Simple & Secure Integrated Payment Processing from Element and Transformations

Similar documents
Introduction to Element Payment Services:

Dartmouth College Merchant Credit Card Policy for Managers and Supervisors

PDQ Guide for the PCI Data Security Standard Self-Assessment Questionnaire C (Version 1.1)

Comodo HackerGuardian. PCI Security Compliance The Facts. What PCI security means for your business

PCI DSS Presentation University of Cincinnati

How To Comply With The Pci Ds.S.A.S

Dartmouth College Merchant Credit Card Policy for Processors

worldpay.com Understanding the 12 requirements of PCI DSS SaferPayments Be smart. Be compliant. Be protected.

How To Protect Your Business From A Hacker Attack

Tokenization Amplified XiIntercept. The ultimate PCI DSS cost & scope reduction mechanism

Payment Card Industry Data Security Standards.

How To Protect Visa Account Information

Josiah Wilkinson Internal Security Assessor. Nationwide

PCI DSS 101 FOR CTOs AND BUSINESS EXECUTIVES

Payment Card Industry Data Security Standard Training. Chris Harper Vice President of Technical Services Secure Enterprise Computing, Inc.

Varonis Systems & The Payment Card Industry Data Security Standard (PCI DSS)

PCI Requirements Coverage Summary Table

White Paper September 2013 By Peer1 and CompliancePoint PCI DSS Compliance Clarity Out of Complexity

Payment Card Industry Data Security Standard (PCI DSS) Q & A November 6, 2008

PCI DSS 3.0 Overview. OSU Business Affairs Business Affairs PIT Crew - Project, Improvement, & Technology Robin Whitlock

PCI Compliance Overview

PCI Compliance Top 10 Questions and Answers

Important Info for Youth Sports Associations

COLORADO STATE UNIVERSITY Financial Procedure Statements FPI 6-6

Becoming PCI Compliant

Credit Card Acceptance Policy. Vice Chancellor of Business Affairs. History: Effective July 1, 2011 Updated February 2013

Payment Card Industry Data Security Standard

PCI Data Security Standards

Credit Card Processing Overview

Project Title slide Project: PCI. Are You At Risk?

PCI Compliance: How to ensure customer cardholder data is handled with care

PCI Compliance. Top 10 Questions & Answers

Payment Card Industry Data Security Standards Compliance

PCI Security Compliance

What are the PCI DSS requirements? PCI DSS comprises twelve requirements, often referred to as the digital dozen. These define the need to:

PCI Requirements Coverage Summary Table

Understanding Payment Card Industry (PCI) Data Security

Office of Finance and Treasury

PC-DSS Compliance Strategies NDUS CIO Retreat July 27, 2011 Theresa Semmens, CISA

PCI Compliance : What does this mean for the Australian Market Place? Nov 2007

Frequently Asked Questions

TREASURER S OFFICE ADMINISTRATIVE STANDARDS FOR THE TREASURER S FISCAL PROCEDURE No MERCHANT DEBIT AND CREDIT CARD RECEIPTS

CardControl. Credit Card Processing 101. Overview. Contents

The Cost of Payment Card Data Theft and Your Business. Aaron Lego Director of Business Development

TNHFMA 2011 Fall Institute October 12, 2011 TAKING OUR CUSTOMERS BUSINESS FORWARD. The Cost of Payment Card Data Theft and Your Business

La règlementation VisaCard, MasterCard PCI-DSS

PCI DSS Compliance What Texas BUC$ Need to Know! Ron King CampusGuard

PAI Secure Program Guide

Securing Your Customer Data Simple Steps, Tips, and Resources

Complying with PCI is a necessary step in safely accepting Payment Cards.

Information Security Services. Achieving PCI compliance with Dell SecureWorks security services

Data Security & PCI Compliance & PCI Compliance Securing Your Contact Center Securing Your Contact Session Name :

Payment Card Industry (PCI) Data Security Standard

How To Protect Your Credit Card Information From Being Stolen

An article on PCI Compliance for the Not-For-Profit Sector

Payment Card Industry (PCI) Data Security Standard

PCI Compliance at The University of South Carolina. Failure is not an option. Rick Lambert PMP University of South Carolina

