Presentation is loading. Please wait.

Presentation is loading. Please wait.

VeriShield Protect Revolutionary technology that simplifies PCI DSS compliance with no system upgrades Now available on V x Solutions!

Published byBeverley Gibson Modified over 8 years ago

Similar presentations

Presentation on theme: "VeriShield Protect Revolutionary technology that simplifies PCI DSS compliance with no system upgrades Now available on V x Solutions!"— Presentation transcript:

1 VeriShield Protect Revolutionary technology that simplifies PCI DSS compliance with no system upgrades Now available on V x Solutions!

2 Security Breaches In The News

3

4

5

6 The Challenge Contributing Factors: Too many points of failure Audit oversight on complex networks Monitoring the security level of POS systems is difficult and costly Costly prevention methods Difficulty for retail organizations to meet and retain PCI DSS security compliance

7 Acquirer’s Security Challenge Monitoring and verification of compliance 80% of identified compromises since Jan. 1, 2005 have occurred at Level 4 merchants Liability placed on acquirers to ensure Level 4 merchants are compliant

8 Acquirer’s Security Challenge Unauthorized use of terminal An example of how a merchant can set up an exposed network connection without consulting the acquirer… PTSNUnencrypted Data Over Internet PTSN VoIP Gateway VoIP Provider Payment Processor

9 Conventional Wisdom within the Payments Sector You have to be an expert in a lot of areas to protect your business today SSL, Point Encryption, Firewalls, PCI PED, Security Practices … Prayer, Good Insurance QSA, Scanning, Static Auditing, Analytics …

10 Not anymore… Protect HTDES Monitor CDMS Mitigate Leaves Useless Data

11 Current day retail scenario…

12 5491 2223 4233 1222 12/0 8 ROBERT K. SMITH PLEASE SLIDE CARD PIN pad

13 Full card track data traverses network in the clear until last connection to the processing host. 45122113133121=12311331441414323232 Store A Multilane POS System Store A Back Office Server Company Network Servers Processing Host Secure Frame Connection TRANSACTION PROCESSING PIN pad Points of Potential Compromise

14 What if the data could be encrypted at the payment device and delivered through same transaction channel without upgrade to current system? Store A Back Office Server Company Network Servers Processing Host ENCRYPTION AT DEVICE? PIN pad Store A Multilane POS System

15 Track Data is encrypted at PINpad in manner that allows it to use current POS infrastructure. 00CAHG&#21#!aa=$#jkd500fasdJ$&$@!21 Store A Back Office Server Company Network Servers Processing Host ENCRYPTED TRANSACTION PROCESSING PIN pad secured by VeriShield Protect VeriShield Protect delivers data in same format as POS System is expecting. The encrypted data is then decrypted at the processing host. Transaction Data Encrypted and Secure Store A Multilane POS System

16 VeriFone’s V x 570 P L E A S E S L I D E C A R D This solution is now available on V x Solutions

17 00CAHG&#21#!aa=$#jkd500fasdJ$&$@!21 Processing Host VeriFone’s V x 570 secured by VeriShield Protect E N C R Y P T E D T R A N S A C T I O N P R O C E S S I N G Transaction Data Encrypted and Secure This solution is now available on V x Solutions

18 298101 569982 218934 009321 677882 395864 212988 320023 983277 928383 012398 455781 395684 887154 760033 4356881588= 20017632108900331272 98740300023954232128 32398566120907612778 55623210799095496331 65678823224350116785 23900934586793456821 54673122093459968312 78001239248290434298 09123963364327496032 52919951005333143465 91119923884252413148 02125952110177320187 93348955819021759690 12561963091370437047 08119212884426940234 29810120017632108900331272 BIN RoutingH-TDESLast FourTrack Data Resident on Card 435688 760033 1588= 08119212884426940234 Track Data encrypted with Hidden Triple DES (H-TDES) Track data is encrypted at the mag stripe reader using Hidden TDES, a patented technology that reformats the data in a manner that the POS system network still receives the track data format it was expecting… How Is This Accomplished?

19 Protecting Consumer Data A N D

20 VeriShield ® Protect Components VeriFone Component: VeriShield ® Protect Encryption Software protects Retailers by seamlessly encrypting consumer card data before it enters the Retailers Point of Sale System…and maintains that protection until it is safely outside of the merchants infrastructure, effectively shielding the merchant from the actual details of the consumer data. Semtek Components: Decryption Appliance high performance decryption appliance. CDMS™ provides merchants and acquirers with a real time understanding of their security status and risk. It is also designed to provide merchant processors a definitive real time view of their entire portfolio without having to rely on self-reporting of the merchants within their system.

21 Sustainable Security :: CDMS Overview A highly sophisticated monitoring system Security assurance and forensics for every card transaction within the enterprise Delivered in real time The VeriShield Protect solution incorporates access to a Cipher Device Metrics Server™ (CDMS™) that provides a real-time status and alert system to monitor compliance of each and every transaction as it occurs. CDMS Dashboard

22 CDMS as Definitive Monitoring Tool CDMS Key Features: Why They Matter… Real Time vs. Everything Else When a breach occurs, time-lag to awareness is the critical measure of survivability. Real-time means real mitigation. Real time means the Acquirer is the first to know. Actionable Data vs. Foggy Data Security status should not be an argument. CDMS empirical data (vs. analytics) makes it crystal clear if you are secure or not secure. Auditing vs. Reporting Security monitoring is no place for conflicts of interest. Compliance teams need reporting that is auditable to SAS 70 standards.

