Webinar Tokenization 101
|
|
- Susan McDaniel
- 6 years ago
- Views:
Transcription
1 Webinar Tokenization 101 René M. Pelegero Retail Payments Global Consulting Group L.L.C December 15 th, 2014
2 Webinar Overview A description of tokenization and how the technology is being employed in the payments space Agenda What is tokenization? What is NOT tokenization? Tokenization in payments Card scheme tokenization and Apple Pay Tokenization issues 2
3 History of Tokens Token Definition Tōkən/noun A thing serving as a visible or tangible representation of a fact, quality, feeling, etc. A voucher that can be exchanged for goods or services, typically one given as a gift or offered as part of a promotional offer. 3
4 Tokens in the Digital World Replace sensitive data elements to protect them from exposure An HR number instead of SSN as the primary access key to an employee database An Address ID to identify a full address Have no business meaning Cannot be used to derive the original value Do not have to change as the underlying value changes 4
5 Tokenization Is Not Encryption EMV NFC Host Card Emulation (HCE) 5
6 Tokenization is NOT Encryption However, tokens are often encrypted 6
7 Encryption 101 7
8 Tokenization is NOT EMV Europay, MasterCard, Visa (EMV) Founded in 1999 to define the specifications of chip based payment instruments Presently six member organizations American Express Discover JCB MasterCard (merged with Europay in 2002) Union Pay Visa EMV name used to describe chip based bankcards Tapped by members to define tokenization standards Version 1.0 of tokenization published in March
9 Tokenization is NOT NFC Near Field Communications (NFC) NFC is a set of standards for smart phones and similar devices to establish radio communication with each over very short ranges Different implementations Embedded in mobile phone SIM based Removable SE (SD Card) NFC in Payments NFC chip includes a Secure Element Stores information in a secure manner It is controlled by telephone carrier (MNO) or phone manufacturer 9
10 Tokenization is NOT HCE Host Card Emulation (HCE) Card number stored in host rather than Secure Element Solves the MNO control, provisioning and associated expense issues 10
11 Putting It All Together Tokens can be Defined by the EMVCo specification or by any proprietary standard but have nothing to do with standards for EMV chip cards Stored in NFC s Secure Element or a Host in the Cloud Can be stored encrypted or in the clear Tokens can be exchanged Between devices using NFC, HCE, or any other technology Generally in an encrypted manner 11
12 Use of Tokens in the Payments Industry Tokens replace bankcard numbers at different points in the process Tokens reduce card vulnerabilities Tokens reduce PCI compliance burdens Tokens can be generated in multiple places Merchant Generated Tokens Acquirer/Processors Generated Tokens Network Generated Tokens 12
13 Merchant Generated Tokens Merchant generates token when card number is first entered into merchant system Token database behind firewalls and public access (e.g. cc motel, Fluffy, Card Vault, etc.) All further activity for customer only uses the token, not the card number Token is converted to actual card number when it is time to authorize payment 13
14 Acquirer/Processor Generated Tokens Card is swiped at POS and PAN, track data, and expiration date are encrypted and sent to processor data center Card number is decrypted and sent to issuer for authorization and to tokenization server for token assignment Processor returns authorization and token to merchant who proceeds to store only the token Settlement, refunds, adjustments, chargebacks, etc. use the token number, not the card number 14
15 Network Generated Tokens Similar to Acquirer/Processor generated tokens but the token is generated, stored, and maintained as a paid service by the card networks Visa Token Service MasterCard Digital Enablement Service American Express Token Service Based on a standard published by EMVCo in March
16 Card Scheme Tokenization Services Visa waving all fees until the end of 2015 Amex has not releases fees yet MasterCard Digital Enablement Services (DES) Issuers Digital Enablement Service Lifecycle Management 10 per PAN Digitation fee of 50 when provisioning a token to a device Acquirers Digital Enablement fee of 0.01% for select CNP transactions 16
