MasterPass Authorized Vendor. The MasterPass Modular Wallet



Similar documents
MasterPass Authorized Vendor. Introducing Pecunda The MasterPass Modular Wallet

PCI Compliance Training

Transaction Security. Advisory Services

Omnichannel Payments

Frequently Asked Questions

Kenna Platform Security. A technical overview of the comprehensive security measures Kenna uses to protect your data

Business Process Services: A Value-Based Approach to Process Improvement and Delivery

11/24/2014. PCI Compliance: Major Changes in e-quantum/quantum Net

IBM Payment Services. Service Definition. IBM Payment Services 1

The e-commerce solution

MASTERPASS MERCHANT ONBOARDING & INTEGRATION GUIDE

the better way to pay

Business Operations. Module Db. Capita s Combined Offer for Business & Enforcement Operations delivers many overarching benefits for TfL:

Where every interaction matters. Data Sheet: Magento Optimised Managed Hosting. Optimal Performance. Rock-Solid Reliability. Expertly Supported

Genesis Energy delivers IT projects faster with standardised processes and CA Clarity PPM.

Wayne EMV Solutions. Protect your business with a complete EMV Solution inside and out.

Voltage SecureData Web with Page-Integrated Encryption (PIE) Technology Security Review

Credit Card Processing Overview

How To Improve Your Business

PCI PA-DSS Requirements. For hardware vendors

Defining Ricoh Managed Document Services A brief overview of Ricoh MDS Solutions

The Complete Telecommunications Solution. Telecommunications Resellers. Mobile Virtual Network Operators (MVNO) Internet Service Providers

MasterPass Service Provider Onboarding & Integration Guide Fileand API-Based Merchant Onboarding Version 6.10

Grow with our omni-channel payment processing technologies and merchant services.

CyberSource Enterprise Payment Security Solutions

Partner Program Proposal

PayTrace, Inc. All Rights Reserved. Print R1, 8/2013. (888)

CardControl. Credit Card Processing 101. Overview. Contents

Case Study: Leveraging TPM for Authentication and Key Security

PCI Compliance Workshop. NACS PEI October 21, :45 a.m. 11:45 a.m.

MASTERCARD PAYMENT GATEWAY SERVICES

Payment Card Industry and Citrix XenApp and XenDesktop Deployment Scenarios

Bottom line you must be compliant. It s the law. If you aren t compliant, you are leaving yourself open to fines, lawsuits and potentially closure.

FTP-Stream Data Sheet

Your Reference Guide to EMV Integration: Understanding the Liability Shift

PCI v2.0 Compliance for Wireless LAN

Table of Contents. Overview. What is payment processing? Who s Who. Types of Payment Solutions. Online Transactions. Interchange Process

PortWise Access Management Suite

The Encryption Anywhere Data Protection Platform

Credit Card Processing 101

White paper December IBM Tivoli Access Manager for Enterprise Single Sign-On: An overview

Innovative business technology for the insurance industry

Your Gateway to Online Success

DalPay Internet Billing. Technical Integration Overview

Is your mainframe less secure than your file server? Malcolm Trigg Solutions Consultant 24 th February 2016

the better way to pay

END TO END DATA CENTRE SOLUTIONS COMPANY PROFILE

VASCO Consulting Services

Passive RFID Solutions for Asset Tracking and Inventory Management

Fermion Infotech Private Limited B-403 Great Eastern Chamber Plot No 28, Sector 11, CBD Belapur, Navi Mumbai Phone: Mail:

Data Loss Prevention Best Practices to comply with PCI-DSS An Executive Guide

Kim Decarolis Compliance and Security Specialist (248) Mark Wayne Vice President Compliance and Security Specialist

Achieving PCI Compliance for Your Site in Acquia Cloud

ADVISORY & SOLUTION ENGINEERING. From strategy to execution, we are your partner in successful digital transformation

Corporate Bill Analyzer

Guide to Getting Started with the CommIT Pilot

PAYMENTS AS A SERVICE. Fully managed multi-channel card acceptance for all business environments.

