Processing Payments Securely in the Digital World
|
|
- Alexander Jacobs
- 5 years ago
- Views:
Transcription
1 Processing Payments Securely in the Digital World Frank J. Leone, SVP, CTP Treasury Management Capital One Bank Mark Kemen Senior Business Analyst & Project Manager Cincinnati Bell William Cohn Head of Product, ecomerce Vantiv Merchant Services
2 Today s Agenda Welcome Remarks and Introductions Challenges encountered by Corporates accepting ecommerce payments Solution/Opportunity: Tokenization Cincinnati Bell s Story Mark Kemen Key Take-Aways from today s session Questions and Answers
3 Capital One Commercial Banking Capital One Bank is among the top 10 financial services providers in the U.S. Capital One Bank offers a unique combination of financial strength, personal attention and flexible products. And since we know that every business has its own unique challenges and opportunities, our focus is on getting to know the way you operate and understanding where you want your business to go. Serves over 6,100 clients Employs over 2,700 associates Services a $67 billion loan portfolio Processes 550,000 monetary and non-monetary servicing transactions* Manages 750 million ACH and wire transactions valued at $2 trillion Handles $34 billion in currency orders and deposits through its vault services Processes 7 million payments valued at $10 billion through its lockbox services* Processes $1.5+ billion in commercial card payments*
4 Capital One Merchant Services powered by Vantiv 800+ T H O U S A N D # 1PIN Debit Acquirer* $826 # B I L L I O N 2Merchant Transaction Acquirer 23.0 B I L L I O N Merchant Locations Volume Processed Transactions Today, we re the nation s #1 PIN debit processor and the #2 processor overall. We ve been named one of Forbes fastest growing technology companies. *As ranked by Nilson for general purpose transaction Volume Vantiv, LLC. All rights reserved.
5 Cincinnati Bell Overview 143-year history of innovation, reinvention and transformational growth and execution 1873 Cincinnati Bell first independent telephone company 1992 First in the nation to deploy SONET Ring technology 1994 First in the nation to deploy Metro Ethernet services 1997 First ADSL installation in North America 2000 Early provider of UCaaS 2007 Early provider of IaaS 2013 Successful spinoff of Cyrus One data center business 2015 Successful spinoff of Morphick cyber security business Key Financial Stats ($ in millions) 2016 Revenue: $ 2016 EBITDA: 1,186 $ 305 NYSE: CBB CBB Employees: 3,000 CBTS Employees: 1,000
6 E-Commerce Trends
7 E-Commerce Trends
8 E-Commerce Trends
9 Challenges encountered by Corporates Protect customers data Mitigate risk of loss Minimize PCI compliance scope (and costs) Implementing in-house security program
10 Data Thieves are Adept at Finding Vulnerabilities A big oil company s network was breached via a malware-infected online menu from Chinese restaurant frequented by employees Technique known as a watering hole attack A major as breached via its heating and cooling systems, which monitor its office systems remotely Hackers Lurking in Vents and Soda Machines ; April 4, 2014.
11 Solution : Tokenization What is a token? A benign, untranslatable numerical reference sequence that is useless and worthless outside of the transaction between the merchant and their token service provider (e.g. Capital One Merchant Services powered by Vantiv) Used in place of card numbers (or echeck numbers) by all of a merchant s systems
12 Solution : Tokenization Tokenization provides security for data in-transit, at-rest and in-use VT / Call Center Order Entry Chargeback Processing DB Finance Accounting DB Gateway/Processor Marketing Analytics CRM Back Office Merchant Systems DB Tokenization Service Provider Online
13 Control Costs by Reducing PCI Scope Costs: Depends upon PCI Level Level 1 and 2: Initial compliance: $150K - $2.5M Annual compliance validation: $40K - $250K 1 In house labor cost constitutes 21% of PCI costs 1 Mitigation of identified vulnerabilities Also, opportunity cost By reducing the cardholder data environment (CDE) smaller merchants may be able to do a self-assessment (SAQ-A) Self-Assessment Questionnaire A and Attestation of Compliance [1] Gartner Research, PCI Compliance Remains Challenging and Expensive, May 2008, (Image credit:
14 Reduce Risk and PCI Scope Further By Tokenizing at Initial Capture The card number never enters your systems Reduced exposure limits your risk of breach and lowers annual PCI compliance costs Thieves can t steal what isn t there, and organizations don t need to protect what they no longer store 1 1. TOKENIZATION: WHAT S NEXT AFTER PCI?