17 Apple Pay Tokenization How it works Registration/Enrollment Apple Pay app sends card number to issuing bank through Visa or MasterCard Issuing bank approves card number to be tokenized Visa or MasterCard tokenize the card number and sends token back to app Apple Pay provisions (i.e. stores) token onto Secure Element (SE) in iphone binding it to a unique device (DAN) 17
18 Apple Pay Tokenization How it works Purchases Consumer taps on POS device (using Touch ID to authenticate the user) iphone transmits DAN to POS plus a one time code number POS sends DAN to Acquirer who sends to Visa or MasterCard Visa or MasterCard translate token back to the original card number and sends it to issuer (after insuring that the token came from the proper device) Issuer approves or declines transaction as normal 18
19 Tokenization Benefits Reduce attractiveness of mass data breaches Reduced scope of PCI DSS Increased security of mobile payments Increased perception of security by consumers 19
20 General Tokenization Issues Token generation How random is random? Can true isolation be achieved Token availability Database management Availability, backup, and restore Interoperability Routing debit transactions Conflict with current loyalty schemes Token safety Token DB protection 20
21 Visa and MasterCard Tokenization Issues Compatibility with existing services Visa Token Service, MasterCard Digital Enablement Service, American Express Token Service vs. First Data Transarmour, TSYS Guardian Tokenization, Bell ID Tokenization Manager, etc. Compatibility with other standard schemes Secure Remote Payment Council Accredited Standards Committee X9 Inc. International Standards Organization (ISO) Operational Issues GUI and Customer Service Recurring payments Chargebacks, refunds, and investigations 21
22 Tokenization Services Strategic Issues Open Standards Tokenization as an Open Standard Is EMVCo the right home for tokenization standards? Control Visa and MasterCard control the data and access to funding account Those of us that participate in the token infrastructure can make decisions on who you want to give access to, whether you want to charge for it and things like that. Visa CEO Charles Scharf, Bank of America Merrill Lynch 2014 Banking & Financial Services Conference Conflict With Durbin Routing Accounts with debit cards tokenized by Visa and MasterCard can only be accessed by merchants through Visa and MasterCard 22
23 Tokenization Summary Tokenization is the concept of substituting sensitive data with meaningless values Tokenization is being used by merchants, acquirers, processors, and now card schemes to help reduce vulnerabilities of cards Visa, MasterCard, and Amex have introduced tokenization standards that gives them control over access and data and which will be provided for a fee to issuers and acquirers A number of significant issues related to tokenization have to be addressed and resolved by the payments industry 23
24 24
PCI DSS 3.2 AWARENESS NOVEMBER 2017
PCI DSS 3.2 AWARENESS NOVEMBER 2017 1 AGENDA PCI STANDARD OVERVIEW PAYMENT ENVIRONMENT 2ACTORS PCI ROLES AND RESPONSIBILITIES MERCHANTS COMPLIANCE PROGRAM PCI DSS 3.2 REQUIREMENTS 2 PCI STANDARD OVERVIEW
More informationNFC embedded microsd smart Card - Mobile ticketing opportunities in Transit
NFC embedded microsd smart Card - Mobile ticketing opportunities in Transit July 2017 By: www.smk-logomotion.com Introduction Presentation is describing NFC enabled microsd smart card (LGM Card) Technical
More informationDigital Payments Security Discussion Secure Element (SE) vs Host Card Emulation (HCE) 15 October Frazier D. Evans
Digital Payments Security Discussion Secure Element (SE) vs Host Card Emulation (HCE) 15 October 2014 Frazier D. Evans Evans_Frazier@bah.com There are four key areas that need to be investigated when talking
More informationDERIVED UNIQUE TOKEN PER TRANSACTION
SESSION ID: ASEC-W04 DERIVED UNIQUE TOKEN PER TRANSACTION Jeff Stapleton VP Security Architect Wells Fargo X9F4 workgroup chair Application Security Solution: tokenization technology Substitute sensitive
More informationSite Data Protection (SDP) Program Update
Advanced Payments October 9, 2006 Site Data Protection (SDP) Program Update Agenda Security Landscape PCI Security Standards Council SDP Program October 9, 2006 SDP Program Update 2 Security Landscape
More informationHow Mobile is Reshaping Payments
