Presentation is loading. Please wait.

Presentation is loading. Please wait.

Credit Cards at Fermilab Irwin Gaines Computer Security Awareness Day 9-Nov-2010.

Published byCassandra Hardy Modified over 8 years ago

Similar presentations

Presentation on theme: "Credit Cards at Fermilab Irwin Gaines Computer Security Awareness Day 9-Nov-2010."— Presentation transcript:

1 Credit Cards at Fermilab Irwin Gaines Computer Security Awareness Day 9-Nov-2010

2 Many Potential Uses Auditorium Committee (tickets to events) Recreation Office (gym memberships) Ed Center Cafeteria Chez Leon Housing Office Conference Office Collaboration Meetings

3 Many Potential Use Cases Employee presents actual card Member of general public presents card Individual reads card number over phone Individual types card number into a web page

4 Significant Constraints We cannot just do anything we like in processing credit cards!! E-Gov Act requires us to not collect any personal information about members of the general public PII requirements demand that we do not have any credit card information on lab computers Bank requires that any networks that process credit cards must be audited for PCI- compliance (which the general lab network could not do) Lab does not want multiple different solutions for the same problem

5 Credit Card Policy The lab computer network cannot be used to transmit credit card information, except by an individual using their own credit card while acting as a customer. This includes contract services such as the cafeteria, shoe truck, eye glass store, etc. All credit card transactions accepted by lab employees must be processed using a swiper/keypad provided under the terms of the lab contract administered by the Finance Section. All credit card processing services must be arranged under the terms of the labwide contract administered by the Finance Section.

6 Use cases handled as follows: A customer physically presents credit card to a lab merchant. The lab merchant must use swiper/keypad (not a computer!!!) to process credit card. A customer phones lab merchant with credit card information. Merchant must use keypad on swiper (not a computer!!!) to process credit card. A customer enters their own credit card information by visiting a site cleared by a 3d party provider. Customer may be onsite or remote. A customer physically presents credit card to a contractor (eg eye glass vendor, shoe truck, etc). The contractor cannot use any device attached to the Fermilab network to process credit card. The two expected mechanisms are a physical imprinter or a swiper/keypad. Note these use cases are designed to ensure that a lab merchant never enters a customer’s credit card into a computer, they only process credit cards using a swiper/keypad.

Download ppt "Credit Cards at Fermilab Irwin Gaines Computer Security Awareness Day 9-Nov-2010."

Similar presentations

Session 4: Data Privacy and Fraud Moderator: Bill Houck, Director, Risk Management, UATP Panelist: Peter Warner, EVP, Retail Decisions Cherie Lauretta,

Session 4: Data Privacy and Fraud Moderator: Bill Houck, Director, Risk Management, UATP Panelist: Peter Warner, EVP, Retail Decisions Cherie Lauretta,
MIT Web Credit Card Processing Lorraine J. Rappaport.

MIT Web Credit Card Processing Lorraine J. Rappaport.
What we all need to know. Approval Date: April 30, 2012 Approved by: President's Council.

What we all need to know. Approval Date: April 30, 2012 Approved by: President's Council.
New PCI Credit Card Security Requirements An in depth look at how to apply the new standards and protect your institution.

New PCI Credit Card Security Requirements An in depth look at how to apply the new standards and protect your institution.
Lessons Learned Data and Asset Security FOCUS Spring 2006 Chuck Banner UVA-Wise.

Lessons Learned Data and Asset Security FOCUS Spring 2006 Chuck Banner UVA-Wise.
Presented by : Vivian Eberhardt, Supervisor Cash and Credit Operations

Presented by : Vivian Eberhardt, Supervisor Cash and Credit Operations
Storing Organizational Information—Databases

Storing Organizational Information—Databases
Payment Card Industry (PCI) Data Security Standard (DSS) Compliance Commonwealth of Massachusetts Office of the State Comptroller March 2007.

Payment Card Industry (PCI) Data Security Standard (DSS) Compliance Commonwealth of Massachusetts Office of the State Comptroller March 2007.
E-Commerce Kerri Mills Student Activities Office W20-549.

E-Commerce Kerri Mills Student Activities Office W
McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Chapter 7 Storing Organizational Information - Databases.

McGraw-Hill/Irwin © 2008 The McGraw-Hill Companies, All Rights Reserved Chapter 7 Storing Organizational Information - Databases.
Web Advisory Committee June 17, 2009.  Implementing E-commerce at UW  Current Status and Future Plans  PCI Data Security Standard  Questions.

Web Advisory Committee June 17,  Implementing E-commerce at UW  Current Status and Future Plans  PCI Data Security Standard  Questions.
1 1.One stop shop -Purchases supplies from the vendor at wholesale cost: Passes saving on to customers -Saves the Agency money by: -Reducing purchase card.

1 1.One stop shop -Purchases supplies from the vendor at wholesale cost: Passes saving on to customers -Saves the Agency money by: -Reducing purchase card.
Electronic Transactions for your PTA organization June 26, 2013 North Fulton Council PTA ® everychild. onevoice. ®

Electronic Transactions for your PTA organization June 26, 2013 North Fulton Council PTA ® everychild. onevoice. ®
Solution Briefing Business Productivity in Action Keynote.

Solution Briefing Business Productivity in Action Keynote.
PCI 3.0 Boot Camp Payment Card Industry Data Security Standards 3.0.

PCI 3.0 Boot Camp Payment Card Industry Data Security Standards 3.0.
Corporate Purchasing Card Enhanced Reporting January 2015 Web Version 1.

Corporate Purchasing Card Enhanced Reporting January 2015 Web Version 1.
FIVE STEPS TO REDUCE THE RISK OF CYBERCRIME TO YOUR BUSINESS.

FIVE STEPS TO REDUCE THE RISK OF CYBERCRIME TO YOUR BUSINESS.
Viterbo University Credit Card Training Updated 5-19-15.

Viterbo University Credit Card Training Updated
2012 Hired Highway Safety Services to assist in the management of SMSA Opened the SMSA Business Office Created a new Web Page Distributed the SMSA Newsletter.

2012 Hired Highway Safety Services to assist in the management of SMSA Opened the SMSA Business Office Created a new Web Page Distributed the SMSA Newsletter.
Multnomah Education Service District P-Card Recertification 2015-16.

Multnomah Education Service District P-Card Recertification

Similar presentations

Ads by Google