15 Cincinnati Bell s Story Pre-Tokenization Challenges Maintaining PCI compliance each year. Protecting/Encrypting card holder data in all channels. Network Security and Monitoring Costs Hardware Software Internal Resources
16 Cincinnati Bell s Story - PCI Scope Prior to Tokenization
17 Cincinnati Bell s Story - Tokenization All cards stored in database converted to tokens Card numbers entered are tokenized and stored in database e-protect implemented for card entry
18 Cincinnati Bell s Story - TriPOS Retail P2P encrypted connection to cloud Card readers not connected to POS
19 Cincinnati Bell s Story PCI Scope After Tokenization
20 Cincinnati Bell s Story - IVR Limitations Currently no way to prevent card numbers from being entered directly into our IVR applications. Isolate the servers receiving this information into their own network, surrounded by their own firewall. All touch tone and voice recordings will be paused whenever payment area/vector are encountered and then restarted when leaving that area.
21 Questions and Answers Bill Cohn Senior Product Leader, ecommerce Vantiv Merchant Services o: m: Frank J. Leone, CTP, MBA Senior Vice President Treasury Management Capital One Bank o: m: Mark Kemen Senior Business Analyst & Project Manager Cincinnati Bell
COMPLETING THE PAYMENT SECURITY PUZZLE
COMPLETING THE PAYMENT SECURITY PUZZLE An NCR white paper INTRODUCTION With the threat of credit card breaches and the overwhelming options of new payment technology, finding the right payment gateway
More informationMerchant Guide to PCI DSS
0800 085 3867 www.cardpayaa.com Merchant Guide to PCI DSS Contents What is PCI DSS and why was it introduced?... 3 Who needs to become PCI DSS compliant?... 3 Card Pay from the AA Simple PCI DSS - 3 step
More informationPCI DSS 3.1 is here. Are you ready? Mike Goldgof Sr. Director Product Marketing
PCI DSS 3.1 is here. Are you ready? Mike Goldgof Sr. Director Product Marketing 1 WhiteHat Security Application Security Company Leader in the Gartner Magic Quadrant Headquartered in Santa Clara, CA 320+
More informationPCI DSS 3.2 AWARENESS NOVEMBER 2017
PCI DSS 3.2 AWARENESS NOVEMBER 2017 1 AGENDA PCI STANDARD OVERVIEW PAYMENT ENVIRONMENT 2ACTORS PCI ROLES AND RESPONSIBILITIES MERCHANTS COMPLIANCE PROGRAM PCI DSS 3.2 REQUIREMENTS 2 PCI STANDARD OVERVIEW
More informationPCI COMPLIANCE IS NO LONGER OPTIONAL
PCI COMPLIANCE IS NO LONGER OPTIONAL YOUR PARTICIPATION IS MANDATORY To protect the data security of your business and your customers, the credit card industry introduced uniform Payment Card Industry
More informationHow to Complete Your P2PE Self-Assessment Questionnaire
How to Complete Your P2PE Self-Assessment Questionnaire Compliance with the Payment Card Industry Data Security Standards (PCI DSS) is one of the best ways to protect your business and your customers from
More informationJune 2013 PCI DSS COMPLIANCE GUIDE. Look out for the tips in the blue boxes if you use Fetch TM payment solutions.