How Mobile is Reshaping Payments Smart Card Alliance Payments Summit April 7, 2016 Marianne Crowe Vice President, Payment Strategies Federal Reserve Bank of Boston Disclaimer: The views expressed in this
More informationSecure Elements 101. Sree Swaminathan Director Product Development, First Data
Secure Elements 101 Sree Swaminathan Director Product Development, First Data Secure Elements Secure Element is a tamper resistant Smart Card chip that facilitates the secure storage and transaction of
More informationAccount Management. Pilot Support Guide
Account Management Pilot Support Guide Public Use Doc no: PR-PUB-0013 Version 1.0 June 22, 2017 Copyright notice Copyright 2017 Cayan LLC. All rights reserved. No part of this publication may be reproduced,
More informationAccount Management. Pilot Support Guide
Account Management Pilot Support Guide Public Use Doc no: PR-PUB-0012 Version 1.0 June 22, 2017 Copyright notice Copyright 2017 Cayan LLC. All rights reserved. No part of this publication may be reproduced,
More informationSection 3.9 PCI DSS Information Security Policy Issued: November 2017 Replaces: June 2016
Section 3.9 PCI DSS Information Security Policy Issued: vember 2017 Replaces: June 2016 I. PURPOSE The purpose of this policy is to establish guidelines for processing charges on Payment Cards to protect
More informationBML MobilePay FAQ. Page 1
1. What is BML MobilePay App? BML MobilePay is a safe, easy and quick way to make purchases at merchant outlets and send money to individuals via your smartphone. It is a safe and secure method which does
More informationMDES to support converged wallets CEESCA 2015 Dubrovnik
László Szetnics, MasterCard Europe 30 September 2015 MDES to support converged wallets CEESCA 2015 Dubrovnik From the basics to the latest P2P Digitization MCBP NFC HCE PAN MasterPass Token DSRP MDES MDEXpress
More informationApple Pay - Frequently Asked Questions
Apple Pay - Frequently Asked Questions What is Apple Pay? Apple Pay is a payments feature integrated into the Wallet app on your ios device that lets you add your Century Bank (CB) MasterCard Debit Card
More informationBluePay Apple Pay User Guide
BluePay Apple Pay User Guide This documentation contains a step-by-step guide on getting set up to accept In-App Apple Pay transactions within your ios app through a BluePay gateway account. If you are
More informationGUIDE TO STAYING OUT OF PCI SCOPE
GUIDE TO STAYING OUT OF PCI SCOPE FIND ANSWERS TO... - What does PCI Compliance Mean? - How to Follow Sensitive Data Guidelines - What Does In Scope Mean? - How Can Noncompliance Damage a Business? - How
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments - Service Providers Version 3.2 April 2016 Section 1: Assessment Information Instructions for Submission
More informationiphone User Guide & Manual
iphone User Guide & Manual Telephone Support 866-680-8324 Email Support customerservice@bluepay.com Contents 1. Introduction... 3 2. Security... 3 3. Demo Mode... 3 4. Setup... 4 4.1 Activation... 4 4.2
More informationMerchant Guide to PCI DSS
0800 085 3867 www.cardpayaa.com Merchant Guide to PCI DSS Contents What is PCI DSS and why was it introduced?... 3 Who needs to become PCI DSS compliant?... 3 Card Pay from the AA Simple PCI DSS - 3 step
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.2 April 2016 Section 1: Assessment Information Instructions for Submission
More informationThe Role of TSM. TSM Functions. Guy Berg President Collis America May 6, 2009
The Role of TSM TSM Functions Guy Berg President Collis America 651 925 5410 berg@collisamerica.com May 6, 2009 1 TSM Trusted Service Manager Not a New Concept Many exist today Personalization Service
More informationPortico VT. User Guide FOR HEARTLAND MERCHANT USERS APRIL 2015 V2.8
Portico VT User Guide FOR HEARTLAND MERCHANT USERS APRIL 2015 V2.8 Notice THE INFORMATION CONTAINED HEREIN IS PROVIDED TO RECIPIENT "AS IS" WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT
More informationSecurity Requirements and Assessment Procedures for EMV 3-D Secure Core Components: ACS, DS, and 3DS Server
Payment Card Industry 3-D Secure (PCI 3DS) Security Requirements and Assessment Procedures for EMV 3-D Secure Core Components: ACS, DS, and 3DS Server Frequently Asked Questions November 2017 Introductory
More information3. Why should I use Samsung Pay instead of my physical cards?
