholly owned subsidiary of FIS, Inc. All rights reserved. Printed in the United States of America.

More information

DATA BREACHES: HOW IT IMPACTS THE CUSTOMER & THE FINANCIAL INSTITUTION. Prepared For: First Citizens Federal Credit Union 3/18/2015

DATA BREACHES: HOW IT IMPACTS THE CUSTOMER & THE FINANCIAL INSTITUTION. Prepared For: First Citizens Federal Credit Union 3/18/2015 DATA BREACHES: HOW IT IMPACTS THE CUSTOMER & THE FINANCIAL INSTITUTION. Prepared For: First Citizens Federal Credit Union TABLE OF CONTENTS Data Breach Trends Financial Institutions Impact How First Citizens

More information

EMV and Restaurants: What you need to know. Mike English. October 2014. Executive Director, Product Development Heartland Payment Systems

EMV and Restaurants: What you need to know. Mike English. October 2014. Executive Director, Product Development Heartland Payment Systems October 2014 EMV and Restaurants: What you need to know Mike English Executive Director, Product Development Heartland Payment Systems 2014 Heartland Payment Systems, Inc. All trademarks, service marks

More information

How to Help Prevent Fraud

How to Help Prevent Fraud TD Canada Trust How to Help Prevent Fraud Merchant Services tips to help protect your business Fraud Awareness All credit cards issued in Canada are designed with special security features to help deter

More information

Credit/Debit Card Processing Requirements and Best Practices. Adele Honeyman Oregon State Treasury Training Specialist

Credit/Debit Card Processing Requirements and Best Practices. Adele Honeyman Oregon State Treasury Training Specialist Credit/Debit Card Processing Requirements and Best Practices Adele Honeyman Oregon State Treasury Training Specialist 1 What? What do I need to know about excepting credit cards? Who s involved, how it

More information

Oakland Family Services Information Breach FAQs

Oakland Family Services Information Breach FAQs Oakland Family Services Information Breach FAQs 1. What happened? An unauthorized individual remotely gained access to the email account of one Oakland Family Services employee July 14, 2015 resulting

More information

Target Data Breach Survey of Illinois Banks. Executive Summary

Target Data Breach Survey of Illinois Banks. Executive Summary Target Data Breach Survey of Illinois Banks Executive Summary February 2014 www.ilbanker.com Target Data Breach Survey of Illinois Banks Executive Summary In December of 2013, just days before the holidays,

More information

This notice contains important information about the data breaches announced by Home Depot, Kmart and Dairy Queen.

This notice contains important information about the data breaches announced by Home Depot, Kmart and Dairy Queen. RECENT DATA BREACHES This notice contains important information about the data breaches announced by Home Depot, Kmart and Dairy Queen. Data security is a number one priority at Northwest. We take every

More information

Policy for Protecting Customer Data

Policy for Protecting Customer Data Policy for Protecting Customer Data Store Name Store Owner/Manager Protecting our customer and employee information is very important to our store image and on-going business. We believe all of our employees

More information

Ouachita Baptist University. Identity Theft Policy and Program

Ouachita Baptist University. Identity Theft Policy and Program Ouachita Baptist University Identity Theft Policy and Program Under the Federal Trade Commission s Red Flags Rule, Ouachita Baptist University is required to establish an Identity Theft Prevention Program

More information

Target Security Breach

Target Security Breach Target Security Breach Lessons Learned for Retailers and Consumers 2014 Pointe Solutions, Inc. PO Box 41, Exton, PA 19341 USA +1 610 524 1230 Background In the aftermath of the Target breach that affected

More information

For more information on SQL injection, please refer to the Visa Data Security Alert, SQL Injection Attacks, available at www.visa.

For more information on SQL injection, please refer to the Visa Data Security Alert, SQL Injection Attacks, available at www.visa. Global Partner Management Notice Subject: Visa Data Security Alert Malicious Software and Internet Protocol Addresses Dated: April 10, 2009 Announcement: The protection of account information is a responsibility

More information

Retrieval & Chargeback Best Practices

Retrieval & Chargeback Best Practices Retrieval & Chargeback Best Practices A Merchant User s Guide to Help Manage Disputes Version Three November, 2010 www.firstdata.com THIS PAGE INTENTIONALLY LEFT BLANK. Developed by: First Data Payment

More information

Best safe and secure practices

Best safe and secure practices Best safe and secure practices For cards transactions BANKOMAT DEF 3 MNO 6 CLEAR - CANCEL x WXY 9 ENTER O BANKOMAT Maintaining the card and PIN number Using a card is highly valuable and provides opportunities