If your business processes Visa and MasterCard debit or credit card transactions, you need to have Payment Card Industry Data Security Standard (PCI DSS) compliance. We understand that PCI DSS requirements
More informationMaintaining Trust: Visa Inc. Payment Security Strategy
Maintaining Trust: Visa Inc Payment Security Strategy Ellen Richey 2010 Payments Conference Chicago Federal Reserve Global Electronic Payments Protecting the payment system is a shared responsibility among
More informationHow to Take your Contact Centre Out of Scope for PCI DSS. Reducing Cost and Risk in Credit Card Transactions for Contact Centres
How to Take your Contact Centre Out of Scope for PCI DSS Reducing Cost and Risk in Credit Card Transactions for Contact Centres 1 2 Contents 4 Executive Summary 6 PCI DSS Background 8 PCI DSS What s Involved
More informationWebinar Tokenization 101
Webinar Tokenization 101 René M. Pelegero Retail Payments Global Consulting Group L.L.C December 15 th, 2014 Webinar Overview A description of tokenization and how the technology is being employed in the
More informationPCI compliance the what and the why Executing through excellence
PCI compliance the what and the why Executing through excellence Tejinder Basi, Partner Tarlok Birdi, Senior Manager May 27, 2009 Agenda 1. Introduction 2. Background 3. What problem are we trying to solve?
More informationHow PayPal can help colleges and universities reduce PCI DSS compliance scope. Prepared by PayPal and Sikich LLP.
How PayPal can help colleges and universities reduce PCI DSS compliance scope. Prepared by PayPal and Sikich LLP. Reduce time and resources needed for PCI DSS compliance. Campus merchants want to offer
More informationOpting Out. Avoid Becoming the Next Breach Statistic. Copyright 2014 MAC. All Rights Reserved.
Opting Out Avoid Becoming the Next Breach Statistic Panelists and Agenda Cliff Gray, Principal, Gray Consulting Panel Moderator Ruston Miles, Chief of Innovation, Bluefin P2PE and Tokenization Troy Leach,
More informationCommerce PCI: A Four-Letter Word of E-Commerce
Commerce PCI: A Four-Letter Word of E-Commerce Presented by Matt Kleve (vordude) http://www.flickr.com/photos/shawnzlea/527857787/ Who is this guy? 5 years of Drupal Been in the PCI 'trenches' Drupal Security
More informationFraud Risks Facing Credit Unions. ALLIED SOLUTIONS LLC SERVICE CENTER 210 East Main Street, Suite 200, Niles, MI Fax:
Fraud Risks Facing Credit Unions Today s Session Global risks Share how the bad guys are getting in Focus on Cyber and Card Risk Discuss what the credit union can do to prevent the risk Open discussion
More informationManaging Risk in the Digital World. Jose A. Rodriguez, Director Visa Consulting and Analytics
Managing Risk in the Digital World Jose A. Rodriguez, Director Visa Consulting and Analytics What is driving the security landscape? Innovation New entrants New technologies New business models Data Compromises
More informationin PCI Regulated Environments
in PCI Regulated Environments JULY, 2018 PCI COMPLIANCE If your business accepts payments via credit, debit, or pre-paid cards, you are required to comply with the security requirements of the Payment
More informationHave you updated your security lately?
Have you updated your security lately? for Payments Systems Introduction: Payments System Data Breaches Data breaches in the payments system are constantly in the news, and recent high profile cases show
More informationSIP Trunks. PCI compliance paired with agile and cost-effective telephony
SIP Trunks PCI compliance paired with agile and cost-effective telephony What is PCI DSS compliance? What does this mean for you? The Payment Card Industry Data Security Standard (PCI DSS) is the proprietary
More informationThe Devil is in the Details: The Secrets to Complying with PCI Requirements. Michelle Kaiser Bray Faegre Baker Daniels
The Devil is in the Details: The Secrets to Complying with PCI Requirements Michelle Kaiser Bray Faegre Baker Daniels 1 PCI DSS: What? PCI DSS = Payment Card Industry Data Security Standard Payment card
More informationThe BUSINESS of Fraud. Don t let it put you out of business. AFFILIATE LOGO
The BUSINESS of Fraud. Don t let it put you out of business. Veenindra J. Singh, First Vice President, Treasury Management Consultant California Bank & Trust 300 Lakeside Drive, Suite 800 Oakland, Ca 94612
More informationIT Audit and Risk Trends for Credit Union Internal Auditors. Blair Bautista, Director Bob Grill, Manager David Dyk, Manager
IT Audit and Risk Trends for Credit Union Internal Auditors Blair Bautista, Director Bob Grill, Manager David Dyk, Manager 1 AGENDA Internet Banking Authentication ATM Security and PIN Compliance Social
More informationWebinar: How to keep your hotel guest data secure
Webinar: How to keep your hotel guest data secure Securing your hotel guest data Wednesday April 18, 2018 2:00 pm ET WEBINAR HOST Joshua Molina Ed Vasko Chief Executive Officer QUESTIONS? Type them in
More informationPCI DATA SECURITY STANDARDS VERSION 3.2. What's Next?
