Presentation is loading. Please wait.

Presentation is loading. Please wait.

PCI COMPLIANCE Compliance is mandatory for all organizations that accept credit cards.

Published byLouisa Farmer Modified over 8 years ago

Similar presentations

Presentation on theme: "PCI COMPLIANCE Compliance is mandatory for all organizations that accept credit cards."— Presentation transcript:

1 PCI COMPLIANCE Compliance is mandatory for all organizations that accept credit cards.

2 January 10, 2013 Texas Southern University's radio station KTSU gave a volunteer position to a person with a criminal history of credit card fraud. The volunteer was later arrested for allegedly using the radio station's donation drive to steal credit card information. The dishonest volunteer faces up to 300 counts of credit card fraud for attempting to use the information on donor pledge sheets.

3 TARGET CREDIT CARD FRAUD 70 million accounts compromised. “I don’t see how TARGET is getting out of this for under a billion, over time,” he said, adding, “$150 million in a quarter seems almost like a bargain.” The company also said it expected earnings to drop to 78 cents a share from its earlier projections of 85 cents to $1 a share, reflecting more cautious consumer spending. $3.6 billion in potential fines.

4 Financial Exposures to a Breach 1)Forensic Examination – cost of consultant fees 2)Notification of Third Parties – cost of mailing a formal notification to customers 3)Call Centers – cost of staffing and supplies to handle incoming calls 4)Credit or Identity Monitoring – approx. $30/account 5)Public Relations – Loss of reputation with customers, suppliers, partners and loss of future revenue 6) Legal Defense - Possible civil litigation from breached customers - 7) Regulatory Proceedings, Fines and Penalties – $50-$100 fine/account compromised 8) Comprehensive Written Information Security Program – cost of consultant fees 9) Loss of credit card privileges – approx. 70% of MSUB students use credit cards to pay some or all of their tuition

5 DO and DON’T Do not accept CHD from an email or FAX. Do not enter into any computer CHD, all documents leave hidden files when deleted. Do not enter CHD into a third party software system for a customer. Under certain circumstances you may take credit cards over the phone. Under certain circumstances you may process CHD received via postal or express mail services. Secure your CHD storage areas when not attended. Do not store CHD long term, only Business Services will store for long term any paper media related to CHD Secure devices that capture and transmit CHD, POS and swipe card systems Inspect these devices for tampering or substitution Report any suspected tampering or fraud to the CIO, Business Services Director or the Vice Chancellor of Administration Materials must be secured in safes, file cabinets, locked rooms or storage areas with limited access to those personnel All employees with access to CHD must be trained annually.

6 PCI RELATED MATERIALS  http://www.msubillings.edu/boffice/Policy%20&%20Procedures.htm http://www.msubillings.edu/boffice/Policy%20&%20Procedures.htm  https://www.pcisecuritystandards.org/pdfs/pcissc_overview.pdf https://www.pcisecuritystandards.org/pdfs/pcissc_overview.pdf  http://usa.visa.com/download/merchants/alert-pos-terminal- tampering-020311.pdfhttp://usa.visa.com/download/merchants/alert-pos-terminal- tampering-020311.pdf  http://www.globalpaymentsinc.com/USA/customerSupport/fraud.html http://www.globalpaymentsinc.com/USA/customerSupport/fraud.html  https://www.pcisecuritystandards.org/pdfs/pci_fs_data_storage.pdf https://www.pcisecuritystandards.org/pdfs/pci_fs_data_storage.pdf

Download ppt "PCI COMPLIANCE Compliance is mandatory for all organizations that accept credit cards."

Similar presentations

Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.

Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.

Cyber Liability- Risks, Exposures and Risk Transfer for a Data Breach June 11, 2013.
Complying With Payment Card Industry Data Security Standards (PCI DSS)

Complying With Payment Card Industry Data Security Standards (PCI DSS)
HIPAA Regulations What do you need to know?.

HIPAA Regulations What do you need to know?.
Springfield Technical Community College Security Awareness Training.

Springfield Technical Community College Security Awareness Training.
BEWARE! IDENTITY THEFT CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.

BEWARE! IDENTITY THEFT CARL JOHNSON FINANCIAL LITERACY JENKS HIGH CSHOOL.
Credit Card Compliance Regulations Mandated by the Payment Card Industry Standards Council Accounting and Financial Services.

Credit Card Compliance Regulations Mandated by the Payment Card Industry Standards Council Accounting and Financial Services.
Allison Dolan Program Director, Protecting PII Handling Sensitive Data - WISP and PIRN.

Allison Dolan Program Director, Protecting PII Handling Sensitive Data - WISP and PIRN.
© Chery F. Kendrick & Kendrick Technical Services.

© Chery F. Kendrick & Kendrick Technical Services.
Data Security Standard. What Is PCI ? Who Does It Apply To ? Who Is Involved With the Compliance Process ? How We Can Stay Compliant ?

Data Security Standard. What Is PCI ? Who Does It Apply To ? Who Is Involved With the Compliance Process ? How We Can Stay Compliant ?
DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,

DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,
Questions we will explore: What is Security? Why is it relevant? What does it cost?

Questions we will explore: What is Security? Why is it relevant? What does it cost?
© 2008. Oklahoma State Department of Education. All rights reserved. 1 Beware! Consumer Fraud Standard 9. 1 Fraud and Identity Theft.

© Oklahoma State Department of Education. All rights reserved. 1 Beware! Consumer Fraud Standard 9. 1 Fraud and Identity Theft.
Why Comply with PCI Security Standards?

Why Comply with PCI Security Standards?
Introduction to PCI DSS

Introduction to PCI DSS
PCI and how it affects College Stores… ROBIN MAYO | PCIP ECOMMERCE MANAGER EAST CAROLINA UNIVERISTY.

PCI and how it affects College Stores… ROBIN MAYO | PCIP ECOMMERCE MANAGER EAST CAROLINA UNIVERISTY.
HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)

HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)
Youngstown State University PCI Training enter or left click on mouse to advance slides.

Youngstown State University PCI Training enter or left click on mouse to advance slides.
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.

Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
October 2013. The Insider Financial Crime and Identity Theft Hacktivists Piracy Cyber Espionage and Sabotage.

October The Insider Financial Crime and Identity Theft Hacktivists Piracy Cyber Espionage and Sabotage.

Similar presentations

Ads by Google