More information

FREQUENTLY ASKED QUESTIONS

FREQUENTLY ASKED QUESTIONS FREQUENTLY ASKED QUESTIONS 1. What is the YES BANK MasterCard SecureCode? The MasterCard SecureCode is a service offered by YES BANK in partnership with MasterCard. This authentication is basically a password

More information

Payments Fraud: It's Not Fun & Games

Payments Fraud: It's Not Fun & Games Payments Fraud: It's Not Fun & Games Claudia Swendseid Senior Vice President Payments Information & Outreach Office Federal Reserve Bank of Minneapolis NACHA Payments 2015 Claudia Swendseid Senior Vice

More information

September 20, 2013 Senior IT Examiner Gene Lilienthal

September 20, 2013 Senior IT Examiner Gene Lilienthal Cyber Crime September 20, 2013 Senior IT Examiner Gene Lilienthal The following presentation are views and opinions of the speaker and does not necessarily reflect the views of the Federal Reserve Bank

More information

Merchant Account Service

Merchant Account Service QuickBooks Online Edition Feature Guide Merchant Account Service C o n t e n t s Introduction............................. 2 What is a merchant account?.................. 2 What types of credit cards can

More information

Visa Account Information Security Tool Kit. Welcome to the Visa Account Information Security Program

Visa Account Information Security Tool Kit. Welcome to the Visa Account Information Security Program Visa Account Information Security Tool Kit Welcome to the Visa Account Information Security Program 2 Contents 1. Securing cardholder data is everyone s concern 4 2. Visa Account Information Security (AIS)

More information

Powering e-commerce Globally. What Can I Do to Minimize E-Commerce Chargebacks?

Powering e-commerce Globally. What Can I Do to Minimize E-Commerce Chargebacks? Powering e-commerce Globally What Can I Do to Minimize E-Commerce Chargebacks? Chargebacks are not going away. And now there are new rules. Selling products and services online and using credit cards for

More information

Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking

Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking SUMMARY The Payment Card Industry Data Security Standard (PCI DSS) defines 12 high-level security requirements directed

More information

Merchant Services. How to help protect your business

Merchant Services. How to help protect your business Please immediately report any suspicious activity involving credit card or debit card use to TD Merchant Services at 1-800-6-116 For more information, visit www.tdmerchantservices.com Merchant Services

More information

* Any merchant that has suffered a hack that resulted in an account data compromise may be escalated to a higher validation level.

* Any merchant that has suffered a hack that resulted in an account data compromise may be escalated to a higher validation level. Q: What is PCI? A: The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain

More information

Fraud and Identity Theft. Megan Stearns, Credit Counselor

Fraud and Identity Theft. Megan Stearns, Credit Counselor Fraud and Identity Theft Megan Stearns, Credit Counselor Agenda Fraud and identity theft statistics Fraud Identity theft Identity theft prevention Protecting your Social Security Number Online prevention

More information

Travel Card. Cardholder Frequently Asked Questions. June 2014 T.FQ.S.20141.E

Travel Card. Cardholder Frequently Asked Questions. June 2014 T.FQ.S.20141.E Travel Card Cardholder Frequently Asked Questions Travel Card (1) Where can I use my card? Your card may be used anywhere debit cards are accepted. The brand marks on your card indicate where the card

More information

CREDIT CARD MERCHANT POLICY. All campuses served by Louisiana State University (LSU) Office of Accounting Services

CREDIT CARD MERCHANT POLICY. All campuses served by Louisiana State University (LSU) Office of Accounting Services Louisiana State University Finance and Administrative Services Operating Procedure FASOP: AS-22 CREDIT CARD MERCHANT POLICY Scope: All campuses served by Louisiana State University (LSU) Office of Accounting

More information

STATE EMPLOYEES CREDIT UNION VISA GIFT CARD TERMS AND CONDITIONS Effective September 2013

STATE EMPLOYEES CREDIT UNION VISA GIFT CARD TERMS AND CONDITIONS Effective September 2013 STATE EMPLOYEES CREDIT UNION VISA GIFT CARD TERMS AND CONDITIONS Effective September 2013 This Cardholder Agreement ( Agreement") sets forth the terms and conditions of your SECU Visa Gift Card ( Card

More information

EMV FAQs. Contact us at: CS@VancoPayments.com. Visit us online: VancoPayments.com

EMV FAQs. Contact us at: CS@VancoPayments.com. Visit us online: VancoPayments.com EMV FAQs Contact us at: CS@VancoPayments.com Visit us online: VancoPayments.com What are the benefits of EMV cards to merchants and consumers? What is EMV? The acronym EMV stands for an organization formed