23 The Real Costs of Security Breaches A single lost, stolen, or compromised customer record costs your company exactly $197 according to the Ponemon Institute, a privacy research firm Fines associated with a compromise can equal $25-35 per account number according to Retail Systems Research 80% of credit card data breaches are tied to cash register and other POS devices according to Gartner Inc. A security breach can cost anywhere between $90 and $305 per record according to Forrester Research

24 VeriShield Protect :: The Benefits to You Cardholder data is never exposed in the POS environment Simplifies PCI DSS compliance Significantly reduces impact of costly audits, prevention methods and potential breaches No impact to current POS system Installing VeriShield Protect is transparent to the POS and does not require any software changes No impact to cardholder Does not require any additional steps or actions by the customer

25 Ensure your payment system is secure with VeriShield Protect.

Download ppt "VeriShield Protect Revolutionary technology that simplifies PCI DSS compliance with no system upgrades Now available on V x Solutions!"

Similar presentations

Innovating Since 1998 Direct EDJE, we make A World of Difference Direct Response Order Management Software A Proven Solution Since.

Innovating Since 1998 Direct EDJE, we make A World of Difference Direct Response Order Management Software A Proven Solution Since.
Surviving the PCI Self -Assessment James Placer, CISSP West Michigan Cisco Users Group Leadership Board.

Surviving the PCI Self -Assessment James Placer, CISSP West Michigan Cisco Users Group Leadership Board.
JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.

JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.
GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Advantages of having integrated ePayments and eCommerce By Fauwaz Hussain Nodus Technologies.

GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Advantages of having integrated ePayments and eCommerce By Fauwaz Hussain Nodus Technologies.
Property of the EMV Migration Forum © 2013 ATM COMMITTEE Canadian Lessons Learned Bruce Renard, Execuive Director The National ATM Council, Inc.

Property of the EMV Migration Forum © 2013 ATM COMMITTEE Canadian Lessons Learned Bruce Renard, Execuive Director The National ATM Council, Inc.
Property of CampusGuard Compliance With The PCI DSS.

Property of CampusGuard Compliance With The PCI DSS.
Target Data Breach – Cost of the Learning Curve Discuss the recent Target data breach and its impact on the industry as well as individuals January 29/30,

Target Data Breach – Cost of the Learning Curve Discuss the recent Target data breach and its impact on the industry as well as individuals January 29/30,
Smart Payment Processing ™ 800-846-4472 www.MercuryPay.com Protecting Your Business from Card Data Theft Presenter: Lucas Zaichkowsky.

Smart Payment Processing ™ Protecting Your Business from Card Data Theft Presenter: Lucas Zaichkowsky.
1 Credit card operation and the recent CardSystems incident HONG KONG MONETARY AUTHORITY 4 July 2005.

1 Credit card operation and the recent CardSystems incident HONG KONG MONETARY AUTHORITY 4 July 2005.
Contactless Payment. © Family Economics & Financial Education – January 2007 –– Financial Institution Unit – Contactless Payment - 2 Funded by a grant.

Contactless Payment. © Family Economics & Financial Education – January 2007 –– Financial Institution Unit – Contactless Payment - 2 Funded by a grant.
Credit Card Compliance Regulations Mandated by the Payment Card Industry Standards Council Accounting and Financial Services.

Credit Card Compliance Regulations Mandated by the Payment Card Industry Standards Council Accounting and Financial Services.
© Vendor Safe Technologies 2008 B REACHES BY M ERCHANT T YPE 70% 1% 9% 20% Data provided by Visa Approved QIRA November 2008 from 475 Forensic Audits.

© Vendor Safe Technologies 2008 B REACHES BY M ERCHANT T YPE 70% 1% 9% 20% Data provided by Visa Approved QIRA November 2008 from 475 Forensic Audits.
Creating a Winning E-Business Second Edition

Creating a Winning E-Business Second Edition
Electronic Commerce Semester 1 Term 1 Lecture 22.

Electronic Commerce Semester 1 Term 1 Lecture 22.
PCI Compliance Forrest Walsh Director, Information Technology California Chamber of Commerce.

PCI Compliance Forrest Walsh Director, Information Technology California Chamber of Commerce.
Data Security Standard. What Is PCI ? Who Does It Apply To ? Who Is Involved With the Compliance Process ? How We Can Stay Compliant ?

Data Security Standard. What Is PCI ? Who Does It Apply To ? Who Is Involved With the Compliance Process ? How We Can Stay Compliant ?
Mercury Payment Systems Dan Osby Director, Technical Services Technical Lead, Incident Response

Mercury Payment Systems Dan Osby Director, Technical Services Technical Lead, Incident Response
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance Commonwealth of Massachusetts Office of the State Comptroller March 2007.

Payment Card Industry (PCI) Data Security Standard (DSS) Compliance Commonwealth of Massachusetts Office of the State Comptroller March 2007.
GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Payment Processing Online and Within Dynamics GP PCI Compliance and Secure Payment Processing.

GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Payment Processing Online and Within Dynamics GP PCI Compliance and Secure Payment Processing.
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.

Similar presentations

Ads by Google