PCI DATA SECURITY STANDARDS VERSION 3.2 What's Next? Presenters Alan Gutierrez Arana Director National PCI Leader RSM US LLP Gus Orologas, QSA Manager RSM US LLP Travis Wendling, QSA Supervisor RSM US
More informationCipherithm LLC 2013 PCI SSC North America Community Meeting Notes
Cipherithm LLC 2013 PCI SSC North America Community Meeting Notes A Cipherithm White Paper Document Version 1.00 Publish date: Sept 30, 2013 DISCLAIMER This publication is proprietary and confidential
More information6 Vulnerabilities of the Retail Payment Ecosystem
6 Vulnerabilities of the Retail Payment Ecosystem FINANCIAL INSTITUTION PAYMENT GATEWAY DATABASES POINT OF SALE POINT OF INTERACTION SOFTWARE VENDOR Table of Contents 4 7 8 11 12 14 16 18 Intercepting
More informationIs Your Payment Card Data Secure Enough?
January 2018 Is Your Payment Card Data Secure Enough? 2018 KUBRA Is Your Payment Card Data Secure Enough? Payment Security Matters In 2007, TJX Companies (which includes TJ Maxx, HomeSense, and Marshalls)
More informationComodo HackerGuardian. PCI Security Compliance The Facts. What PCI security means for your business
Comodo HackerGuardian PCI Security Compliance The Facts What PCI security means for your business Overview The Payment Card Industry Data Security Standard (PCI DSS) is a set of 12 requirements intended
More informationTokenisation for PCI-DSS Compliance
Tokenisation for PCI-DSS Compliance Silver Bullet, Hype or somewhere in between? Peter Nikitser, Senior Security Architect, CSC pnikitser@csc.com 1 The Challenge with PCI-DSS Compliance Many organisations
More informationThe IT Search Company
The IT Search Company PCI for Splunk @ Gala Coral Peter Bassill CISO Gala Coral Group The IT Search Company 2 Splunk Inc. 2010 Agenda My 2 minutes of Fame Who is Gala Overview of IT @ Gala What is PCI
More informationNavigating the PCI DSS Challenge. 29 April 2011
Navigating the PCI DSS Challenge 29 April 2011 Agenda 1. Overview of Threat and Compliance Landscape 2. Introduction to the PCI Security Standards 3. Payment Brand Compliance Programs 4. PCI DSS Scope
More informationIntroduction to the PCI DSS: What Merchants Need to Know
Introduction to the PCI DSS: What Merchants Need to Know Successfully managing a business in today s environment is, in its own right, a challenging feat. Uncertain economics, increasing regulatory pressures,
More information2012PHILIPPINES ECC International :: MALAYSIA :: VIETNAM :: INDONESIA :: INDIA :: CHINA
Effective Data Security Measures on Payment Cards through PCI DSS 2012PHILIPPINES ECC International :: MALAYSIA :: VIETNAM :: INDONESIA :: INDIA :: CHINA Learning Bites Comprehend the foundations, requirements,
More informationUniversity of Sunderland Business Assurance PCI Security Policy
University of Sunderland Business Assurance PCI Security Policy Document Classification: Public Policy Reference Central Register IG008 Policy Reference Faculty / Service IG 008 Policy Owner Interim Director
More informationPCI Compliance: It's Required, and It's Good for Your Business
PCI Compliance: It's Required, and It's Good for Your Business INTRODUCTION As a merchant who accepts payment cards, you know better than anyone that the war against data fraud is ongoing and escalating.
More informationPCI DSS. Compliance and Validation Guide VERSION PCI DSS. Compliance and Validation Guide
PCI DSS VERSION 1.1 1 PCI DSS Table of contents 1. Understanding the Payment Card Industry Data Security Standard... 3 1.1. What is PCI DSS?... 3 2. Merchant Levels and Validation Requirements... 3 2.1.
