Automation of Credit Card Processing in SAP. Martha Confessore and Narayan Narsinghani



Similar documents
Reduce the Total Cost of Ownership (TCO) Using a Hosted (SaaS) Solution for Credit Cards Moukbel Mridan and Narayan Narsinghani

How To Comply With The Pci Ds.S.A.S

Credit Card Processing Overview

CardControl. Credit Card Processing 101. Overview. Contents

10 Steps to Secure & PCI Compliant Credit Card Processing in Oracle Receivables

worldpay.com Understanding the 12 requirements of PCI DSS SaferPayments Be smart. Be compliant. Be protected.

Tokenization Amplified XiIntercept. The ultimate PCI DSS cost & scope reduction mechanism

Payment Card Industry Data Security Standards.

Fraud Protection, You and Your Bank

Josiah Wilkinson Internal Security Assessor. Nationwide

Introduction to Online Payment Processing and PayPal Payment Solutions

La règlementation VisaCard, MasterCard PCI-DSS

Optimizing the Payment Process in SAP

PCI Data Security Standards. Presented by Pat Bergamo for the NJTC February 6, 2014

PCI DATA SECURITY STANDARD OVERVIEW

Implementing Payments in SAP:

PLACE GROUP UK LONDON STUDENT HOUSING GROUP PAYMENT CARD INDUSTRY DATA SECURITY STANDARD COMPLIANCE STATEMENT PCI DSS (09) VERSION: 2009PCIDSSP4S01

How To Protect Your Credit Card Information From Being Stolen

Accelerating PCI Compliance

How To Protect Your Business From A Hacker Attack

PAYMENT CARD INDUSTRY (PCI) SECURITY STANDARDS COUNCIL

Revenue Security and Efficiency

What are the PCI DSS requirements? PCI DSS comprises twelve requirements, often referred to as the digital dozen. These define the need to:

COLORADO STATE UNIVERSITY Financial Procedure Statements FPI 6-6

PCI DSS Payment Card Industry Data Security Standard. Merchant compliance guidelines for level 4 merchants

PCI Compliance: Protection Against Data Breaches

Payment Card Industry Data Security Standard PCI DSS

PCI COMPLIANCE GUIDE For Merchants and Service Members

Yaskawa America, Inc. Details its Gains from the Generation 3.0 Payments System for Credit Cards

PCI Data Security Standards

A Whitepaper by Vesta Corporation. Payment Card Industry Data Security Standards (PCI DSS) and Mobile Operators: Trends and Implications

VESTA CORPORATION WHITEPAPER Payment Card Industry Data Security Standards (PCI DSS) and Mobile Operators: Trends and Implications

FOR A BARRIER-FREE PAYMENT PROCESSING SOLUTION

Strategies To Effective PCI Scoping ISACA Columbus Chapter Presentation October 2008

How Alagasco Integrated A Best Practices Sensitive Data and PII Security Solution to Achieve Success In The Cloud

Understanding (and Optimizing) Credit Card Fees

PCI Security Compliance

Accelerating Your Cash Flow

Key Steps to Meeting PCI DSS 2.0 Requirements Using Sensitive Data Discovery and Masking

WHITEPAPER. Achieving Network Payment Card Industry Data Security Standard (PCI DSS) Compliance with NetMRI

Credit Card Overview & Processing Guide entrée Version 3

A MERCHANTS GUIDE TO THE PAYMENT APPLICATION DATA SECURITY STANDARD (PA-DSS)

PCI DSS FAQ. The twelve requirements of the PCI DSS are defined as follows:

Varonis Systems & The Payment Card Industry Data Security Standard (PCI DSS)

Introduction to Payment Card Processing in SAP. How to optimize payment card acceptance by leveraging an SAP certified solution

PCI Compliance in Oracle E-Business Suite

Comodo HackerGuardian. PCI Security Compliance The Facts. What PCI security means for your business

Click&DECiDE s PCI DSS Version 1.2 Compliance Suite Nerys Grivolas The V ersatile BI S o l uti on!