More information

SECTION: SUBJECT: PCI-DSS General Guidelines and Procedures

SECTION: SUBJECT: PCI-DSS General Guidelines and Procedures 1. Introduction 1.1. Purpose and Background 1.2. Central Coordinator Contact 1.3. Payment Card Industry Data Security Standards (PCI-DSS) High Level Overview 2. PCI-DSS Guidelines - Division of Responsibilities

More information

PAYROLL CARD FREQUENTLY ASKED QUESTIONS

PAYROLL CARD FREQUENTLY ASKED QUESTIONS The following document provides answers to frequently asked questions regarding the Umpqua Bank Payroll Card. Contact Customer Care at 800-650-7141 with questions. Card Basics Q. How does the Payroll Card

More information

PCI DSS Security Awareness Training for University of Tennessee Credit Card Merchants. UT System Administration Information Security Office

PCI DSS Security Awareness Training for University of Tennessee Credit Card Merchants. UT System Administration Information Security Office PCI DSS Security Awareness Training for University of Tennessee Credit Card Merchants UT System Administration Information Security Office Agenda Overview of PCI DSS Compliance versus Non-Compliance PCI

More information

CITY OF MARQUETTE, MICHIGAN CITY COMMISSION POLICY

CITY OF MARQUETTE, MICHIGAN CITY COMMISSION POLICY CITY OF MARQUETTE, MICHIGAN CITY COMMISSION POLICY Policy Number: 2008-02 Date Adopted: October 27, 2008 Department: Administrative SUBJECT: IDENTITY THEFT PREVENTION PROGRAM I. OBJECTIVE: A. To protect

More information

Harvard University Payment Card Industry (PCI) Compliance Business Process Documentation

Harvard University Payment Card Industry (PCI) Compliance Business Process Documentation Harvard University Payment Card Industry (PCI) Compliance Business Process Documentation Business Process: Documented By: PCI Data Security Breach Stephanie Breen Creation Date: 1/19/06 Updated 11/5/13

More information

Protecting Yourself When You're a Victim of Identity Theft, Forgery or Fraud

Protecting Yourself When You're a Victim of Identity Theft, Forgery or Fraud Protecting Yourself When You're a Victim of Identity Theft, Forgery or Fraud Credit Card Fraud If someone has stolen or is fraudulently using credit cards that are issued to you (including any ATM/Debit/Check

More information

Acceptance to Minimize Fraud

Acceptance to Minimize Fraud Best Practices for Credit Card Acceptance to Minimize Fraud By implementing best practices in credit card processing, you decrease the likelihood of fraudulent transactions and chargebacks. In general,

More information

Fraud Minimisation Guide ANZ Merchant Business Solutions

Fraud Minimisation Guide ANZ Merchant Business Solutions Fraud Minimisation Guide ANZ Merchant Business Solutions INTRODUCTION Fraud can occur in and is a risk for any business that accepts credit cards and it can have a significant financial impact on your

More information

Fall Conference November 19 21, 2013 Merchant Card Processing Overview

Fall Conference November 19 21, 2013 Merchant Card Processing Overview Fall Conference November 19 21, 2013 Merchant Card Processing Overview Agenda Industry Definition Process Flows Processing Costs Chargeback's Payment Card Industry (PCI) Guidelines for Convenience Fees

More information

Visa Student Card Terms and Conditions. These are your Student Card Terms and Conditions.

Visa Student Card Terms and Conditions. These are your Student Card Terms and Conditions. Visa Student Card Terms and Conditions These are your Student Card Terms and Conditions. "Agreement" means these Visa Student Card Terms and Conditions. "We" "us" and "our" refer to Bank-Fund Staff Federal

More information

PRACTICAL MONEY GUIDES DEBIT CARD BASICS. What you need to know about using your debit card

PRACTICAL MONEY GUIDES DEBIT CARD BASICS. What you need to know about using your debit card PRACTICAL MONEY GUIDES DEBIT CARD BASICS What you need to know about using your debit card MONEY IN THE BANK If credit cards mean pay later, debit cards mean pay now. These cards are issued by your bank,

More information

Identity Theft Packet

Identity Theft Packet BOULDER POLICE DEPARTMENT 1805 33 rd Street Boulder, CO 80301 Identity Theft Packet ** Use this packet when the crime involves the stealing of someone's identity, such as when a victim finds out that someone

More information

University Policy Accepting and Handling Payment Cards to Conduct University Business

University Policy Accepting and Handling Payment Cards to Conduct University Business BROWN UNIVERSITY University Policy Accepting and Handling Payment Cards to Conduct University Business Table of Contents Purpose... 2 Scope... 2 Authorization... 2 Establishing a new account... 2 Policy

More information

CREDIT CARD PROCESSING POLICY AND PROCEDURES

CREDIT CARD PROCESSING POLICY AND PROCEDURES CREDIT CARD PROCESSING POLICY AND PROCEDURES Note: For purposes of this document, debit cards are treated the same as credit cards. Any reference to credit cards includes credit and debit card transactions.