More informationGUIDE TO STAYING OUT OF PCI SCOPE
GUIDE TO STAYING OUT OF PCI SCOPE FIND ANSWERS TO... - What does PCI Compliance Mean? - How to Follow Sensitive Data Guidelines - What Does In Scope Mean? - How Can Noncompliance Damage a Business? - How
More informationPayment Card Industry (PCI) Compliance
Payment Card Industry (PCI) Compliance February 13, 2019 To Receive CPE Credit Individuals Participate in entire webinar Answer polls when they are provided Groups Group leader is the person who registered
More informationCybersecurity Guidance for Small Firms Thursday, November 8 9:00 a.m. 10:00 a.m.
Cybersecurity Guidance for Small Firms Thursday, November 8 9:00 a.m. 10:00 a.m. It is crucial that small financial firms take proper cybersecurity measures to protect their customers and their firm. During
More informationVisa Inc Investor Day. Technology at Visa. Rajat Taneja EVP, Technology and Operations
Visa Inc. 2017 Investor Day Technology at Visa Rajat Taneja EVP, Technology and Operations Key Takeaways Technology is a vital pillar of Visa s business The Visa network is engineered to provide unmatched
More informationHow to Dramatically Lower the Cost and Pain of the Yearly PCI DSS Audit
How to Dramatically Lower the Cost and Pain of the Yearly PCI DSS Audit Executive Summary The annual Payment Card Industry Data Security Standard (PCI DSS) Audit is expensive in two ways: Out of Pocket
More informationCybersecurity The Evolving Landscape
Cybersecurity The Evolving Landscape 1 Presenter Zach Shelton, CISA Principal DHG IT Advisory Zach.Shelton@DHG.com Raleigh, NC 14+ years of experience in IT Consulting 11+ years of experience with DHG
More informationUCSB Audit and Advisory Services Internal Audit Report. Credit Cards PCI Compliance. July 1, 2016
Internal Audit Report Credit Cards PCI Compliance July 1, 2016 Performed by: Jessie Masek, Associate Director Antonio Manas-Melendez, Principal Auditor Laurie Liao, Staff Auditor Approved by: Robert Tarsia,
More informationUC SAN DIEGO 2018 MERCHANT PCI DSS CYCLE
UC SAN DIEGO 2018 MERCHANT PCI DSS CYCLE AGENDA Where we are headed What is the PCI DSS? What are the consequences of not complying with the PCI DSS? 2018 Compliance cycle calendar Merchant processing
More informationA QUICK PRIMER ON PCI DSS VERSION 3.0
1 A QUICK PRIMER ON PCI DSS VERSION 3.0 This white paper shows you how to use the PCI 3 compliance process to help avoid costly data security breaches, using various service provider tools or on your own.
More informationPayment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire A and Attestation of Compliance
Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire A and Attestation of Compliance Card-not-present Merchants, All Cardholder Data Functions Fully Outsourced For use with
More informationSamu Konttinen, CEO Q3 / 2017 CORPORATE SECURITY REVENUE UP BY 11% - GOOD GROWTH CONTINUED
Samu Konttinen, CEO Q3 / 2017 CORPORATE SECURITY REVENUE UP BY 11% - GOOD GROWTH CONTINUED 1 AGENDA Key takeaways from Q3 Key figures Business updates Outlook Financials FAQ All figures refer to continuing
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.2 April 2016 Section 1: Assessment Information Instructions for Submission
More informationThe sign-in area is located at the back of the room. Grab a name tag and let us know who you are! Annual PCI Overview
The sign-in area is located at the back of the room. Grab a name tag and let us know who you are! Annual PCI DSS Compliance Overview Presented March 2017 By CERTIFI (Compliant Electronic Receipts Transactions
More informationDigital Transformation through Open Software Defined Infrastructure Justin Dustzadeh, Vice President and Head of Global Infrastructure Network
Digital Transformation through Open Software Defined Infrastructure Justin Dustzadeh, Vice President and Head of Global Infrastructure Network Services, Visa Digital Transformation Through! Open Software-Defined
More informationJune 2012 First Data PCI RAPID COMPLY SM Solution
June 2012 First Data PCI RAPID COMPLY SM Solution You don t have to be a security expert to be compliant. Developer: 06 Rev: 05/03/2012 V: 1.0 Agenda Research Background Product Overview Steps to becoming