Overview 1. What is Samsung Pay? Samsung Pay is a secure and easy-to-use mobile payment service which can be used to make purchases almost anywhere. Leveraging a new proprietary technology called Magnetic
More informationNext steps for NFC and mobile wallets
Next steps for NFC and mobile wallets PSE Consulting Merchant Acquiring Conference Mike Hendry Payment Systems Consultant Mike Hendry Page 1 1 Next steps for NFC and mobile wallets State of the (dis-)
More informationQUICK REFERENCE GUIDE iphone. Chase Mobile Checkout. FOR U.S. CLIENTS NOVEMBER 2017 NEXT è
QUICK REFERENCE GUIDE iphone Chase Mobile Checkout FOR U.S. CLIENTS NOVEMBER 2017 NEXT è QUICK REFERENCE GUIDE iphone CHASE MOBILE CHECKOUT U.S. 2 CHASE MAKES NO WARRANTY OF ANY KIND, EITHER EXPRESSED
More informationD220 - User Manual mypos Europe Ltd. mypos Mini Ice En
D220 - User Manual mypos Europe Ltd. mypos Mini Ice En CONTENTS Introduction... 2 Scope... 2 Related documentation... 2 Internet connectivity... 2 Using D220 with a mobile phone (via Bluetooth or personal
More informationVisa Inc Investor Day. Technology at Visa. Rajat Taneja EVP, Technology and Operations
Visa Inc. 2017 Investor Day Technology at Visa Rajat Taneja EVP, Technology and Operations Key Takeaways Technology is a vital pillar of Visa s business The Visa network is engineered to provide unmatched
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.2.1 June 2018 Section 1: Assessment Information Instructions for Submission
More informationPCI DATA SECURITY STANDARDS VERSION 3.2. What's Next?
PCI DATA SECURITY STANDARDS VERSION 3.2 What's Next? Presenters Alan Gutierrez Arana Director National PCI Leader RSM US LLP Gus Orologas, QSA Manager RSM US LLP Travis Wendling, QSA Supervisor RSM US
More informationGSM Association (GSMA) Mobile Ticketing Initiative
GSM Association (GSMA) Mobile Ticketing Initiative Sue Monahan Director - GSMA NA Clif Campbell Lead Member of Technical Staff AT&T April 2010 Content GSM World Today GSMA Overview GSMA M-Ticketing Initiative
More informationHow to Complete Your P2PE Self-Assessment Questionnaire
How to Complete Your P2PE Self-Assessment Questionnaire Compliance with the Payment Card Industry Data Security Standards (PCI DSS) is one of the best ways to protect your business and your customers from
More informationPayment Technique and Process
Payment Technique and Process The McAfee Consumer website provides a complete billing & payment process for individual customers (Home & Home Office service). The website payment is process easy and informing.
More informationThe Devil is in the Details: The Secrets to Complying with PCI Requirements. Michelle Kaiser Bray Faegre Baker Daniels
The Devil is in the Details: The Secrets to Complying with PCI Requirements Michelle Kaiser Bray Faegre Baker Daniels 1 PCI DSS: What? PCI DSS = Payment Card Industry Data Security Standard Payment card
More informationSecurity of NFC payments
Security of NFC payments Olga Korobova Department of Computer Science University of Massachusetts Amherst Abstract Our research objective was to examine the security features implemented by the bank cards
More informationProduct names and symbols mentioned in this presentation and this document content are trademarks or registered trademarks owned by respective companies. We highlight them here for educational purpose
More informationYou can use your PIN to complete your purchases at point-of-sale and for ATM transactions.
