Switchover from Teledeposit to VIRTUAL TERMINAL Moneris Solutions February 20th & 22nd, 2007 9/19/2018

Agenda Introductions Why the switch from Teledeposit? When are we switching? What is Virtual Terminal? What is the cost? Moneris Virtual Terminal Demonstration Security Internal processing – FAS Payment Card Industry Security Standards Summary Key Contacts 9/19/2018

Why are we switching? Consolidated all payment processing within the university RFP process – Vendor of choice - Moneris Lower discount rates & transaction fees New technology Teledeposit (Global Payments product) is ‘old’ technology Duplication of work at McMaster eliminated 6909 clearing Reporting – on-line reports/summaries 9/19/2018

When are we switching? March 1st, 2007! Must ensure that all Teledeposit transactions are processed by February 28th If possible a few days earlier to make the transition smoother We will obtain your Virtual terminal access codes from Moneris and forward to you 9/19/2018

What is Virtual Terminal? Module of Moneris ‘eSELECTplus’ product Uses a PC and a web browser to process credit card payments Internet access required (all responded ‘yes’) Virtual terminal allows you to accept credit cards over the phone, by fax, or through the mail and obtain authorizations in real time over the Internet using a web browser no software to install or configure Transactions are processed securely Help reduce the risk of accepting fraudulent transactions with fraud tools. 9/19/2018

What is the Cost? Small volume users Large volume users Less than 10 transactions per week $6/month for access (McMaster charge) Transaction fees (Moneris charge) Discount fees (Moneris charge) Large volume users Required to have their own merchant number Regular Monthly Merchant Fees Temporary users (i.e. 1-4months) one-time access charge - TBD (McMaster charge) 9/19/2018

What is the Cost? (cont.) Discount fees Visa fee – 5% lower per transaction MasterCard fee – 19% lower per transaction Contract with Moneris states fees are confidential, please respect this 9/19/2018

MONERIS Virtual Terminal Demonstration Patrick Diab – Moneris Solutions 9/19/2018

Virtual Terminal Manual manual for the Virtual Terminal on-line: https://www3.moneris.com/connect/en/download/feb05/misc/eSELECTplus_Users_Guide.pdf 9/19/2018

Security Card Validation Digit (CVD) CVD is a 3-4 digit code on the back of the credit card Helps ensure that the customer making a purchase is actually in possession of their credit card **Can’t be recorded!!** (i.e. on a faxed in form) Really for phone orders only Address Verification Service (AVS) Allows card-not-present merchants to check cardholder’s billing address with the card issuer. Benefits: Reduce Fraud Less chance of chargeback's 9/19/2018

Internal Processing-FAS Every merchant with an access code will be asked to fill in an application form Choose one account number and subcode for your sales and charges to be posted to For each business day (9-5pm)the cashiers will print off a report from Moneris’ reporting tool (Merchant Direct) and post the sales to your account for that business day in on-line cashiering 9/19/2018

Internal Processing-FAS (cont.) Transaction fees and discount fees will be posted to your account monthly Print out sales report for each day for your own records Don’t need to send to cashiers If further breakdown needed – journal entries Please balance your 6909 to 0 before March 1st 9/19/2018

Payment Card Industry Security Standards Standards developed by the credit card companies (Visa, M/C) to protect cardholders McMaster is required to be compliant by 2010 Standard cover policies, business processes, systems, etc. Internal and External AUDITS will be necessary 9/19/2018

PCI Standards (cont.) GENERAL CATEGORIES FOR COMPLIANCE Build and maintain a secure network Protect Cardholder data Maintain a Vulnerability Program Implement Strong Access Control measures Regularly monitor and test networks Maintain a Policy that addresses information security 9/19/2018

PCI Standards (cont.) DO’S & DON’TS – specific to Virtual Terminal users **Do NOT obtain credit card information via e-mail** Do NOT store credit card information (i.e. on faxed in forms) Destroy or ‘mark-out’ as soon as transaction confirmed/processed Do NOT share access code with anyone Within a department OR with other departments Do NOT manage batch/repetitive payments Ability to do in Moneris system Fax machine MUST be a secure fax Not in a public office 9/19/2018

More info re: Security Links to information security policies: http://www.mcmaster.ca/uts/policy/netsecurity.htm http://www.mcmaster.ca/uts/policy/secinteg.htm 9/19/2018

Summary Teledeposit ‘out of service’ as of February 28th New system available March 1st We will be contacting you with your access numbers for Virtual Terminal shortly Recording of sales and charges done for you automatically - No need for journal entries unless you want to separate your sales Be mindful of PCI security requirements Balance your 6909 to 0 before March 1st 9/19/2018

Key Contacts Technical problems Moneris help desk – 1-866-319-7450 Re: transactions posted to your FAS account Erica DiCenzo – x24663 PCI standards/Security Richard Oketch – x20842 Balancing 6909 Lolita Reyllo-Zarzuela x27568 All other concerns Stacey Maxwell – x23654 9/19/2018