More informationREQUIREMENT Build and Maintain a Secure Network and Systems 1. Install and maintain a firewall configuration to protect cardholder data
..!IL UTH ihltli The University of Texas Health Science Center at Houston Office of Auditing & Advisory Services September 25, 2015 Report on PCI DSS Audit #15-123 and PCI DSS Integrated Audit #15-208
More informationWelcome. IT Exchange. November 19, 2013
Welcome IT Exchange November 19, 2013 Agenda IT Services Action Plan Cybersecurity Payment Card Industry Data Security Standards GitLab OAuth 2.0 itservices.msu.edu/actionplan Cyber Security Challenges
More informationMobile Security / Mobile Payments
Mobile Security / Mobile Payments Leslie K. Lambert CISSP, CISM, CISA, CRISC, CIPP/US, CIPP/G VP, Chief Information Security Officer Juniper Networks Professional Techniques - Session T23 MOBILE SECURITY
More informationFFIEC Cyber Security Assessment Tool. Overview and Key Considerations
FFIEC Cyber Security Assessment Tool Overview and Key Considerations Overview of FFIEC Cybersecurity Assessment Tool Agenda Overview of assessment tool Review inherent risk profile categories Review domain
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Self-Assessment Questionnaire D Service Providers For use with PCI DSS Version 3.2 Revision 1.1 January 2017 Section 1:
More informationSite Data Protection (SDP) Program Update
Advanced Payments October 9, 2006 Site Data Protection (SDP) Program Update Agenda Security Landscape PCI Security Standards Council SDP Program October 9, 2006 SDP Program Update 2 Security Landscape
More information2015 VORMETRIC INSIDER THREAT REPORT
Research Conducted by Research Analyzed by 2015 VORMETRIC INSIDER THREAT REPORT Trends and Future Directions in Data Security GLOBAL EDITION #2015InsiderThreat EXECUTIVE PERSPECTIVE 1 INSIDER THREATS:
More informationBest Practices (PDshop Security Tips)
Best Practices (PDshop Security Tips) For use with all versions of PDshop Revised: 12/29/17 PDshop.com / Copyright 2002-2018 All Rights Reserved. 1 Table of Contents Table of Contents... 2 Best Practices...
More informationCyber Fraud What can you do about it?
Cyber Fraud What can you do about it? Eric Wright Shareholder June 10, 2014 What is Cyber Fraud? NetLingo definition: Cyber fraud refers to any type of deliberate deception for unfair or unlawful gain
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Self-Assessment Questionnaire A-EP For use with PCI DSS Version 3.2.1 July 2018 Section 1: Assessment Information Instructions
More informationSection 1: Assessment Information
Section 1: Assessment Information Instructions for Submission This document must be completed as a declaration of the results of the merchant s self-assessment with the Payment Card Industry Data Security
More informationTransaction Security Challenges & Solutions
Transaction Security Challenges & Solutions A REPORT FROM NEWNET COMMUNICATION TECHNOLOGIES, LLC Copyright NewNet Communication Technologies, LLC. 700 East Butterfield Road, Suite 350, Lombard, IL 60148
More informationCyber Security Update. Bennett L. Gaines Senior Vice President, Corporate Services, CIO, FirstEnergy 2012 Summer Seminar August 5-7, 2012
Cyber Security Update Bennett L. Gaines Senior Vice President, Corporate Services, CIO, FirstEnergy 2012 Summer Seminar August 5-7, 2012 Agenda Timeline Regulatory / Compliance Environment Smart Grid Threats
More informationCIO Forum Maximize the value of IT in today s economy
CIO Forum Maximize the value of IT in today s economy Laura Scott, Vice President Service Product Line Sales Global Technology Services IT infrastructure is reaching a breaking point. 85% idle In distributed
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.1 April 2015 Section 1: Assessment Information Instructions for Submission
More informationThe Art and Science of Deception Empowering Response Actions and Threat Intelligence
SESSION ID: SPO1-W05B The Art and Science of Deception Empowering Response Actions and Threat Intelligence Ray Kafity Vice President Attivo Networks Why Today s Security Defenses are Failing Attackers