Transtream Plug & Play ecommerce Shipping

Payeezy SM Webinar: 15 Minutes to Apple Pay TM In-App Payments with Payeezy. Tom Eck First Data. October 2, 2014

Bank. CA$H 2.0 Contactless payment cards

The University of South Carolina MarketPlace E-Commerce Guidelines

E-Commerce SOLUTIONS. Generate Online Revenue with E-Commerce Solutions.

Striking the balance between risk and reward

Magento brochure DEVELOPER PLUS FRONT END DEVELOPER

STRONGER AUTHENTICATION for CA SiteMinder

Third Party Agent (TPA) Registration Program - TPA Types and Functional Descriptions

Your business solution partner

Finance and Accounting outsourcing e-commerce solutions. Financial Solutions

CA SiteMinder SSO Agents for ERP Systems

Secure web transactions system

Payment Services. The Retail Solution. for large and multi-national retailers

Tokenization: FAQs & General Information. BACKGROUND. GENERAL INFORMATION What is Tokenization?

EXPANd WITH CONFIDENCE PAYMENT MANAGEMENT SOLUTIONS FOR FASTER, SAFER GLOBAL GROWTH

Qlik UKI Consulting Services Catalogue

Pro<DOC/> e-commerce Technology An Introduction

It Won t Happen To Me! A Network and PCI Security Webinar Presented By FMS and VendorSafe

Project, Program & Portfolio Management Help Leading Firms Deliver Value

Protect Your Customers and Brands with Multichannel Two-Factor Authentication

Mobile Near-Field Communications (NFC) Payments

IBM Rational AppScan: enhancing Web application security and regulatory compliance.

ALM - Key benefits. t: +31(0) f: +31(0) Oude Oeverstraat JZ Arnhem The Netherlands. ALM Key benefits 01/01/2014 1

White paper December Addressing single sign-on inside, outside, and between organizations

Banking Application Modernization and Portfolio Management

Digital Marketplace Services Service Definition

Coalfire Systems Inc.

Products. LoanComplete TM Streamline Loan Processing, Reduce Costs and Ensure Regulatory Compliance with an Automated Life-of-Loan Solution

IT Architecture Review. ISACA Conference Fall 2003

Retail store systems for high performance

TOURISM INNOVATIVE PAYMENT SOLUTIONS. Efficient, flexible, worldwide and secure

Presented by: Sam Campisi, Business Relationship Manager, OECM Bruce Averill, Account Executive Sales, Chase Paymentech Kevin Brock, National Sales

TFS ApplicationControl White Paper

Transcription:

MasterPass Authorized Vendor The MasterPass Modular Wallet

Context With the introduction of the MasterPass wallet, MasterCard offers merchants and consumers a new, quick and secure checkout process. MasterPass simplifies the way we shop, whether at home, in a store or on the go. It is the perfect combination of security and convenience. Wallet MasterPass API Consumers can safely store their payment and shipping information in their wallet, and so spend less time checking out and more time for the customer journey. By choosing to issue your own Partner-hosted MasterPass Wallet, your branded digital wallet joins the MasterPass Acceptance Network of wallets. This gives your customers the benefit of a safe, convenient, and smart way to checkout wherever MasterPass is accepted. And, the innovative MasterPass API gives your digital wallet the flexibility to grow as your needs grow. Support Building a wallet requires setting up development and test environments, implementing secure coding practices and procedures, and integrating with the MasterPass API and sandbox environment. Compliance with the MasterPass standard involves implementing two-factor authentication, following branding and UI guidelines, and going through a MasterCard acceptance test. And, wherever card information is stored, a PCI compliant infrastructure should be in place, with the proper implementation of cryptographic services, secure infrastructure and auditable maintenance processes. But ultimately it s all about developing your own customer journey and value added services inside your MasterPass wallet to offer the market the real benefits of your new wallet. 2