Version 15.3 (October 2009)

Trends in Merchant Payment Acceptance

PDQ Guide for the PCI Data Security Standard Self-Assessment Questionnaire C (Version 1.1)

White Paper Achieving PCI Data Security Standard Compliance through Security Information Management. White Paper / PCI

Cyber - Security and Investigations. Ingrid Beierly August 18, 2008

11/24/2014. PCI Compliance: Major Changes in e-quantum/quantum Net

PCI DSS Presentation University of Cincinnati

INTRODUCTION TO PAYMENT CARD PROCESSING IN SAP

Data Security, Fraud Prevention, and Cost Control. Mike Dorland, CPP Regional Marketing Representative Michigan Retailers Association

Credit Card & echeck Processing

Worldpay s guide to the Payment Card Industry Data Security Standard (PCI DSS)

How To Protect Visa Account Information

The Cyber Attack and Hacking Epidemic A Legal and Business Survival Guide

UCSB Credit Card Processing and PCI Compliance

White Paper September 2013 By Peer1 and CompliancePoint PCI DSS Compliance Clarity Out of Complexity

Information for merchants. Program implementation details for merchants. Payment Card Industry Data Security Standard (PCI DSS)

Becoming PCI Compliant

Franchise Data Compromise Trends and Cardholder. December, 2010

Payment Card Industry Data Security Standards Compliance

PCI Compliance: How to ensure customer cardholder data is handled with care

OXY GEN GROUP. pay. payment solutions

GMAPay - integration of the credit card processing into SAP ERP and CRM

Swedbank Payment Portal Implementation Overview

PCI Compliance Can Make Your Organization Stronger and Fitter. Brent Harman Manager, Systems Consultant Team West NetPro Computing, Inc.

PCI Security Standards Council

Need to be PCI DSS compliant and reduce the risk of fraud?

CHEAT SHEET: PCI DSS 3.1 COMPLIANCE

PCI Compliance Top 10 Questions and Answers

Merchant Account Service

PCI DSS Policies Outline. PCI DSS Policies. All Rights Reserved. ecfirst Page 1 of 7

Introduction to PCI DSS Compliance. May 18, :15 p.m. 2:15 p.m.

RFP#15-20 EXHIBIT E MERCHANT SERVICES INFORMATION SHEET

Attestation of Compliance for Onsite Assessments Service Providers

Campbell s Journey to Invoice Automation. Joyce Couts, Manager, Business Payment Services Jeff Nowlin, Sr. Manager, Information Technology

PCI DSS Compliance What Texas BUC$ Need to Know! Ron King CampusGuard

STOP Important Information Please Read

Transcription:

Automation of Credit Card Processing in SAP Martha Confessore and Narayan Narsinghani

Introduction Speakers Martha Confessore Wurth USA Director IT at Wurth USA An accomplished IT leader with more than 15 years of success delivering technical solutions with a strong ROI. Very strong in collaborating with global stakeholders to identify opportunities for business improvement through technology. In-depth hands-on experience implementing and deploying SAP R/3 and ECC6 Narayan Narsinghani eteam Inc. SAP Practice Leader 17+ years SAP Strategy, Planning and Implementation experience Specializes in SAP Credit Card and Data Protection implementations 2

Learning Points Learn the fundamentals of credit card process in SAP and its limitations. Implementation solution overview, planning, lessons learned and best practices. How to protect credit cards using tokenization and get closer to being PCI compliant. 3

Return on Investment DSO (Days Sales Outstanding) reduction Payment received much faster than sending an invoice on net terms Fully integrated between Sales, Delivery and Billing processes Speeds up the order and delivery process Bad Debt reduction Reduces the chances that payment won t be received Immediate credit limit check through issuing bank Reduced credit investigation costs FI Postings are made automatically throughout the process Increased business volumes Attraction to new customers Allows you to easily integrate a web site to your system 4

Fundamentals of Credit Card processing in SAP

Standard Credit Card Flow in SAP R/3 Sales & Distribution Finance Treasury Sales Order Delivery Invoice AR Invoice Accounting Doc 1 Cleared CC Receivables Accounting Doc 2 Bank Deposit / Fees Accounting Doc 3 Settlement Clear Open G/L items Bank Authorization Settlement Deposits Fees Princeton Payment Solutions ( Middleware ) Frame Relay Inter-corporate PVCS Web based XML FNMS ( Clearing House )