More informationA Perfect Fit: Understanding the Interrelationship of the PCI Standards
A Perfect Fit: Understanding the Interrelationship of the PCI Standards 9/5/2008 Agenda Who is the Council? Goals and target for today s Webinar Overview of the Standards and who s who PCI DSS PA-DSS PED
More informationPayment Systems Statistics
Payment Systems Statistics Payment Systems Department Payment Systems Table-1: Comparative Position of Payment Systems (Volume in Million and Value in Rs. Trillion) Quarter 1 - Quarter 4 - Quarter 1 FY18
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.1 April 2015 Section 1: Assessment Information Instructions for Submission
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.1 April 2015 Section 1: Assessment Information Instructions for Submission
More informationThe Realities of Data Security and Compliance: Compliance Security
The Realities of Data Security and Compliance: Compliance Security Ulf Mattsson, CTO, Protegrity Ulf.mattsson @ protegrity.com Bio - A Passion for Sailing and International Travel 2 Ulf Mattsson 20 years
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.2 April 2016 Section 1: Assessment Information Instructions for Submission
More informationMitigating Security Breaches in Retail Applications WHITE PAPER
Mitigating Security Breaches in Retail Applications WHITE PAPER Executive Summary Retail security breaches have always been a concern in the past, present and will continue to be in the future. They have
More informationMobile ACH Payments Request for Comment
Mobile ACH Payments Request for Comment Executive Summary and Rules Description September 1, 2009 REQUEST FOR COMMENT RESPONSES DUE BY FRIDAY, OCTOBER 16, 2009 NACHA requests comment on a proposal to amend
More informationPayment Card Industry Data Security Standard (PCI DSS) Incident Response Plan
1. Introduction This defines what constitutes a security incident specific to Yonder s Cardholder Data Environment (CDE) and outlines the incident response phases. For the purpose of this Plan, an incident
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Self-Assessment Questionnaire P2PE For use with PCI DSS Version 3.2.1 July 2018 Section 1: Assessment Information Instructions
More information10 Cybersecurity Questions for Bank CEOs and the Board of Directors
4 th Annual UBA Bank Executive Winter Conference February, 2015 10 Cybersecurity Questions for Bank CEOs and the Board of Directors Dr. Kevin Streff Founder, Secure Banking Solutions 1 Board of Directors
More informationWelcome to Worldpay Gateway Services
Welcome to Worldpay Gateway Services This way to global ecommerce GATEWAY Why choose Worldpay Gateway? 1 2 3 Single integration allowing access to full suite of functionality Robust, global, high-capacity
More informationData Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.2 April 2016 2006-2016 PCI Security Standards Council, LLC. All Rights Reserved.
More informationGlobal Prepaid Card Market with Focus on The United States ( ) April 2016
Global Prepaid Card Market with Focus on The United States (2016-2020) April 2016 Global Prepaid Card Market Report Scope of the Report The report titled Global Prepaid Card Market with Focus on The United
More informationNOT-FOR- PROFIT SERVICES GROUP Client Information Bulletin
NOT-FOR- PROFIT SERVICES GROUP GUARDING AGAINST CYBERTHEFT The Problem: There has been an increase in electronic funds transfer (EFT) fraud being perpetrated on small to medium-size businesses in the past
More informationApplication Security at Scale
Jake Marcinko Standards Manager, PCI Security Standards Council Jeff Williams CTO, Contrast Security Application Security at Scale AppSec at Scale Delivering Timely Security Solutions / Services to Meet
More informationEvolution of Cyber Attacks
Update from the PCI Security Standards Council Troy Leach, CTO, PCI Security Standards Council Evolution of Cyber Attacks Viruses Worms Trojan Horses Custom Malware Advanced Persistent Threats 1 Modern
More informationISACA Kansas City Chapter PCI Data Security Standard v2.0 Overview
ISACA Kansas City Chapter PCI Data Security Standard v2.0 Overview February 10, 2011 Quick Overview RSM McGladrey, Inc. Greg Schu, Managing Director/Partner Kelly Hughes, Director When considered with