2015 PCI DSS Meeting. OSU Business Affairs Projects, Improvement, and Technology (PIT) Robin Whitlock

Payment Card Industry (PCI) Data Security Standard

Don Roeber Vice President, PCI Compliance Manager. Lisa Tedeschi Assistant Vice President, Compliance Officer

CREDIT CARD MERCHANT PROCEDURES MANUAL. Effective Date: 5/25/2011

PCI Compliance. How to Meet Payment Card Industry Compliance Standards. May cliftonlarsonallen.com CliftonLarsonAllen LLP

Customer Card Data Security and You

Whitepaper. PCI Compliance: Protect Your Business from Data Breach

Whitepaper. PCI Compliance: Protect Your Business from Data Breach

PCI PA - DSS. Point XSA Implementation Guide. Atos Worldline Banksys XENTA SA. Version 1.00

Worldpay s guide to the Payment Card Industry Data Security Standard (PCI DSS)

SecurityMetrics Introduction to PCI Compliance

Version 7.4 & higher is Critical for all Customers Processing Credit Cards!

Payment Card Industry Data Security Standards

AISA Sydney 15 th April 2009

PCI PA - DSS. Point BKX Implementation Guide. Version Atos Xenta, Atos Xenteo and Atos Yomani using the Point BKX Payment Core

PCI DSS Compliance for Cloud-Based Contact Centers Mitigating Liability through the Standardization of Processes for cloud-based contact centers.

Attestation of Compliance for Onsite Assessments Service Providers

Adyen PCI DSS 3.0 Compliance Guide

Payment Card Industry Data Security Standard (PCI DSS) and Payment Application Data Security Standard (PA-DSS) Frequently Asked Questions

Why Is Compliance with PCI DSS Important?

PCI COMPLIANCE GUIDE For Merchants and Service Members

PCI DSS 3.0 and You Are You Ready?

PCI DSS FAQ. The twelve requirements of the PCI DSS are defined as follows:

Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire D and Attestation of Compliance

SECTION: SUBJECT: PCI-DSS General Guidelines and Procedures

Payment Card Industry (PCI) Data Security Standard

Implementation Guide

IT Security Compliance PCI DSS FOR MERCHANTS THE PAYMENT CARD INDUSTRY DATE SECURITY STANDARD WHITE PAPER

PAYMENT CARD INDUSTRY (PCI) SECURITY STANDARDS COUNCIL

PCI PA - DSS. Point ipos Implementation Guide. Version VeriFone Vx820 using the Point ipos Payment Core

Two Approaches to PCI-DSS Compliance

Achieving Compliance with the PCI Data Security Standard

PCI Security Standards Council

PCI Compliance. Crissy Sampier, Longwood University Edward Ko, CampusGuard

Today s Agenda & Topics

PCI DSS. CollectorSolutions, Incorporated

P R O G R E S S I V E S O L U T I O N S

Accepting Payment Cards and ecommerce Payments

RFP#15-20 EXHIBIT E MERCHANT SERVICES INFORMATION SHEET

How To Protect Your Data From Being Stolen

Payment Card Industry (PCI) Data Security Standard

Payment Card Industry (PCI) Data Security Standard. Attestation of Compliance for Self-Assessment Questionnaire C-VT. Version 2.0

Introduction to Online Payment Processing and PayPal Payment Solutions

Transcription:

Simple & Secure Integrated Payment Processing from Element and Transformations Presented by: Chris Engelhardt Date: August 13 th, 2014

Questions We Will Cover How do you process your payments? Does your business store card holder data / CHD (credit card numbers)? Is Payment reconciliation a problem because of multiple or nonintegrated solutions? Are you familiar with PCI Compliance /Are you PCI Compliant? Do you want a safer way to store card numbers and to have it automatically updated whenever the card expires or is reissued? Do you process ACH payments? Does your current processor provide online reporting tools?

PCI Compliance I know what it is, but I won t get breached.