Westpac Business Prepaid MasterCard FAQs General Questions Is the Business Prepaid card a credit card? No. The Business Prepaid card has funds loaded on it by your employer. You can use the Business Prepaid
More informationSimplify PCI Compliance
WHITE PAPER Simplify PCI Compliance An Affordable, Easy-to-Implement Approach Using Secure SD-WAN For most retailers, the technology burden of maintaining PCI compliance can be overwhelming. Hundreds of
More informationPayPlug. The payment solution that increases your sales PAYPLUG EXTENSION FOR MAGENTO V1
PAYPLUG EXTENSION FOR MAGENTO V1 TABLE OF CONTENTS 1. INTRODUCTION..3 2. CONFIGURATION 4 2.1. CONNECT... 2.2. SETTINGS..5 2.3. PAYMENT PAGE..6 2.4. DISPLAY/HIDE PAYPLUG. 3. PAYMENT PAGE.6 3.1. REDIRECT.7
More informationPCI DSS Illuminating the Grey 25 August Roger Greyling
PCI DSS Illuminating the Grey 25 August 2010 Roger Greyling +64 21 507 522 roger.greyling@security-assessment.com Lightweight Intro Dark Myths of PCI 3 Shades of Grey The Payment Card Industry Data Security
More informationNavigating the PCI DSS Challenge. 29 April 2011
Navigating the PCI DSS Challenge 29 April 2011 Agenda 1. Overview of Threat and Compliance Landscape 2. Introduction to the PCI Security Standards 3. Payment Brand Compliance Programs 4. PCI DSS Scope
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.2 April 2016 Section 1: Assessment Information Instructions for Submission
More information2012PHILIPPINES ECC International :: MALAYSIA :: VIETNAM :: INDONESIA :: INDIA :: CHINA
Effective Data Security Measures on Payment Cards through PCI DSS 2012PHILIPPINES ECC International :: MALAYSIA :: VIETNAM :: INDONESIA :: INDIA :: CHINA Learning Bites Comprehend the foundations, requirements,
More informationThe Future of PCI: Securing payments in a changing world
The Future of PCI: Securing payments in a changing world Lauren Holloway 2014 Nature of the Threat About the Council PCI DSS Updates Staying Secure How You Can Participate In Closing Agenda Nature of the
More informationmypos Go User Manual mypos.com mypos Go - User Manual
mypos Go User Manual mypos.com mypos Go - User Manual Table of Contents Introduction...2 Related documentation 2 Activation...3 Activation code 4 Getting started...5 Learn about your device 5 Home screen
More informationPayment Card Industry Data Security Standards Version 1.1, September 2006
Payment Card Industry Data Security Standards Version 1.1, September 2006 Carl Grayson Agenda Overview of PCI DSS Compliance Levels and Requirements PCI DSS v1.1 in More Detail Discussion, Questions and
More informationGLOBAL TRANSPORT VT & BATCH SOLUTION
GLOBAL TRANSPORT VT & BATCH SOLUTION USER GUIDE VERSION 17.2 NOVEMBER Global Payments Inc. 10 Glenlake Parkway, North Tower Atlanta, GA 30328-3447 COPYRIGHT 2007- GLOBAL PAYMENTS INC. ALL RIGHTS RESERVED.
More informationUser Guide. Accept EFTPOS, Visa and Mastercard payments on the go with Kiwibank QuickPay.
User Guide Accept EFTPOS, Visa and Mastercard payments on the go with Kiwibank QuickPay. Kiwibank QuickPay terms and conditions apply. Kiwibank QuickPay is only available for business banking purposes.
More informationmypos Mini - User Manual mypos Europe Ltd. mypos Mini En
mypos Mini - User Manual mypos Europe Ltd. mypos Mini En CONTENTS Introduction... 2 Scope... 2 Related documentation... 2 Internet connectivity... 2 Using mypos Mini with a mobile phone (via Bluetooth
More informationProcessing Payments Securely in the Digital World
Processing Payments Securely in the Digital World Frank J. Leone, SVP, CTP Treasury Management Capital One Bank Mark Kemen Senior Business Analyst & Project Manager Cincinnati Bell William Cohn Head of
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.1 April 2015 Section 1: Assessment Information Instructions for Submission
More informationSterling Virtual Terminal. User Guide
Sterling Virtual Terminal User Guide Version 3.1.00 August 2015 Chapter 1: Getting started Table of Contents USER GUIDE... 1 CHAPTER 1: GETTING STARTED... 5 SYSTEM REQUIREMENTS... 5 STERLING VIRTUAL TERMINAL
More informationCONNECT TRANSIT CARD Pilot Program - Privacy Policy Effective Date: April 18, 2014
CONNECT TRANSIT CARD Pilot Program - Privacy Policy Effective Date: April 18, 2014 1. Welcome 1.1 Welcome to the Connect Transit Card Program. The Connect Card Program makes using public transit easier
More informationUser Guide. Accept EFTPOS, Visa and Mastercard payments on the go with Kiwibank QuickPay.