Card storage Offer To kickstart your development of a MasterPass wallet, Chess ix offers a modular platform that implements all MasterPass functionalities and API s, and complies with all requirements regarding security and branding. Available modules are shown in the architecture drawing below. It can be used as-is, or integrated with your own platform and application using several integration points, such as single sign-on and bulk provisioning. UI Tier White-labelled Lightbox UI Add/edit/delete manual card External Services Prefs Partner/issuer Frontend Tier REST API Add/edit/delete addresses Address store API Partner login Partner login Checkout Add/edit/delete loyalty card Loyalty card store* Modular wallet Local login Merchant pairing User preferences User store External services Backend Tier SOAP API Direct provisioning Direct provisioning API Card validation Card store Not card data environment Bulk upload Bulk upload API MasterPass API Crypto key store Card data environment MasterPass backend Card authorization 3

Frontend Smart Specs The modular wallet platform consists of components that can be combined in several ways, offering maximum flexibility and integration options. The heart of the platform is our secure module that deals with storing and transmitting sensitive card data. Other components do not deal directly with card data, and are thus outside the scope of PCI DSS audits. This means they can be developed and maintained independently of the PCI DSS audit activities, without sacrificing security. As an authorized vendor, we combine the strength of the MasterPass platform and roadmap without our state-of-the-art software development capabilities and PCI DSS-compliant processes and infrastructure. We offer turn-key hosting and operational support for you wallet. As your partner for all things MasterPass, we ensure your wallet remains up-to-date with the latest MasterPass developments, and will keep you up to date of the latest possibilities the platform provides. Pricing is simple, transparent, and competitive the modular wallet will benefit any business case. We take care of the technology, so you can concentrate fully on your business. Standard approach We offer you a solid approach to create the best wallet implementation for your needs. Starting in a short but intense workshop, we cover every aspect of creating your own wallet. From functional use cases and look-and-feel to non-functional requirements around performance and security, our 360 degree scan will deliver a solid implementation plan. This can range from a standard implementation of the available components, or an extended implementation including custom development and integration activities. As Product Manager, I want the best consumer proposition and so I want to integrate our value added services into our new Wallet. It is comforting to know that Chess ix as ICT partner is both a MasterPass expert, but also capable of developing the custom integration I need. 4

Standard process to realize your wallet 1. Define Quick scan Specifications Modular wallet Plan & Costs Operations 2. Configure& Test Basis modular wallet setup Extension & Adaptions Secure Sandbox Automated testing Performance & PCI Definition During a short but intense definition phase, we define the goals and requirements of your wallet solution, and map these to our modular platform s capabilities. Made to measure We tailor the modular wallet platform to your needs and requirements. If necessary, we use our quality-driven software development center to create custom integrations and capabilities for your wallet. With a strong focus on test-driven development and agile processes, any custom adaption will integrate smoothly with the standard components of the platform. Test Throughout the whole delivery process we automatically test both the functionality and the integration of your wallet. Several times a day, the whole suite of automated tests is run against the wallet, ensuring that each and every build is of provable quality, and can safely be deployed to acceptance environments without the need for costly and time-consuming manual tests. Continuous testing 24*7 monitoring Maintenance & Support Chess ix can offer full support on the modular wallet, including an ITIL service desk, configuration management and change management. Hosting Optionally Chess ix can host your wallet implementation in a PCI DSS-compliant environment. 5

Timeline Costs Indication of timelines The definition phase takes from two to four weeks, depending on the extent of your custom demands and availability of key resources on both sides. Based on our experience the time-to-market of the system delivery can be relatively short. A standard implementation typically takes about three months, while extended implementation and custom integration typically take longer depending on scope and complexity. Indication of Costs Pricing of the modular wallet is based on a combination of one-time fee and variable fees per year. The one time fees consist of a one-time license fee and the (fixed) cost of the definition phase. There are fixed setup fees for maintenance & support and hosting. The yearly fees consist of a fixed yearly fee plus a fee per active wallet. These yearly fees covers all costs in operations including maintenance & support and PCI compliant hosting. Extra development and services are offered separately. In-App On-line In-Aisle On request a price list and rate chart is available 6

