SMARTER. TOGETHER. Skimming Prevention: Overview of Best Practices August 5, 2014.

Slides:



Advertisements
Similar presentations
Surviving the PCI Self -Assessment James Placer, CISSP West Michigan Cisco Users Group Leadership Board.
Advertisements

PCI DSS for Retail Industry
Zenith Visa Web Acquiring A quick over view. Web Acquiring Allows merchants to receive payments for goods and services through the Internet Allows customers.
ETA UNIVERSITY MARCH 19, 2015 Deana Rich R ICH C ONSULTING, I NC. Edward A. Marshall A RNALL G OLDEN G REGORY LLP Payments 101: Overview of the Payments.
Credit Card Fraud The Scale of the Problem Michael Moore Regional Security & Fraud Investigation Manager 14 – 17 Nov 2005 Security & Safety – Middle East.
Target Data Breach – Cost of the Learning Curve Discuss the recent Target data breach and its impact on the industry as well as individuals January 29/30,
Smart Payment Processing ™ Protecting Your Business from Card Data Theft Presenter: Lucas Zaichkowsky.
How JCPenney is Managing Corporate Risk
Credit Card Compliance Regulations Mandated by the Payment Card Industry Standards Council Accounting and Financial Services.
© Vendor Safe Technologies 2008 B REACHES BY M ERCHANT T YPE 70% 1% 9% 20% Data provided by Visa Approved QIRA November 2008 from 475 Forensic Audits.
Creating a Winning E-Business Second Edition
Creating a Winning E-Business Second Edition Operating Your E-Business Chapter 5.
Information & Communication Technologies NMSU All About Discovery! Risk-Based Information Security Program at NMSU presented by Norma Grijalva.
PCI Compliance Forrest Walsh Director, Information Technology California Chamber of Commerce.
The Islamic University of Gaza
Data Security Standard. What Is PCI ? Who Does It Apply To ? Who Is Involved With the Compliance Process ? How We Can Stay Compliant ?
1 © 2008 Venable LLP Top 5 Technology Legal Traps for Associations Venable LLP August 24, :45 AM – 12:00 PM ASAE Annual Meeting Los Angeles, CA.
IT Server Receiving Dock Compactor Employee Entrance Cash Office Power, Water & HVAC Controls Identity Theft Contact Hilco For An Enterprise Exposure Check-Up.
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance Commonwealth of Massachusetts Office of the State Comptroller March 2007.
GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Payment Processing Online and Within Dynamics GP PCI Compliance and Secure Payment Processing.
Why Comply with PCI Security Standards?
PCI and how it affects College Stores… ROBIN MAYO | PCIP ECOMMERCE MANAGER EAST CAROLINA UNIVERISTY.
Network security policy: best practices
Payments technology and security
Company LOGO Copyright Carrie Kerskie Data Breach & Identity Theft By Carrie Kerskie Kerskie Group, Inc.
Security Information Management Firewall Management, Intrusion Detection, and Intrusion Prevention Intrusion Detection Busters Katherine Jackowski Elizabeth.
An Introduction to PCI Compliance. Data Breach Trends About PCI-SSC 12 Requirements of PCI-DSS Establishing Your Validation Level PCI Basics Benefits.
NUAGA May 22,  IT Specialist, Utah Department of Technology Services (DTS)  Assigned to Department of Alcoholic Beverage Control  PCI Professional.
Marketing of Information Security Products. The business case for Information Security Management.
Did You Hear That Alarm? The impacts of hitting the information security snooze button.
DATE: 3/28/2014 GETTING STARTED WITH THE INTEGRITY EASY PCI PROGRAM Presenter : Integrity Payment Systems Title: Easy PCI Program.
Credit unions use social media in a variety of ways, including marketing, providing incentives, facilitating applications for new accounts, inviting feedback.
Security Baseline. Definition A preliminary assessment of a newly implemented system Serves as a starting point to measure changes in configurations and.
FIVE STEPS TO REDUCE THE RISK OF CYBERCRIME TO YOUR BUSINESS.
Presentation Title Here
Controlling Fraud Risk Exposure and Loss Sherri Goodman Director of Fraud Operations September 22, 2005.
PCI Compliance: The Gateway to Paradise PCI Compliance: The Gateway to Paradise.
OH 9-1 Protecting Revenue 10 OH 9-1. OH 9-2 Learning Objectives After completing this chapter, you should be able to: Identify and explain the three parts.
13.6 Legal Aspects Corporate IT Security Policy. Objectives Understand the need for a corporate information technology security policy and its role within.
The State of Computer & Data Security in Corporations Independent Survey.
Ali Pabrai, CISSP, CSCS ecfirst, chairman & ceo Preparing for a HIPAA Security Audit.
Data Security and Payment Card Acceptance Presented by: Brian Ridder Senior Vice President First National September 10, 2009.
Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the OWASP License. The OWASP.
Information Systems, Security, and e-Commerce* ACCT7320, Controllership C. Bailey *Ch in Controllership : The Work of the Managerial Accountant,
ThankQ Solutions Pty Ltd Tech Forum 2013 PCI Compliance.
Langara College PCI Awareness Training
VeriShield Protect Revolutionary technology that simplifies PCI DSS compliance with no system upgrades Now available on V x Solutions!
BUSINESS CLARITY ™ PCI – The Pathway to Compliance.
Albany Bank Corporation Security Incident Management Program.
Protecting Yourself from Fraud including Identity Theft Advanced Level.
New EU General Data Protection Regulation Conference 2016 Managing a Data Breach Prevention-Detection-Mitigation By Gerard Joyce Dun Laoghaire Feb 24 th.
CYBERSECURITY: RISK AND LIABILITY March 2, 2016 Joshua A. Mooney Co-chair-Cyber Law and Data Protection White and Williams LLP (215)
U.S. Department of Homeland Security United States Secret Service MCPF PRESENTATION Evolving Financial CrimeTrends & The Gateway ECTF ASAIC Doug Roberts.
The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit.
The Privacy Symposium: Transferring Risk of a Privacy Event Paul Paray & Scott Ernst August 20, 2008.
WHAT NEW, WHAT NEXT IN PAYMENT PROCESSING. EMV WHAT IS EMV? 3  An acronym created by Europay ®, MasterCard ® and Visa ®  The global standard for the.
Presented by UT System Administration Information Security Office
PCI-DSS Security Awareness
Corporate Responsibility
Team 4 – Mack, Josh, Felicia, Kevin and Walter
MIS 5121: Real World Control Failure - TJX
Chapter 3: IRS and FTC Data Security Rules
Today’s Risk. Today’s Solutions. Cyber security and
Unfortunately, any small business could face the risk of a data breach or cyber attack. Regardless of how big or small your business is, if your data,
Presentation Title Here
cyberopsalliance.com |
Presentation Title Here
Presentation Title Here
PCI Device Inspections
UD PCI GUIDELINES A guide for compliance with PCI DSS and the University of Delaware Payment Card Program ALWAYS Process payments immediately using a solution.
Presentation transcript:

SMARTER. TOGETHER. Skimming Prevention: Overview of Best Practices August 5, 2014

SMARTER. TOGETHER. Introductions Ken Keegan - Jamba Juice Kevin Trimble - McDonald’s Corporation Kimberly Bloomston - The Zellman Group Keith Hoover - United States Secret Service

SMARTER. TOGETHER. Today’s Discussions Types of Cyber Threats Point of Sale Intrusion Cyber Incident Response Plan and Preventative Measures / Solutions

SMARTER. TOGETHER. Secret Service Presentation Keith Hoover - Asst. to Special Agent in Charge

SMARTER. TOGETHER. QSR Loss Prevention Impacts as a result of increased claims of unauthorized credit card usage: Due diligence with Merchant card vendors PCI compliance Increased Gift card abuse

SMARTER. TOGETHER. Merchant Card Vendors Notices from US Fraud Control and Investigations on Common Point of Purchase (CPP) notifications Due diligence required by the organization PCI, Payment Card and other assessments may need to be completed, documented and forwarded Possible fines for non-compliance.

SMARTER. TOGETHER. PCI Compliance Additional assessments and analysis may be required by IT if incidents continue Improved surveillance on servers and POS equipment may be required Confusion on standards may occur within organization and vendors

SMARTER. TOGETHER. Gift Card Abuse 86% of all online fraud is within 24 hours Primary Target of Fraudsters (2013) Online Retail 45% Food & Beverage 24% Other 31% Need to employ appropriate technology to identify stolen cards online

SMARTER. TOGETHER. Gift Card Abuse Increase in fraudulent gift cards in locations Good customers purchasing BAD cards through other means Online Market Mall Kiosks

SMARTER. TOGETHER. Solutions Implement / enforce a strict company policy against skimming / credit card fraud Raise awareness within your organization Establish investigative protocols / standards Monitor fraud trends (Google Alerts, etc.) Network with peers / LE to understand ORC / skimming / data breach trends

SMARTER. TOGETHER. Inspect Physical inspections of POS systems incorporated into operation checklists Management inspects POS systems for tampering Regulate pin pads, seals, manufacturer labels Investigate / report exposed or compromised cabling IT should conduct inventory of all devices in all locations (annually, quarterly or post-incident)

SMARTER. TOGETHER. Communicate Documented process for approving authorized service technicians (ID, background checks, etc.) Consider control process for repairing store devices / equipment. (Devices sent back to corporate for repair / replacement) Educate restaurant employees during new hire orientation / onboarding Educate employees on what a skimmer does / looks like Clearly present policy and consequences

SMARTER. TOGETHER. Post Company’s Position

SMARTER. TOGETHER. Investigate Establish investigative protocol Use a group distribution to enable ease of communication to appropriate delegates React quickly and discreetly! Review equipment Preserve CCTV Pull schedules Interview compromised cardholder

SMARTER. TOGETHER. Network Network with loss prevention / security / law enforcement peers to understand ORC trends Join appropriate organizations to conduct research quickly (e.g. IAFCI) Partner with eCommerce Fraud Detection partner to keep the fraudsters out

SMARTER. TOGETHER. Thank You

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.