1 10/2013. This training is provided for cashiers, phone-a-thon participants, and fiscal personnel involved in payment card activities that are never.

Slides:



Advertisements
Similar presentations
JPMorgan Chase Purchasing Card Training
Advertisements

October 28, Who? What? When? Why? Comply with PCI compliance policies set forth by industry Create internal policies and procedures to protect.
Privacy and Information Security Training ( ) VUMC Privacy Website
Merchant Card Processing (PCI Compliance for Supervisors) Sponsored by UW-Platteville’s Financial Services and The Office of Information Security.
Complying With Payment Card Industry Data Security Standards (PCI DSS)
This refresher course will:
Springfield Technical Community College Security Awareness Training.
JEFF WILLIAMS INFORMATION SECURITY OFFICER CALIFORNIA STATE UNIVERSITY, SACRAMENTO Payment Card Industry Data Security Standard (PCI DSS) Compliance.
FAIR AND ACCURATE CREDIT TRANSACTIONS ACT (FACTA)- RED FLAG RULES University of Washington Red Flag Rules Protecting Against Identity Fraud.
1. What is Identity Theft? 2. How Do Thieves Steal An Identity? 3. What Do Thieves Do with Stolen Identities? 4. What Can I Do To Avoid Becoming a Victim?
Protecting Your Identity: What to Know, What to Do.
C USTOMER CREDIT CARD AND DEBIT CARD SECURITY (PCI – DSS COMPLIANCE) What is PCI – DSS Compliance and Who needs to do this?
Payment Card PCI DSS Compliance SAQ-D Training Accounts Receivable Services, Controller’s Office 7/1/2012.
Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.
8 Mistakes That Expose You to Online Fraud to Online Fraud.
Presented by : Vivian Eberhardt, Supervisor Cash and Credit Operations
1.7.2.G1 Electronic/Online Banking & Bill Pay Take Charge of Your Finances.
DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,
CSE 4482, 2009 Session 21 Personal Information Protection and Electronic Documents Act Payment Card Industry standard Web Trust Sys Trust.
Credit Card Fraud PRESENTED BY THE VIRGINIA OFFICE OF THE ATTORNEY GENERAL June 2013.
Introduction to PCI DSS
PCI and how it affects College Stores… ROBIN MAYO | PCIP ECOMMERCE MANAGER EAST CAROLINA UNIVERISTY.
“Electronic Payment System”
HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)
Youngstown State University PCI Training enter or left click on mouse to advance slides.
Central Michigan University Payroll and Travel Services 3.
DATE: 3/28/2014 GETTING STARTED WITH THE INTEGRITY EASY PCI PROGRAM Presenter : Integrity Payment Systems Title: Easy PCI Program.
PCI DSS Readiness Presented By: Paul Grégoire, CISSP, QSA, PA-QSA
Payment Card PCI DSS Compliance SAQ-A Training Accounts Receivable Services, Controller’s Office 7/1/2012.
3.1.G1 © Family Economics & Financial Education – Revised October 2004 – Consumer Protection Unit – Identity Theft Funded by a grant from Take Charge America,
Viterbo University Credit Card Training Updated
Online Course This online course takes approximately 30 minutes to complete. You must successfully pass the exam with an 80%. Cash Management Training.
FTC RED FLAG RULE As many as nine million Americans have their identities stolen each year. Identity thieves may drain their accounts, damage their credit,
Introduction To Plastic Card Industry (PCI) Data Security Standards (DSS) April 28,2012 Cathy Pettis, SVP ICUL Service Corporation.
Cash Handling and Funds Collection Policies and Procedures.
Credit Card Merchant Training PCI Why Now? In October 2015, there will be a fraud liability shift that will affect merchants not able to accept.
Information Security & Compliance Financial Services Workshop February 10, 2010.
PRIVACY IN COMPUTING BY: Engin and Will. WHY IS PRIVACY IMPORTANT? They can use your computer to attack others (money, revenge) They can use your computer.
Payment Card Acceptance Security Awareness Interactive Quiz.
Data Security and Payment Card Acceptance Presented by: Brian Ridder Senior Vice President First National September 10, 2009.
Payment Card PCI DSS Compliance SAQ-B Training Accounts Receivable Services, Controller’s Office 7/1/2012.
ThankQ Solutions Pty Ltd Tech Forum 2013 PCI Compliance.
e-Learning Module Credit/Debit Payment Card Acceptance and Security
Identity Theft What is it, is identity theft really a problem, how can I protect myself, what do I do if my Identity is stolen.
1 Banking and Reconciliation. 2 To Certify As A Cash Handler  Visit the training website  Review the Payment Card Industry (PCI)
Langara College PCI Awareness Training
Protecting Your Assets By Preventing Identity Theft 1.
Checking & Savings Accounts Economics What is a Checking Account?  Common financial service used by many consumers (a place to keep money)  Funds.
Fall  Comply with PCI compliance policies set forth by industry  Create internal policies and procedures to protect cardholder data  Inform and.
IDENTITY FRAUD Lesson 2-5. A Few Figures on Fraud… 1 in Americans are victims of identity fraud each year. $ Average out of pocket cost to.
WHAT NEW, WHAT NEXT IN PAYMENT PROCESSING. EMV WHAT IS EMV? 3  An acronym created by Europay ®, MasterCard ® and Visa ®  The global standard for the.
Commercial Card Expense Reporting (CCER) The Trustees of Roanoke College An internet solution Accessed via Wells Fargo’s secure Commercial Electronic Office.
Commercial Card Expense Reporting (CCER) The Trustees of Roanoke College An internet solution Accessed via Wells Fargo’s secure Commercial Electronic Office.
Introduction to PCI DSS
PCI COMPLIANCE & A/R AUTOMATION 101 Nodus Technologies, Inc.
Protecting Your Assets By Preventing Identity Theft
Payment Card Industry (PCI) Rules and Standards
Payment Card Industry (PCI) Rules and Standards
PCI-DSS Security Awareness
Credit Card Training Updated
Electronic/Online Banking & Bill Pay
UGA Extension Credit Card Processing Training
Red Flags Rule An Introduction County College of Morris
Credit Card Training Updated
HOW TO REGISTER FOR THE J.P. MORGAN CHASE PAYMENTNET WEBSITE
Move this to online module slides 11-56
UD PCI GUIDELINES A guide for compliance with PCI DSS and the University of Delaware Payment Card Program ALWAYS Process payments immediately using a solution.
Credit Card Training Updated
Payment Card Industry Data Security Standards (PCI-DSS) Training
Presentation transcript:

1 10/2013

This training is provided for cashiers, phone-a-thon participants, and fiscal personnel involved in payment card activities that are never exposed to data from more than one card at a time. 2 This training may not be adequate PCI coordinators, executives who sign the annual PCI Self-Assessment Questionnaire (SAQ), or I.T. professionals. These people should contact the University’s Payment Card Services to arrange for training required for their roles. ( Note Note: If you have not completed the Responsible Computing Tutorial for Faculty and Staff, please visit their website to satisfy that requirement as soon as you complete this training:

3 We work and live and work in a global community. Most of us give very little thought to handing over our credit or debit card to complete strangers or entering their card data into a website. We do this in good faith, expecting that our information will be protected. Yet in 2010, “there were reported losses of $48 billion dollars that affected 11 million Americans” from credit card theft. Source:

4 When most of us think about payment card fraud, we think of cyber crimes. You may think of a hacker sitting at a computer who is out to get you from thousands of miles away. Most payment card frauds are crimes of opportunity: Someone left the door open A computer was left unprotected A filing cabinet was left open or unattended A person was allowed unauthorized access to secure areas or carelessly left documents on a desk They handed data to someone they barely knew

5 Each day, people engage in payment card activity or transactions with the University of Virginia, believing that we will protect their data from thieves. We work hard to maintain a secure data environment. The loss of their faith can have serious repercussions for the University. We depend on you as University employees and volunteers to help us in securing all customer’s cardholder data (CHD) and other personal information You are working with sensitive information and should handle it accordingly. Treat payment card data like you would a $1,000 bill Cash and payment card information should be secured if left unattended.

Payment Card: A broad term, applying to any magnetic-coded card used to make purchases. Payment Card Merchant: Any entity that accepts payment cards for payment of goods or services. Primary Account Number (PAN): Unique payment card number (typically for credit or debit cards) that identifies the issuer and the particular cardholder account. Card Holder Data: At a minimum, cardholder data consists of the full PAN. Cardholder data may also appear in the form of the full PAN plus any of the following: cardholder name, expiration date and/or service code. 6

8 1.Do not request, send or accept payment card information by . a)Do not process any transaction with payment card data received by ! b)If someone s data to you, you should make them aware that, for their safely, they should not send it again. Remove the data when responding! c)Direct them to an approved method for submitting card data. d)Delete the and cardholder data securely from your account. 2.NEVER record card data in any electronic format, even temporarily. a)This includes Excel files, databases, Integrated System notes, etc. b)Comply with UVA Policy IRM-015 “Electronic Storage of Highly Sensitive Data”.IRM Do not store any of the magnetic stripe data which includes the credit card confirmation code, or cardholder account numbers with expiration dates. (The 3 digits on the back of many cards and 4 digits on the front of an American Express card, often referred to as the confirmation or “CVV2” code.) For Mail Order/Telephone order charges, you may collect the information as long as it is destroy ( cross-cut shredded ) immediately after processing. 4.Do not direct a payer to a specific computer or offer to enter payment card data into a hosted website or other system that is not a U.Va. authorized point-of-sale swipe terminal on someone else’s behalf. 5.Maintain a clean desk if you are processing card information. a)Do not have personal phones, laptop, or other belongings near the processing area.

9 1.Notify your supervisor and your department PCI Coordinator right away! 2.Your PCI Coordinator or Supervisor must contact the following areas. If your supervisor or PCI coordinator are not available, you should notify the areas below. a)Contact your LSP (computer tech) if suspected activity involves computers (hacking, unauthorized access, etc.). ITS Security must be notified as well at: b) the U.Va. Payment Card Services unit to alert them immediately at c)Contact U.Va. Internal Audit if fraud is suspected related to payment card activities; they will assist you further. Call

Review your department’s payment card procedures with your supervisor. Have signed the U.Va. Electronic Access Agreement either in ESHARP or printed from: Complete the University’s annual Data Security Training linked from: Protect your ID’s and passwords, as they may provide criminals with an avenue to data that the University stores, processes or transmits. 10

11 1)Payment Card Industry – Data Security Standards (PCI-DSS). SC%20Quick%20Reference%20Guide.pdf SC%20Quick%20Reference%20Guide.pdf a)Every merchant department or unit has a contractual obligation with the credit card companies to adhere to PCI Standards and to certify compliance with the standards annually. b)Fraud, as a result of non-compliance carries with it substantial fines, sanctions and may result in the inability to conduct future card activity. 2)The University of Virginia e-commerce website at: Please continue to next slide to complete your training

12 To complete your training, click on the following link, select Payment Card Documents in the upper right-hand corner, then select and print the UVA Payment Card Confidentiality Agreement from the Documents page found on our Training site: ement.pdfhttp:// ement.pdf. The Agreement should be signed by both you and your supervisor annually. It will be maintained in the department/office records. For additional questions regarding payment card practices please contact the U.Va. Payment Card Services. U.Va. Payment Card Services

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.