User Guide Accept EFTPOS, Visa and Mastercard payments on the go with Kiwibank QuickPay. Kiwibank QuickPay terms and conditions apply. Kiwibank QuickPay is only available for business banking purposes.
More informationMObIlE MOnEy PhoTo by istock
mobile money Photo by istock Finding the value in mobile payments for merchants and consumers egan Chesterfield reaches into her purse to pay for a cup of coffee. Instead of a wallet, she pulls out a smartphone.
More informationIdentity-Enabled Transactions Based on the EMVCo Payment Tokenization Specification. Authors: Yue Zhu Asmaa Aljohani Gyan Singh Namdhari.
Identity-Enabled Transactions Based on the EMVCo Payment Tokenization Specification Authors: Yue Zhu Asmaa Aljohani Gyan Singh Namdhari Dr. Seth Nielson Mentors: Maria Vachino December 12, 2016 Table of
More informationPrepaid visa bank of america
Welcome to PrePaid-USA, your trusted With the Bank of America Cash Rewards you make $500 in purchases in. Bank of America CashPay Card benefits include: Added security no need to carry large amounts of
More informationNavigate our app like a pro. How-to s, guides and more. Certified by J.D. Power* for providing An Outstanding Mobile Banking Experience.
Navigate our app like a pro How-to s, guides and more Certified by J.D. Power* for providing An Outstanding Mobile Banking Experience. Smart phone. Safe banking. Secure access We make keeping your money
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.2 April 2016 Section 1: Assessment Information Instructions for Submission
More informationWirecard CEE Integration Documentation
Created on: 20180117 21:34 by Wirecard CEE Integration Documentation () Created: 20180117 21:34 Online Guides Integration documentation 1/9 Created on: 20180117 21:34 by Credit Card General information
More informationPCI DSS COMPLIANCE DATA
PCI DSS COMPLIANCE DATA AND PROTECTION FROM RESULTS Technology CONTENTS Overview.... 2 The Basics of PCI DSS... 2 PCI DSS Compliance... 4 The Solution Provider Role (and Accountability).... 4 Concerns
More informationHCE security implications. Analyzing the security aspects of HCE
HCE security implications Analyzing the security aspects of HCE January 8th, 2014 White paper - HCE security implications, analyzing the security aspects of HCE HCE security implications About the authors:
More informationCredit Card Data Compromise: Incident Response Plan
Credit Card Data Compromise: Incident Response Plan Purpose It is the objective of the university to maintain secure financial transactions. In order to comply with state law and contractual obligations,
More informationPCI Compliance: It's Required, and It's Good for Your Business
PCI Compliance: It's Required, and It's Good for Your Business INTRODUCTION As a merchant who accepts payment cards, you know better than anyone that the war against data fraud is ongoing and escalating.
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.2 April 2016 Section 1: Assessment Information Instructions for Submission
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.2 April 2016 Document2 Section 1: Assessment Information Instructions for
More informationP2P Instructions. 4. Select Person to Person
P2P Instructions 1. To utilize P2P, you need to first be enrolled in digital banking. Sign up at www.ucbankmn.com or enroll directly through our mobile app. (To learn more about digital banking see https://www.ucbankmn.com/eservices/online-banking.)
More informationHave you updated your security lately?
Have you updated your security lately? for Payments Systems Introduction: Payments System Data Breaches Data breaches in the payments system are constantly in the news, and recent high profile cases show
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.2 April 2016 Section 1: Assessment Information Instructions for Submission
More informationNatural Security Alliance
Natural Security Alliance Business model and pilot projects ITU 14 & 15 October 2014 Philippe'Batard' Batard&&&Partners' Summary Natural Security Alliance: an initiative from retailers and banks The solution
More informationWill Mobile Phones Replace Cards?