Payment Card Industry - State of Awareness 71% of merchants store unencrypted payment card data on their business network. 11% of merchants store magnetic stripe track data. 73% of businesses store an average of 114,611 cards per machine. 89% of organizations suffering a payment card breach had not been validated as compliant with the PCI DSS at the time of the breach. 50% of breaches have come from viruses, malware, worms, and trojans. Sources: 2012 Security Metrics Payment Card Threat Report 2013 Verizon Data Breach Investigations Report

PCI Overview - Why is PCI so Important? The Shocking Truth $5 million Average total organizational cost of a data breach Average Breach Cost $194+/ Record 81% Not PCI compliant 45% Companies Breached Filed Bankruptcy 87% of breaches are avoidable using compliant solutions

PCI Overview - Digital Dozen PCI = Payment Card Industry (Store, Process or Transmit Cardholder Data) PCI DSS = PCI Data Security Standard Build & Maintain a Secure Network 1. Install and maintain a firewall configuration to protect cardholder data. 2. Do not use vendor-supplied defaults for system passwords and other security parameters. Protect Cardholder Data Maintain a Vulnerability Management Program Implement Strong Access Control Measures Regularly Monitor & Test Networks Maintain an Information Security Policy 3. Protect stored cardholder data. 4. Encrypt transmission of cardholder data across open, public networks. 5. Use and regularly update anti-virus software or programs. 6. Develop and maintain secure systems and applications. 7. Restrict access to cardholder data by business need-to-know. 8. Assign a unique ID to each person with computer access. 9. Restrict physical access to cardholder data. 10. Track and monitor all access to network resources and cardholder data. 11. Regularly test security systems and processes. 12. Maintain a policy that addresses information security for employees and contractors.

PCI Overview PCI DSS Requirements

PCI Overview Levels & Responsibilities Level Transactions Per Year Target Group 1 Greater than 6 million Anyone with a breach Merchants, Merchant Agents, Processors, Direct Connects 2 1 million 6 million 3 20k 1million Merchants, Merchant Agents, Processors ecommerce Merchants only 4 Less than 1million All Merchants Level 1 -- Annual onsite review by a Qualified Security Assessor (QSA) or Internal Audit if signed by Officer of the company, quarterly network scan Level 2 -- SAQ annually, quarterly network scan Level 3 -- SAQ annually, quarterly network scan Level 4 -- SAQ annually, quarterly network scan

Introducing - PCI Compliant & Integrated Payment Solutions

Secure Processing Platform Purpose-Built Technology vs. Retrofit XML-based Web-services Architecture Platform Scalability Developed and Supported Entirely In-House Industry Leading System Availability Fast and Reliable Payment Processing Merchant Acquiring Advanced Gateway Capabilities Exceeding PCI DSS Compliance Requirements Providing Point-to-Point Encryption and Tokenization

Simplify PCI Compliance with Hosted Payments and Tokenization

A Fully Integrated Solution What Does Fully Integrated Mean? Manage your entire business, including payment processing, from a single software application Key Benefits Easy set up, no third party software or equipment to maintain or configure Removes middlemen who add fees for their services Higher quality processing services and better support because there s only one player in the payment stream Eliminates significant risk and liability and multiple points of failure 12

Hosted Payments Key Benefits ALL cardholder data is removed from payment processing software and merchants systems, greatly reducing business risk, liability and expense. PCI DSS compliance footprint is dramatically reduced by transferring the risk for merchants Features encryption and TransForm Tokenization technology which protects cardholder data in flight and at rest and allows for secure card-on-file billing & scheduled payments

TransForm Tokenization Technology What is Tokenization? Allows the business/merchant to bill fees using a card-on-file, without passing actual credit card numbers between the software and processor Customers that agree to keep a payment file on record for automated onetime payments or monthly and recurring bill payments Data storage responsibilities are transferred to the PCI DSS compliant data storage facility Reduce your PCI footprint and simplify compliance validation Eliminate sensitive cardholder data completely 14

PCI Overview Hosted with NO Storage of CHD Merchant Responsibility Responsibility 12 9 Strong Access Security Policy Secure Network Protect CHD Vulnerability Mngt Program Strong Access Monitor Networks 12 1,2 10,11 3,4 Processor Host Responsibility 7,8,9 5,6

Integrated Software Payment Applications Benefits and efficiencies you can achieve through an integrated payment solution This integrated functionality allows the merchant to process, post, and manage all credit card and ACH customer payments for online, email, text, IVR, and traditional print bill presentment through one system By providing these capabilities, the merchant and/or PSP (Print Service Provider) can offer better service to their customers with a solution that can display their documents in mobile and WEB environments as well as paying their invoices in a common portal. Eliminate security concerns - where do I store credit card numbers? Hosted payment integration, tokenization, PA-DSS / PCI validated No card holder or ACH data touches the merchant s systems or networks Standalone/traditional processing can be a reconciliation nightmare requires extra manpower = time, money & opportunity loss

