Automation of Credit Card Processing in SAP Martha Confessore and Narayan Narsinghani
Introduction Speakers Martha Confessore Wurth USA Director IT at Wurth USA An accomplished IT leader with more than 15 years of success delivering technical solutions with a strong ROI. Very strong in collaborating with global stakeholders to identify opportunities for business improvement through technology. In-depth hands-on experience implementing and deploying SAP R/3 and ECC6 Narayan Narsinghani eteam Inc. SAP Practice Leader 17+ years SAP Strategy, Planning and Implementation experience Specializes in SAP Credit Card and Data Protection implementations 2
Learning Points Learn the fundamentals of credit card process in SAP and its limitations. Implementation solution overview, planning, lessons learned and best practices. How to protect credit cards using tokenization and get closer to being PCI compliant. 3
Return on Investment DSO (Days Sales Outstanding) reduction Payment received much faster than sending an invoice on net terms Fully integrated between Sales, Delivery and Billing processes Speeds up the order and delivery process Bad Debt reduction Reduces the chances that payment won t be received Immediate credit limit check through issuing bank Reduced credit investigation costs FI Postings are made automatically throughout the process Increased business volumes Attraction to new customers Allows you to easily integrate a web site to your system 4
Fundamentals of Credit Card processing in SAP
Standard Credit Card Flow in SAP R/3 Sales & Distribution Finance Treasury Sales Order Delivery Invoice AR Invoice Accounting Doc 1 Cleared CC Receivables Accounting Doc 2 Bank Deposit / Fees Accounting Doc 3 Settlement Clear Open G/L items Bank Authorization Settlement Deposits Fees Princeton Payment Solutions ( Middleware ) Frame Relay Inter-corporate PVCS Web based XML FNMS ( Clearing House )
Payment cards in Customer Master
Payment cards in Sales Orders
Real Time Authorization in Sales Orders
Implementation solution overview Planning, Lessons learned and Best practices
Project Scope Creation of a streamlined, integrated, and PCI compliant solution Implement integrated Credit card solution to replace the existing manual process. Leverage the existing PPS products and FNMS communication infrastructure at Sister company to accelerate the implementation Activation of tokenization using PPS CardSecure Convert existing credit card data to tokens
High Level Solution Summary CardConnect Implementation with Processing Details FNMS for Visa/ MasterCard / AMEX / Discover transactions Currencies: USD Processing level :Level I for all transactions Transaction Types: MOTO Only Fraud Protection: AVS and CVV / CID Countries: USA, Canada Payment Origination Points SAP ECC 6.0 and Sales Web Portal Additional PPS Utilities - CardEnhancements Operational Reports (Authorization & Settlement) CardClear PrePay Auth Reversal CardSecure Encryption CardSecure integration to SAP
Implementation approach Project Prep / Business Blueprint Realization Testing Final Preparation Go Live and Support Kickoff Meeting Project plan and Resource Definition Project team logistics Requirements Gathering SAP Business SAP Technical (OSS) SAP Landscape Technical / Network Processor Infrastructure Confirm project milestone dates and tasks SAP Configuration Installation of PPS software (SAP) Apply OSS notes (if req.) Design and build Wurth specific customizations (RICEF) CardSecure Config. CardConnect Config. Cardclear Config. Unit testing OSS Notes CardSecure CardConnect CardClear Data Conversions Reports Security Roles Clearing house connectivity testing Integration testing Workflow / scenario testing Documentation Clearing house Certification test Training PPS Products Super User End User Prepare Production environments Cutover Process Fulfill pre-go-live checklist items Migrate SAP Changes Data Conversions PPS Product configuration Setup Batch Jobs Go-Live Fulfill post-go-live checklist Implementation team support and Production Stabilization Post Go-Live Review Handover to Support team Wrap-up
Best Practices Accelerate credit card implementation Use ASAP methodology for efficient and rapid implementation Use SAP certified middleware products to connect to Processors Use Tokenization to limit your scope of PCI compliance 14
Key Learnings Ensure timely delivery of merchant / bank information Complete SAP Business Requirements as soon as you can. Prototypes are a great help gathering business requirements. Avoid non-conformance to standard SAP processes / Extensive custom development Identify Infrastructure issues / incompatibilities early Network communication issues (i.e. proxy, firewall) Processor Certification has needs a lot of planning Robust communication plan with external parties (Sister company, Bank, FNMS, Inter-corporate communication lines) is essential Be mindful of parallel or concurrent projects competing for shared resources Test, Test and Test some more 15
How to protect credit cards using tokenization? Get closer to being PCI compliant
Winning the PCI Compliance battle PCI DSS Build and Maintain a Secure Network 1. Install and maintain a firewall configuration to protect cardholder data 2. Do not use vendor-supplied defaults for system passwords and other security parameters Protect Cardholder data 3. Protect stored cardholder data 4. Encrypt transmission of cardholder data across open, public networks Maintain a Vulnerability Management Program 5. Use and regularly update anti-virus software 6. Develop and maintain secure systems and applications Implement Strong Access Control Measures 7. Restrict access to cardholder data by business need-to-know 8. Assign a unique ID to each person with computer access 9. Restrict physical access to cardholder data Regularly Monitor and Test Networks 10. Track and monitor all access to network resources and cardholder data 11. Regularly test security systems and processes Maintain an Information Security Policy 12. Maintain a policy that addresses information security
High Level System Landscape Wurth USA Louis and Company SAP ECC 6.0 Processors / Merchant Bank WurthShop Ajax Connector Tokenize CardSecure SAP ECC 6.0 CardConnect Authorization FNMS Credit Credit Card Card Batch Settlement Router Deposits Fees Deposit Notification Bank of America
] Thank you for participating. Please remember to complete and return your evaluation form following this session. For ongoing education on this area of focus, visit the Year-Round Community page at www.asug.com/yrc [ SESSION CODE: 2492 Martha Confessore martha.confessore@wurthusa.com Narayan Narsinghani nnarsinghani@eteaminc.com 19