Will Mobile Phones Replace Cards? Bastian Knoppers, Senior Vice President Card Personalization and Fulfillment, FIS Soren Bested, Managing Director Monitise Americas Kevin Morrison, Senior Vice President
More informationRMS Payment Bridge User s and Setup Guide Version 2.0
RMS Payment Bridge User s and Setup Guide Version 2.0 RMS Payment Bridge - User s and Setup Guide v2.0 1 of 53 Table of Contents RMS Payment Bridge... 3 User s Guide... 3 Debit Cards... 4 Debit Cards:
More informationCh 9: Mobile Payments. CNIT 128: Hacking Mobile Devices. Updated
Ch 9: Mobile Payments CNIT 128: Hacking Mobile Devices Updated 4-24-17 Current Generation Scenarios Mobile banking apps NFC-based or barcode-based payment apps used by consumers to purchase goods Premium-rated
More informationTokenisation: Reducing Data Security Risk
Tokenisation: Reducing Data Security Risk OWASP Meeting September 3, 2009 Agenda Business Drivers for Data Protection Approaches to Data Security Tokenisation to reduce audit scope and lower risk Examples
More informationEvolution of Cyber Attacks
Update from the PCI Security Standards Council Troy Leach, CTO, PCI Security Standards Council Evolution of Cyber Attacks Viruses Worms Trojan Horses Custom Malware Advanced Persistent Threats 1 Modern
More informationNAB EFTPOS USER GUIDE. for Countertop
NAB EFTPOS USER GUIDE for Countertop & Mobile Terminals About your NAB EFTPOS Terminal NAB EFTPOS Mobile NAB EFTPOS Countertop 2 Table of Contents Getting to know your NAB EFTPOS VeriFone terminal...5
More informationFrequently Asked Questions
Frequently Asked Questions 1. What is Samsung Pay? Samsung Pay is a secure and easy-to-use mobile payment service. You can add your SBI Debit Card issued on Visa and MasterCard platform on your Samsung
More informationDonor Credit Card Security Policy
Donor Credit Card Security Policy INTRODUCTION This document explains the Community Foundation of Northeast Alabama s credit card security requirements for donors as required by the Payment Card Industry
More informationCipherithm LLC 2013 PCI SSC North America Community Meeting Notes
Cipherithm LLC 2013 PCI SSC North America Community Meeting Notes A Cipherithm White Paper Document Version 1.00 Publish date: Sept 30, 2013 DISCLAIMER This publication is proprietary and confidential
More informationEFTPOS 1. User guide.
EFTPOS 1. User guide. Contact Details BankSA Merchant Helpdesk Service, Sales and Support Terminal Difficulties Stationery Orders 1300 780 940 Contents 1 Introduction.... 1 1.1 Merchant Responsibility
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.1 April 2015 Section 1: Assessment Information Instructions for Submission
More informationQUICK REFERENCE GUIDE ipad. Chase Mobile Checkout
QUICK REFERENCE GUIDE ipad Chase Mobile Checkout FOR U.S. CLIENTS OCTOBER 2018 QUICK REFERENCE GUIDE ipad CHASE MOBILE CHECKOUT U.S. 2 CHASE MAKES NO WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED,
More informationDIGITAL TECHNOLOGY An Evolution in the Payment Landscape. AMEX Digital Solutions
DIGITAL TECHNOLOGY An Evolution in the Payment Landscape AMEX Digital Solutions The Anatomy of Digital Payments Integration with leading digital wallet platforms such as Apple Pay, Android Pay and Samsung
More informationStreamline Business Processes and Save Money With Commercial Prepaid Solutions
Streamline Business Processes and Save Money With Commercial Prepaid Solutions Kyle Ruschman Strategic New Sales Prepaid Enterprise May, 23 2017 2015 Vantiv, LLC. All rights reserved. Agenda: - Background
More informationA QUICK PRIMER ON PCI DSS VERSION 3.0
1 A QUICK PRIMER ON PCI DSS VERSION 3.0 This white paper shows you how to use the PCI 3 compliance process to help avoid costly data security breaches, using various service provider tools or on your own.