Payment cards in Customer Master

Payment cards in Sales Orders

Real Time Authorization in Sales Orders

Implementation solution overview Planning, Lessons learned and Best practices

Project Scope Creation of a streamlined, integrated, and PCI compliant solution Implement integrated Credit card solution to replace the existing manual process. Leverage the existing PPS products and FNMS communication infrastructure at Sister company to accelerate the implementation Activation of tokenization using PPS CardSecure Convert existing credit card data to tokens

High Level Solution Summary CardConnect Implementation with Processing Details FNMS for Visa/ MasterCard / AMEX / Discover transactions Currencies: USD Processing level :Level I for all transactions Transaction Types: MOTO Only Fraud Protection: AVS and CVV / CID Countries: USA, Canada Payment Origination Points SAP ECC 6.0 and Sales Web Portal Additional PPS Utilities - CardEnhancements Operational Reports (Authorization & Settlement) CardClear PrePay Auth Reversal CardSecure Encryption CardSecure integration to SAP

Implementation approach Project Prep / Business Blueprint Realization Testing Final Preparation Go Live and Support Kickoff Meeting Project plan and Resource Definition Project team logistics Requirements Gathering SAP Business SAP Technical (OSS) SAP Landscape Technical / Network Processor Infrastructure Confirm project milestone dates and tasks SAP Configuration Installation of PPS software (SAP) Apply OSS notes (if req.) Design and build Wurth specific customizations (RICEF) CardSecure Config. CardConnect Config. Cardclear Config. Unit testing OSS Notes CardSecure CardConnect CardClear Data Conversions Reports Security Roles Clearing house connectivity testing Integration testing Workflow / scenario testing Documentation Clearing house Certification test Training PPS Products Super User End User Prepare Production environments Cutover Process Fulfill pre-go-live checklist items Migrate SAP Changes Data Conversions PPS Product configuration Setup Batch Jobs Go-Live Fulfill post-go-live checklist Implementation team support and Production Stabilization Post Go-Live Review Handover to Support team Wrap-up

Best Practices Accelerate credit card implementation Use ASAP methodology for efficient and rapid implementation Use SAP certified middleware products to connect to Processors Use Tokenization to limit your scope of PCI compliance 14

Key Learnings Ensure timely delivery of merchant / bank information Complete SAP Business Requirements as soon as you can. Prototypes are a great help gathering business requirements. Avoid non-conformance to standard SAP processes / Extensive custom development Identify Infrastructure issues / incompatibilities early Network communication issues (i.e. proxy, firewall) Processor Certification has needs a lot of planning Robust communication plan with external parties (Sister company, Bank, FNMS, Inter-corporate communication lines) is essential Be mindful of parallel or concurrent projects competing for shared resources Test, Test and Test some more 15

How to protect credit cards using tokenization? Get closer to being PCI compliant

Winning the PCI Compliance battle PCI DSS Build and Maintain a Secure Network 1. Install and maintain a firewall configuration to protect cardholder data 2. Do not use vendor-supplied defaults for system passwords and other security parameters Protect Cardholder data 3. Protect stored cardholder data 4. Encrypt transmission of cardholder data across open, public networks Maintain a Vulnerability Management Program 5. Use and regularly update anti-virus software 6. Develop and maintain secure systems and applications Implement Strong Access Control Measures 7. Restrict access to cardholder data by business need-to-know 8. Assign a unique ID to each person with computer access 9. Restrict physical access to cardholder data Regularly Monitor and Test Networks 10. Track and monitor all access to network resources and cardholder data 11. Regularly test security systems and processes Maintain an Information Security Policy 12. Maintain a policy that addresses information security

High Level System Landscape Wurth USA Louis and Company SAP ECC 6.0 Processors / Merchant Bank WurthShop Ajax Connector Tokenize CardSecure SAP ECC 6.0 CardConnect Authorization FNMS Credit Credit Card Card Batch Settlement Router Deposits Fees Deposit Notification Bank of America

] Thank you for participating. Please remember to complete and return your evaluation form following this session. For ongoing education on this area of focus, visit the Year-Round Community page at www.asug.com/yrc [ SESSION CODE: 2492 Martha Confessore martha.confessore@wurthusa.com Narayan Narsinghani nnarsinghani@eteaminc.com 19