Additional Features Overview ACH, Account Updater, Online Reporting, Virtual Terminal

ACH through Check Gateway Submit Your Transactions Through Your Business Management Software Submit checks online in real time using your business management software Pull reporting data and check statuses, issue refunds and cancels Submit Batch ACH files Simply check acceptance by capturing only the account and routing number, no need for paper checks or check number Securely store the ACH info in conjunction with TransForm Tokenization ACH payment profile for automated monthly/recurring billing

Account Updater What is Account Updater? With Account Updater, receive automated updates on card-on-file information quickly and efficiently, so your payments remain uninterrupted. This simple and efficient Account Updater service helps your business maintain sales by: Increasing customer satisfaction Eliminating disruptions in recurring payments Reducing recurring payment attrition and customer service expense Key Benefits Increased Sales and Increase Customer Retention by Providing Uninterrupted Service to Customers Improved Customer Satisfaction by Reducing Negative Experiences Caused by Decline Transactions Reduced Costs and Hassle Associated with Contacting Customers to Obtain Updated Account Information Reduced Opportunity for Customers to Switch Service Providers 19

Online Reporting & Virtual Terminal Web-based Acquired Reporting Simple web portal Convenient and Secure Access to Your Payment Transaction Information from Any Web-Enabled PC 13 Months of Historical Data For Year-Over-Year Comparison Monthly statements Transaction & batch history information view, print, export XML or CSV View chargeback and retrieval requests online Virtual Terminal Redundant back-up Securely process one-time transactions from any Web-enabled PC

Element Payment Services Established in 2003 and Acquired by Vantiv in 2013 Vantiv, 40-year old company and 2 nd largest U.S. provider Level 1 PCI DSS Compliant Technology Provider Providing Cost-Effective, Simple & Secure, Payment Processing Solutions that Remove the Cost & Burden Associated with PCI Compliance Trusted Provider supporting over 300+ integrations Recognized Industry Leader by Peers and Partners Top 2 Worldwide Acquirer and Forbes Magazine 2013 Fastest Growing Tech Companies

Transformations Transformations Founded in 1988 as Software Solutions Co. History in Manufacturing & Distribution Warehouse/Inventory Management & Enterprise Resource Planning Systems Research into other markets Uluro launched in late 2009 Uluro, is an all-encompassing product for print service providers (PSP s) and enterprise mailers challenged by the complexities of high-volume production and distribution of critical customer communications Uluro has integrated its software payment application with Element s Express Gateway Hosted solution for PCI/PA-DSS validated payment processing and tokenization

Benefit Overview: PCI Compliant Payment Processing Hosted Payment Gateway Integration within industry/business software product s Tokenization Secure payment profile for monthly and recurring customer payments Eliminate Errors & Duplicate Entries through an integrated payment software Hosted Web Reporting 24/7/365 + Virtual Terminal QUESTIONS?

Merchant Questions To Be Aware Of How do you process your payments? What is your method of acceptance, payment applications? How do you handle card storage, PCI, ACH? Does your business store card holder data / CHD (credit card numbers)? Stored in places like customer files, network databases, Excel files, etc.? Is Payment reconciliation a problem because of multiple or non-integrated solutions? Benefits of fully integrated vs. standalone systems Are you familiar with PCI Compliance /Are you PCI Compliant? Are you putting your organization at risk? Are you using an out-of-scope solution, (e.g., Hosted payment integration and tokenization)

Merchant Questions To Be Aware Of Do you want a safer way to store card numbers and to have it automatically updated whenever the card expires or is reissued? ACCOUNT UPDATER with Tokenization Do you process ACH payments? Integrated ACH payment, tokenization for account on file recurring bill payments Does your current processor provide online reporting tools? Manage merchant account online with interactive reporting tools Do you feel your being overcharged for transaction fees or do you have unnecessary fees on your statement? Is your merchant provider a direct payment processor or third-party? Are you locked in a contract or do you want to keep your current processor? Gateway only service is an option to still utilize the integrated payment features/functionality

Thank You!! NEXT STEPS For further information, please contact: Adam Armstrong Transformations/Uluro Adam@Uluro.com (615) 261-3222 Chris Engelhardt Element/Vantiv Christopher.engelhardt@vantiv.com (847) 752-8494

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information