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.1 April 2015 Section 1: Assessment Information Instructions for Submission
More informationPCI DSS 3.1 is here. Are you ready? Mike Goldgof Sr. Director Product Marketing
PCI DSS 3.1 is here. Are you ready? Mike Goldgof Sr. Director Product Marketing 1 WhiteHat Security Application Security Company Leader in the Gartner Magic Quadrant Headquartered in Santa Clara, CA 320+
More informationHow to Take your Contact Centre Out of Scope for PCI DSS. Reducing Cost and Risk in Credit Card Transactions for Contact Centres
How to Take your Contact Centre Out of Scope for PCI DSS Reducing Cost and Risk in Credit Card Transactions for Contact Centres 1 2 Contents 4 Executive Summary 6 PCI DSS Background 8 PCI DSS What s Involved
More informationWichita State University Credit Card Security Incident Response Team
PCI-DSS VERSION 3.1 REQUIREMENT # 12.10 REQUIREMENT DESCRIPTION 12.10: Has an incident response plan been implemented in preparation to respond immediately to a system breach, as follows. [Subrequirements
More informationBaptist Financial Services
Baptist Financial Services BFS Visa Prepaid PayCard FREQUENTLY ASKED QUESTIONS (FAQ S) Questions for Employers 1 What is a BFS Visa Prepaid PayCard? 2 How do I get a BFS Visa Prepaid PayCard? 3 How does
More informationCOMPLETING THE PAYMENT SECURITY PUZZLE
COMPLETING THE PAYMENT SECURITY PUZZLE An NCR white paper INTRODUCTION With the threat of credit card breaches and the overwhelming options of new payment technology, finding the right payment gateway
More informationMobile Payments: the Second Wave
Mobile Payments: the Second Wave Presentation at the Payments Drift Forum, University of Warsaw 8 September 2016 Hochschule Aschaffenburg University of Applied Sciences 1 1. M-payments : an elusive concept
More informationSamsung Pay - Frequently Asked Questions
Samsung Pay - Frequently Asked Questions Contents Overview............ 2 Registration.............2 Security..............4 Technology........... 5 Payment............ 6 Account.............8 Citi Rebate..............9
More informationMobile Access is the Killer App The Path to Flexible, Secure Credentials Brandon Arcement Senior Director, Product Marketing April 8, 2019
Powering the trusted identities of the world s people, places & things Mobile Access is the Killer App The Path to Flexible, Secure Credentials Brandon Arcement Senior Director, Product Marketing April
More informationData Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.2 April 2016 2006-2016 PCI Security Standards Council, LLC. All Rights Reserved.
More informationTransaction fees (for SNAP EBT, credit, and debit payments) are not covered through this program.
What is It? Through FMC s program, FNS will cover the costs of purchasing or renting SNAP EBT equipment and services (set-up costs, monthly service fees, and wireless fees) for up to three years. Transaction
More informationWill you be PCI DSS Compliant by September 2010?
Will you be PCI DSS Compliant by September 2010? Michael D Sa, Visa Canada Presentation to OWASP Toronto Chapter Toronto, ON 19 August 2009 Security Environment As PCI DSS compliance rates rise, new compromise
More informationDynaPro Go. Secure PIN Entry Device PCI PTS POI Security Policy. September Document Number: D REGISTERED TO ISO 9001:2008
DynaPro Go Secure PIN Entry Device PCI PTS POI Security Policy September 2017 Document Number: D998200217-11 REGISTERED TO ISO 9001:2008 MagTek I 1710 Apollo Court I Seal Beach, CA 90740 I Phone: (562)
More informationFrequently Asked Questions
Q. What is GTSE v.2.1.3? Frequently Asked Questions A. GTSE stands for Global Transport Secure ecommerce. GTSE v.2.1.3 is the next generation of Global Payments complete solution for small to mid-sized
More informationmbank s mobile payments journey Joanna Erdman Director, Card Business Development
mbank s mobile payments journey Joanna Erdman Director, Card Business Development The agenda of the journey 2 The agenda of the journey 3 Will 2015 be the next Year of Mobile Payments? This year we can
More informationPayment Card Industry Data Security Standard (PCI DSS) Incident Response Plan
1. Introduction This defines what constitutes a security incident specific to Yonder s Cardholder Data Environment (CDE) and outlines the incident response phases. For the purpose of this Plan, an incident
More information