Addendum - Standard approach Front image

Chess ix follows a 2 step standard process for building your new wallet. Step 1: Define / Quick scan a During a 2 day Quick scan the main outlines of the wallet is defined a b c d e f Quickscan Workshop Step 1 Define Impact analysis Development Deliverables: After the Quick scan we have: A report outlining your wallet case General defined scope of the modular wallet An agenda for the next phase Step 2 Development & Test Sandbox testing Day 1 9:00 Introduction, who s who (30 min) 9:30 Client business case goals and vision (45 min) 10:15 Break (15 min) 10:30 The MasterPass TM concept in detail (90 min) 12:00 Discussion and lunch (90 min) 13:30 Functionality and added value (120 min) 15:30 Break (15 min) 15:45 High-level architecture and system context (60 min) 16:45 Wrap-up, actions, decisions (30 min) 17:15 Session end Day 2 9:00 Introduction, summary, agenda (30 min) 9:30 Non-functional aspects overview (45 min) 10:15 Break (15 min) 10:30 PCI-DSS considerations (90 min) 12:00 Discussion and lunch (90 min) 13:30 Performance, security (60 min) 14:30 System architecture & technology (45 min) 15:15 Break (15 min) 15:30 Project organization (45 min) 16:15 Maintenance and operations (45 min) 17:00 Wrap-up, actions, decisions (30 min) 17:30 Session end 8

Chess ix follows a 2 step standard process for building your new wallet. Step 1: Define / Workshops / Impact b,c The requirements, plan and costs are defined in close collaboration sessions a b c d e f Workshops After the Quickscan, one or more workshops are held to analyze the requirements detail. Chess ix shall translate these into a plan for implementation. Quickscan Impact Analysis Based on this plan an impact analysis is made including a budget overview. Workshop Impact analysis Development Sandbox testing Deliverables: Requirements have been defined in a SRS (Software Requirements Specifications) Adaptions to the modular wallet architecture (System/Subsystem Design Description) A viable implementation plan is drafted Budget finalisation Step 1 Define Step 2 Development & Test 9

Chess ix follows a 2 step standard process for adaptions and extensions Step 2: Development & Test d,e Development, continuous testing a b c d e f Quickscan Workshop Impact analysis Design Start with the modular wallet as is. Optional : Light-weight stack of modern open source components (Java) for adaptions Designed with automated test and deployment in mind Optional Development & test PCI-DSS compliant process including CERT-based source code audits Automated, 24/7 unit and system testing with high coverage Continuous monitoring on code quality aspects (duplication, complexity) Automated deployment to test and acceptance environments Agile process with varying client involvement according to needs. Development Sandbox testing Acceptance Full support for client acceptance testing with knowledge and dedicated MasterPass test tooling and sandbox environments. Step 1 Define Step 2 Development & Test Deliverables: Software of proven functional and technical quality Our system documentation Sandbox test environment Hosting and maintenance: Hosting and operation can be fully outsource to Chess ix 24/7 maintenance organization starting with 2 nd line ITIL service desk PCI-DSS compliant datacenters in Amsterdam 10

Chess it International B.V. KvK 53479335 Lichtfabriekplein 1 2031 TE Haarlem Netherlands P.O. Box 2031 2002 CA Haarlem +31 (0)88 248 1632 info@chess-ix.com www.chess-ix.com About Chess ix Chess IT International B.V. (Chess ix) design and develops mission critical software for innovative organizations. We support our clients with realising their business goals by delivering 1. Product development projects and high-quality software development projects 2. Card-based facility management and payment solutions. We offer a drastically reduced time-to-market by integrating existing software components for online payment processing, card management, and facility management, as well as hardware NFC readers for payment and public transport cards. 11

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information