More information

Appendix 1 - Credit Card Security Incident Response Plan

Appendix 1 - Credit Card Security Incident Response Plan Appendix 1 - Credit Card Security Incident Response Plan 1 Contents Revisions/Approvals... i Purpose... 2 Scope/Applicability... 2 Authority... 2 Security Incident Response Team... 2 Procedures... 3 Incident

More information

1. Ask what your financial institution knows or has personally experienced with regard to internal and external data breaches.

1. Ask what your financial institution knows or has personally experienced with regard to internal and external data breaches. Part 1: Internal & External Data Breach Vulnerabilities Presented on: Thursday, February 12, 2 3 ET Co presented by: Ann Davidson VP of Risk Consulting at Allied Solutions Joe Majka CSO at Verifone 1 Breakdown

More information

PROTECTION OF OUR MERCHANTS AND REFERRAL PARTNERS IS OUR FIRST CONCERN

PROTECTION OF OUR MERCHANTS AND REFERRAL PARTNERS IS OUR FIRST CONCERN PCI Q: What is PCI? A: The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information

More information

This policy applies to all GPC units that process, transmit, or handle cardholder information in a physical or electronic format.

This policy applies to all GPC units that process, transmit, or handle cardholder information in a physical or electronic format. Policy Number: 339 Policy Title: Credit Card Processing Policy, Procedure, & Standards Review Date: 07-23-15 Approval Date: 07-27-15 POLICY: All individuals involved in handling credit and debit card transactions

More information

A multi-layered approach to payment card security.

A multi-layered approach to payment card security. A multi-layered approach to payment card security. CARD-NOT-PRESENT 1 A recent research study revealed that Visa cards are the most widely used payment method at Canadian websites, on the phone, or through

More information

NEWS BULLETIN 2015-16

NEWS BULLETIN 2015-16 NEWS BULLETIN Maine Automobile Dealers Association 180 Civic Center Drive P. O. Box 2667 Augusta, Maine 04338-2667 DIAL 623-3882 e-mail:info@maineautodealers.com FAX 623-2318 DISTRIBUTION General Manager

More information

A+FCU GIFT CARD TERMS AND CONDITIONS

A+FCU GIFT CARD TERMS AND CONDITIONS PO Box 14867 Austin, TX 78761-4867 512-302-6800 800-252-8148 www.aplusfcu.org A+FCU GIFT CARD TERMS AND CONDITIONS These terms and conditions ( Agreement ) govern the issuance and use of the A+ FCU Gift

More information

Why Data Security is Critical to Your Brand

Why Data Security is Critical to Your Brand Why Data Security is Critical to Your Brand Why security is critical to your brand Cybercriminals do not discriminate based on industry or business size. Security is expensive. At least, it is if you wait

More information

2014 Payments Fraud Survey

2014 Payments Fraud Survey 2014 Payments Fraud Survey Summary of Consolidated Results Payments Information & Outreach Office Federal Reserve Bank of Minneapolis December 2014 Topics Survey Methodology & Respondent Profile Fraud

More information

Getting Started. Quick Reference Guide for Payment Processing

Getting Started. Quick Reference Guide for Payment Processing Getting Started Quick Reference Guide for Payment Processing In today s competitive landscape, you have many choices when it comes to selecting your payments provider, and we appreciate your business.

More information

POLICY & PROCEDURE DOCUMENT NUMBER: 3.3101. DIVISION: Finance & Administration. TITLE: Policy & Procedures for Credit Card Merchants

POLICY & PROCEDURE DOCUMENT NUMBER: 3.3101. DIVISION: Finance & Administration. TITLE: Policy & Procedures for Credit Card Merchants POLICY & PROCEDURE DOCUMENT NUMBER: 3.3101 DIVISION: Finance & Administration TITLE: Policy & Procedures for Credit Card Merchants DATE: October 24, 2011 Authorized by: K. Ann Mead, VP for Finance & Administration

More information

UNL PAYMENT CARD POLICY AND PROCEDURES. Table of Contents

UNL PAYMENT CARD POLICY AND PROCEDURES. Table of Contents UNL PAYMENT CARD POLICY AND PROCEDURES Table of Contents Payment Card Merchant Security Standards Policy and Procedures... 2 Introduction... 4 Payment Card Industry Data Security Standard... 4 Definitions...

More information