2010 User Conference April 23 rd – 25 th, Philadelphia, PA PCI Compliance & Security Presented By: Kevin Smith & Mark Setzer Stone Edge Technologies, Inc.

Slides:



Advertisements
Similar presentations
CONFIDENTIAL 1 Preparing for & Maintaining PCI Compliance.
Advertisements

Credit Card Processing in SAP
Notes: Update as of 1/13/2010. Vulnerabilities are included for SQL Server 2000, SQL Server 2005, SQL Server Oracle (8i, 9i, 9iR2, 10g, 10gR2,11g),
2010 User Conference April 23 rd – 25 th, Philadelphia, PA Pick, Pack & Ship / Fulfillment Sunday 10:30 – 12:00 PM Presented by: Kevin Horowski, Senior.
Data Security Standard. What Is PCI ? Who Does It Apply To ? Who Is Involved With the Compliance Process ? How We Can Stay Compliant ?
PETs and ID Management Privacy & Security Workshop JC Cannon Privacy Strategist Corporate Privacy Group Microsoft Corporation.
GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Payment Processing Online and Within Dynamics GP PCI Compliance and Secure Payment Processing.
Oracle iPayment Configuration Integrated v/s Third Party Vendors
Notes: Update as of 12/31/2010 inclusive. Chart counts NIST CVE – Reported Software Flaws by “published” date, utilizing the NIST NVD. SQL Server.
Copyright © 2002 Pearson Education, Inc.
Pre-adoption concern 60% cited concerns around data security as a barrier to adoption 45% concerned that the cloud would result in a lack of data control.
Geneva, Switzerland, 4 December 2014 Evolving Payments into The Digital World Richard Smith, Vice President, MasterCard Customer Fraud Management
Webinar Today: eCommerce Solutions Shopping Carts Online Bill Payment Event Registration And more! Problems? Please
Credit Card And Prepaid Process Edward M. Kwang President.
Maintaining and Updating Windows Server 2008
PCI's Changing Environment – “What You Need to Know & Why You Need To Know It.” Stephen Scott – PCI QSA, CISA, CISSP
Security & PCI Compliance The Future of Electronic Payments Security & PCI Compliance Greg Grant Vice President – Managed Security Services.
Agenda Master Expert Associat e Microsoft Certified Solutions Master (MCSM) Microsoft Certified Solutions Expert (MCSE) Microsoft Certified Solutions.
May 30 th – 31 st, 2006 Sheraton Ottawa. Microsoft Certificate Lifecycle Manager Saleem Kanji Technology Solutions Professional - Windows Server Microsoft.
9.1 © 2004 Pearson Education, Inc. Lesson 9: Implementing Group Policy in Windows 2000 Server Exam Microsoft® Windows® 2000 Directory Services Infrastructure.
The Right Choice for Call Recording OAISYS and PCI DSS Compliance Managing Payment Card Industry Compliance with OAISYS Call Recording Solutions.
An Introduction to PCI Compliance. Data Breach Trends About PCI-SSC 12 Requirements of PCI-DSS Establishing Your Validation Level PCI Basics Benefits.
Brick and Mortar E-Commerce CRM Nodus Technologies Develops Software for Enterprises to Capture and Manage Electronic Payment Information From: to their.
Date goes here PCI COMPLIANCE: What’s All the Fuss? Mark Banbury Vice President and CIO, Plan Canada.
Module 8: Managing Client Configuration and Connectivity.
Database Design for DNN Developers Sebastian Leupold.
Secure Electronic Transaction (SET)
2010 User Conference April 23 rd – 25 th, Philadelphia, PA Workflow and Automation Sam Grow Senior Technician.
2010 User Conference April 23 rd – 25 th, Philadelphia, PA Helpful Tips from Tech Support Sunday 1:00 – 2:30 PM Presented by: Jason Nyzio, MBA, Manager.
Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.
Confidential – For Discussion & General Information Purposes Only EMV to Card Not Present Fraud Gavin Levin, CTP eReceivables Consultant.
Key Management with the Voltage Data Protection Server Luther Martin IEEE P May 7, 2007.
Module 7: Fundamentals of Administering Windows Server 2008.
1. 2 Considering the Plug-in 3 It’s incredibly easy to process transactions with your UBC Plug-in. 1. Create Payment2. Receive Payment3. Process TransactionAPPROVED!
RemoteNet Presented By The Systems House, Inc.. Enhancements Order by multiple selling units of measureOrder by multiple selling units of measure Web.
BA372 Stored Procedures and Triggers Lab. What needs to be done to change a customer’s credit limit? Who am I? May I? Do it Log it Display A database.
Customer Interface for wuw.com 1.Context. Customer Interface for wuw.com 2. Content Our web-site can be classified as an service-dominant website. 3.
Windows Role-Based Access Control Longhorn Update
PCI Training for PointOS Resellers PointOS Updated September 28, 2010.
© ITT Educational Services, Inc. All rights reserved. IS3230 Access Security Unit 6 Implementing Infrastructure Controls.
PAYWARE MOBILE API – APP TO APP INTEGRATION. PAYWARE MOBILE API OVERVIEW VeriFone’s PAYware Mobile API provides iPhone developers the ability to easily.
Introduction to eTIM. Introduction to eTIM eTIM Overview   eTIM (eTIM) is a server designed and developed by VeriFone, Inc. to work between PAYware.
PCI-DSS: Guidelines & Procedures When Working With Sensitive Data.
Privilege Management Chapter 22.
VeriShield Protect Revolutionary technology that simplifies PCI DSS compliance with no system upgrades Now available on V x Solutions!
INTRODUCTION TO SIM.DLL AGENDA SIM.DLL Overview and Features SIM.DLL Requirements Supported Terminals Transaction Flow Benefits.
PAYWARE SIM Secure Integration Method. WHY PAYWARE SIM? PAYware SIM provides a single interface to simply and securely integrate Windows-based POS systems.
1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.
THE WINDOWS OPERATING SYSTEM Computer Basics 1.2.
@NodusTec h m om Fauwaz Hussain Channel Sales Manager at Nodus Technologies Inc. (909)
Maintaining and Updating Windows Server 2008 Lesson 8.
The Payment Card Industry Data Security Standard (PCI DSS) is a proprietary information security standard for organizations that handle branded credit.
Trusted source for all your payment processing needs.
PCI COMPLIANCE & A/R AUTOMATION 101 Nodus Technologies, Inc.
Payment Card Industry (PCI) Rules and Standards
What is BizTalk ?
PCI-DSS Security Awareness
Get to know SQL Manager SQL Server administration done right 
PCI Rapid Comply Questionnaire
Sage (Accpac) Partner since 1999 Sage Gold Development Partner
Authorize.Net an overview
Implementation of concur for pcard reconciliation and approval
Connor Griesemer and Kevin Wu
Marketplace FAQs Treasury 5/1/2019.
06 | SQL Server and the Cloud
Presentation transcript:

2010 User Conference April 23 rd – 25 th, Philadelphia, PA PCI Compliance & Security Presented By: Kevin Smith & Mark Setzer Stone Edge Technologies, Inc. April 24, :30 AM – 12:00 PM

2010 User Conference April 23 rd – 25 th, Philadelphia, PA PCI PA-DSS Compliance The Stone Edge Order Manager Payment System Presented By: Kevin Smith Senior Developer, Stone Edge Technologies, Inc. April 24, :30 AM – 12:00 PM

2010 User Conference April 23 rd – 25 th, Philadelphia, PA PA-DSS? Payment Application – Data Security Standards Created & Enforced by PCI Maintained by PCI Security Standards Council Liability Concerns as a Merchant Impacts Applications Storing Cardholder Data Certification Needed for Gateway Access Deadlines!

2010 User Conference April 23 rd – 25 th, Philadelphia, PA Dilemma! Is the Order Manager Certifiable? –Security Concerns –Time & Cost of Certification –Versioning Considerations Questions –To Store or Not To Store –Long Term Issues and Liabilities –Third Party Integration Concerns

2010 User Conference April 23 rd – 25 th, Philadelphia, PA Management Decision New Payment System –Simplicity (KISS – OOPS!) –Limited Versioning –Data Isolation –Encryption Concerns –Code Centralization –Formalized Process Flow –Streamline Processor Integrations –Achieve Certification

2010 User Conference April 23 rd – 25 th, Philadelphia, PA Order Manager Import MOP View Orders Manual Orders POS Order Approval Pack & Ship DataActionRules Format Data & Choose Processor CC Proc PaymentResult Gateway Code CC Proc CC Proc CC Proc CC Proc CC Proc User Interface and/or Code DataActionRules PaymentResult DataActionRules PaymentResult DataActionRules PaymentResult DataActionRules PaymentResult DataActionRules PaymentResult DataActionRules PaymentResult

2010 User Conference April 23 rd – 25 th, Philadelphia, PA Order Manager Import MOP View Orders Manual Orders POS Order Approval Pack & Ship Payment Management System CC Proc CC Proc CC Proc CC Proc CC Proc CC Proc Order Object Payment UI Payment Request Payment Response Payment Processor Interface Data Collection, Action, Rules Result Analysis, Record Payment, Processor Code RESULT Payment Request

2010 User Conference April 23 rd – 25 th, Philadelphia, PA Impact On Your Operations No Permanent Card Data Storage Less Liability Repeat Customers –Card Data Tokenization –Gateway Customer Management Systems –Payment Data From Website Partial Shipments & Subscriptions A Few Extra Clicks New Interface

2010 User Conference April 23 rd – 25 th, Philadelphia, PA Added Features Multiple Capture & Voice Auth Capture Blind Credit Support Additional Gateways Gift Card Support* PIN Pad Support Check Reader Support Encrypted Card Swipe Support Improved USB System

2010 User Conference April 23 rd – 25 th, Philadelphia, PA Credit Card Interface

2010 User Conference April 23 rd – 25 th, Philadelphia, PA eCheck Interface

2010 User Conference April 23 rd – 25 th, Philadelphia, PA Other Payments

2010 User Conference April 23 rd – 25 th, Philadelphia, PA Existing Transactions

2010 User Conference April 23 rd – 25 th, Philadelphia, PA Questions?

2010 User Conference April 23 rd – 25 th, Philadelphia, PA Security Presented By: Mark Setzer Senior Developer, Stone Edge Technologies, Inc. April 24, :30 AM – 12:00 PM

2010 User Conference April 23 rd – 25 th, Philadelphia, PA Types of Security Physical –Physical access means game over from a security standpoint Network –Assume attacks are inevitable –Who needs access? To what? Application –Microsoft Access, Order Manager, Microsoft SQL Server

2010 User Conference April 23 rd – 25 th, Philadelphia, PA Order Manager Security Intended for basic reporting, logging, task assignment Not “hard” security

2010 User Conference April 23 rd – 25 th, Philadelphia, PA Network Security Hardware location –Firewall rules Server administration –Shared folders –Active Directory –Needed services –Windows Updates

2010 User Conference April 23 rd – 25 th, Philadelphia, PA Application Security Microsoft Access SQL Server –Careful about “role” access –Difficult to provide “basic” access w/o allowing destructive behavior as well

2010 User Conference April 23 rd – 25 th, Philadelphia, PA Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.