More informationMeeting PCI DSS 3.2 Compliance with RiskSense Solutions
Meeting PCI DSS 3.2 Compliance with Solutions Platform the industry s most comprehensive, intelligent platform for managing cyber risk. 2018, Inc. What s Changing with PCI DSS? Summary of PCI Business
More informationTHE EUROPEAN PAYMENTS LANDSCAPE IN THE DIGITAL ERA
THE EUROPEAN PAYMENTS LANDSCAPE IN THE DIGITAL ERA Ron Kalifa Vice Chairman Worldpay 27 June 2016 Worldpay 2015. All rights reserved. What is Worldpay? 42% UK market share 13.1 billion transactions processed
More informationINFORMATION SUPPLEMENT. Use of SSL/Early TLS for POS POI Terminal Connections. Date: June 2018 Author: PCI Security Standards Council
Use of SSL/Early TLS for POS POI Terminal Connections Date: Author: PCI Security Standards Council Table of Contents Introduction...1 Executive Summary...1 What is the risk?...1 What is meant by Early
More informationSection 3.9 PCI DSS Information Security Policy Issued: November 2017 Replaces: June 2016
Section 3.9 PCI DSS Information Security Policy Issued: vember 2017 Replaces: June 2016 I. PURPOSE The purpose of this policy is to establish guidelines for processing charges on Payment Cards to protect
More informationHow Your Organization Can Drive Success in the Age of Digital Disruption
How Your Organization Can Drive Success in the Age of Digital Disruption Produced by How Your Organization Can Drive Success in the Age of Digital Disruption Digital success isn t just about technology,
More informationInterim Report Q2/2016 Samu Konttinen, CEO SECOND QUARTER REVENUES INCREASE BY 11% FROM PREVIOUS YEAR
Interim Report Q2/216 Samu Konttinen, CEO SECOND QUARTER REVENUES INCREASE BY 11% FROM PREVIOUS YEAR AGENDA New CEO Highlights from Q2 Market update Business update Outlook Financials 2 SAMU KONTTINEN
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.2 April 2016 Section 1: Assessment Information Instructions for Submission
More informationGlobal Security Consulting Services, compliancy and risk asessment services
Global Security Consulting Services, compliancy and risk asessment services Introduced by Nadine Dereza Presented by Suheil Shahryar Director of Global Security Consulting Today s Business Environment
More informationVASCO Data Security International, Inc. NASDAQ: VDSI
VASCO Data Security International, Inc. NASDAQ: VDSI Senior Analyst: Zayda Romero Junior Analysts: Jackson Feder, Karan Mehra, Karen Rodriguez, Nick Tanabe, Smeet Patel 1 Agenda Recommendation Summary
More informationSimplify PCI Compliance
WHITE PAPER Simplify PCI Compliance An Affordable, Easy-to-Implement Approach Using Secure SD-WAN For most retailers, the technology burden of maintaining PCI compliance can be overwhelming. Hundreds of
More informationGo Cloud. VMware vcloud Datacenter Services by BIOS
Go Cloud VMware vcloud Datacenter Services by BIOS Is your IT infrastructure always in tune with your business? If a market opportunity suddenly arises, can your business respond in time? Or is the opportunity
More informationPayment Card Industry (PCI) Data Security Standard
Payment Card Industry (PCI) Data Security Standard Attestation of Compliance for Onsite Assessments Service Providers Version 3.2 April 2016 Section 1: Assessment Information Instructions for Submission
More informationThink big, think Brazil
Think big, think Brazil Expand in Brazil and around the world confidently, with Worldpay GLOBAL ACQUIRING - BRAZIL Brazil an exciting emerging ecommerce market With a population of 209.5 million1 and a
More informationPayment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire A and Attestation of Compliance
Payment Card Industry (PCI) Data Security Standard Self-Assessment Questionnaire A and Attestation of Compliance Card-not-present Merchants, All Cardholder Data Functions Fully Outsourced For use with
More informationPCI DSS Compliance for Healthcare
PCI DSS Compliance for Healthcare Best practices for securing payment card data In just five years, criminal attacks on healthcare organizations are up by a stunning 125%. 1 Why are these data breaches
More information