October 28, 2013. Who? What? When? Why? Comply with PCI compliance policies set forth by industry Create internal policies and procedures to protect.

Slides:



Advertisements
Similar presentations
© 2007 First Data Corporation. All Rights Reserved. This document contains unpublished, confidential and proprietary information of First Data Corporation.
Advertisements

Surviving the PCI Self -Assessment James Placer, CISSP West Michigan Cisco Users Group Leadership Board.
Shawnee State University’s
Procurement Card Presented By: Denise Matias, CAH March 20, 2013.
Mobile Payment Security The Good, the Bad and the Ugly
UCSB Credit Card Processing and PCI Compliance
Secretary of State Delbert Hosemann
Complying With Payment Card Industry Data Security Standards (PCI DSS)
This refresher course will:
C USTOMER CREDIT CARD AND DEBIT CARD SECURITY (PCI – DSS COMPLIANCE) What is PCI – DSS Compliance and Who needs to do this?
CARD ACCEPTANCE PROCEDURES Facilitator: Kristy A Stanley Fraud and Compliance Officer June
© 2012 Presented by: Preparation For EMV Chip Technology Keith Swiat.
Electronic Payment Systems E-Commerce. Intro to Electronic Payment Systems More than $900 billion transacted online Expected to swell to more than $3.
Presented by : Vivian Eberhardt, Supervisor Cash and Credit Operations
1.7.6.G1 © Family Economics & Financial Education –March 2008 – Financial Institutions – Online Banking Funded by a grant from Take Charge America, Inc.
DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,
PCI and how it affects College Stores… ROBIN MAYO | PCIP ECOMMERCE MANAGER EAST CAROLINA UNIVERISTY.
BPOINT for Schools Information Guide for Parents.
Emerging Technologies
Travillon Consultants
University of South Florida Credit Card Presentation Credit Card Reconciliation Process.
Electronic Transactions for your PTA organization June 26, 2013 North Fulton Council PTA ® everychild. onevoice. ®
5 EASY STEPS : Online Card Payments for your INUKA Orders
Central Michigan University Payroll and Travel Services 3.
How should I pay?. I listed these in the order I think you are most likely to encounter them.  Cash  Check  Debit card (use for a Debit or Credit transaction)
Electronic Payment Systems
BZUPAGES.COM Electronic Payment Systems Most of the electronic payment systems on internet use cryptography in one way or the other to ensure confidentiality.
2015 ANNUAL TRAINING By: Denise Goff
Viterbo University Credit Card Training Updated
Online Course This online course takes approximately 30 minutes to complete. You must successfully pass the exam with an 80%. Cash Management Training.
E-commerce Vocabulary Terms. E-commerce Buying and selling of goods, services, or information via World Wide Web, , or other pathways on the Internet.
Cash Handling and Funds Collection Policies and Procedures.
Introducing Paperless Bill Management and Accounts Receivable Processing.
Credit Card Merchant Training PCI Why Now? In October 2015, there will be a fraud liability shift that will affect merchants not able to accept.
The next generation of payments is here. Is your business ready?
Getnationwide.com Let’s Talk about EMV Danielle Rourke.
PCI Compliance: The Gateway to Paradise PCI Compliance: The Gateway to Paradise.
Cuallet step by step guide. Step 1 From the Cuallet home page, click the “Sign Up Now” button. New user / Register.
Supervision SICOR Securities, Inc.. Why? NASD 3110 requires the firm to “…establish and maintain a system to supervise the activities of each registered.
ThankQ Solutions Pty Ltd Tech Forum 2013 PCI Compliance.
e-Learning Module Credit/Debit Payment Card Acceptance and Security
University of South Florida Credit Card Presentation Credit Card Reconciliation Process.
Langara College PCI Awareness Training
TAXCO BUSINESS SERVICES INC. Division of Des-Dawn Corporation BOOKKEEPING | PAYROLL | TAX FILING | TAX PLANNING | CONSULTING INTRODUCING TAXCO BILL PAY.
Checking & Savings Accounts Economics What is a Checking Account?  Common financial service used by many consumers (a place to keep money)  Funds.
Fall  Comply with PCI compliance policies set forth by industry  Create internal policies and procedures to protect cardholder data  Inform and.
1 10/2013. This training is provided for cashiers, phone-a-thon participants, and fiscal personnel involved in payment card activities that are never.
Step 2 – Register a Card To register a UR Card, you can send an to or fill out the registration form at one of our awesome
Confidential and Proprietary - NOT TO BE DISTRIBUTED WITHOUT THE EXPRESS WRITTEN PERMISSION OF BANK OF AMERICA MERCHANT SERVICES. ASTRA EMV Review/Best.
WHAT NEW, WHAT NEXT IN PAYMENT PROCESSING. EMV WHAT IS EMV? 3  An acronym created by Europay ®, MasterCard ® and Visa ®  The global standard for the.
Commercial Card Expense Reporting (CCER) The Trustees of Roanoke College An internet solution Accessed via Wells Fargo’s secure Commercial Electronic Office.
Introduction to PCI DSS
EMV.
Payment Card Industry (PCI) Rules and Standards
Payment Card Industry (PCI) Rules and Standards
What Do I Need To Comply? A written policy for your unit detailing how you process payments; Cash Handling Training, renewed every two years; A safe,
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance
Payment card industry data security standards
Credit Card Training Updated
Making card acceptance work for you
UGA Extension Credit Card Processing Training
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance
Southern Utah University
Credit Card Training Updated
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance
What is BankMobile? A process to select how to receive student refunds and student payroll payments It is fast, secure, and convenient. Go to:
Colorado “Protections For Consumer Data Privacy” Law
UD PCI GUIDELINES A guide for compliance with PCI DSS and the University of Delaware Payment Card Program ALWAYS Process payments immediately using a solution.
Credit Card Training Updated
Payment Card Industry Data Security Standards (PCI-DSS) Training
Presentation transcript:

October 28, 2013

Who? What? When? Why?

Comply with PCI compliance policies set forth by industry Create internal policies and procedures to protect cardholder data Inform and train GVSU personnel who process cardholder data Perform annual review Report suspected or confirmed breach incidents

Compliance Documents Prohibited Practices: Storing CVV codes, pin numbers, track data or card numbers These must be destroyed immediately after processing. Sending credit card information via mobile or end-user messaging technologies ( , fax) Requesting for credit card information to be sent to GVSU street address Sending credit card information via intercampus mail

Prohibited Practices: Accepting/entering credit card information on GVSU website on behalf of a customer Using a laptop for entering credit card information Instructing customers to enter their own credit card information on a GVSU public computer Directly passing credit card fees to customers who pay via credit cards

Prohibited Practices: Using non-designated PCI compliant shredding devices or services Using non-designated PCI compliant hardware Most mobile terminal options, such as the Square that connects to the IPhone/IPad are NOT acceptable. Using non-approved third party service providers to process credit card transactions

So, then what is allowed?

Accepted Processing Procedures: Approved secure websites for ongoing, frequent processes Ben Rapin, Institutional Marketing, E-Commerce Request Form Approved secure terminal – wired or wireless Jennifer Schick, Accounting Business Office, Credit Card Processing Assistance Most mobile terminal options, such as the Square that connects to the IPhone/IPad are NOT acceptable.

Accepted Processing Procedures: Low volume options Take directly to cashier window on same business day. Must be taken by GVSU employee (not a student). See Credit Card Processing Assistance for Departmental Deposit Form. Can keep the last 4 digits of a card number for reference. Call one of the following offices, provide the FOAP where the money should be deposited, and transfer the call: for gift deposits (Gift Processing/Development Office) OR for other credit card payments (Student Accounts Hotline).

Accepted Processing Procedures: Dedicated PO Box for US Mail Approved PCI compliant shredders or shredding services Coordinate shredding services/bins through Kip Smalligan. Shredders must be cross-cut or diamond cut. Approved PCI compliant vendors If using or considering a third party service provider to accept credit cards, the vendor must be PCI compliant. Notify Sue Korzinek of process to allow for proper documentation to be acquired from third party vendor BEFORE signing a contract.

A scenario that works for many events: Set up online registration with Institutional Marketing. Prepare mailing and give registrants these options: Register online for credit card payments or Register via mail for check payments. For day of the event registrations, allow check payments or request the use of a loaner terminal to accept credit card payments.

Any new contract/relationship that relates to credit card payments MUST be approved by the PCI Committee. Contact Sue Korzinek and Jennifer Schick. WARNING: Just because a vendor or salesperson says that they are PCI Compliant, it does not mean that they are!

Notify immediately Assess situation Corrective measures Prepare message Evaluate processes for improvement

EMV – September 2015 EMV (Europay/MasterCard/Visa) /a.k.a Pin & Chip Instead of a magnetic stripe, EMV cards contain an embedded microprocessor. EMV chip technology reduces card fraud in a face- to-face card-present environment; provides global interoperability; and enables safer and smarter transactions across cards and contactless channels. – U.S. EMV Migration Efforts Continue Despite Debit Regulatory Challenges, 10/3/13

EMV – September 2015 As new credit card terminals are ordered or current terminals need to be replaced, GVSU will order terminals that are EMV capable. By September 2015, GVSU will order new EMV capable credit card terminals to replace terminals with the old technology.

Mobile technology Reminder: Most mobile terminal options, such as the Square that connects to the IPhone/IPad are NOT acceptable. Reminder: Using a laptop for entering credit card information is NOT acceptable. We are in the process of testing/evaluating new wireless/cellular terminals and a mobile payment bundle that would connect to an IPad.

Fees Reminder: At GVSU, departments are NOT allowed to directly passing credit card fees to customers who pay via credit cards. Recent headlines discussed changes in rules regarding surcharges/convenience fees. Few companies are actually proceeding down this path due to various hoops that they would need to jump through. Departments are able to set their rates for all forms of payment knowing that credit card processing fees are 2-3%.

Contact information: Sue Korzinek X12035 Jennifer Schick X12231

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.