Presentation is loading. Please wait.

Presentation is loading. Please wait.

Payment Security Opportunities for Leadership & Growth Jeff Wakefield.

Similar presentations


Presentation on theme: "Payment Security Opportunities for Leadership & Growth Jeff Wakefield."— Presentation transcript:

1 Payment Security Opportunities for Leadership & Growth Jeff Wakefield

2 VeriFone Security Opportunities Pre-PED Product Market ChurnPre-PED Product Market Churn Reposition VeriFoneReposition VeriFone Sell Broader Array of SolutionsSell Broader Array of Solutions Become a ‘Trusted Advisor’Become a ‘Trusted Advisor’ Dominate the CompetitionDominate the Competition ProblemOpportunityProblemOpportunityProblemOpportunityProblemOpportunity

3 VeriFone PCI Solutions PIN PadsPIN Pads CountertopCountertop PortablePortable Multi-LaneMulti-Lane POSPOS UnattendedUnattended SoftwareSoftware

4 VeriFone PCI Product Dominance

5 Why VeriFone Supports Standards? VeriFone Has Resources to Support StandardsVeriFone Has Resources to Support Standards Industry BenefitsIndustry Benefits –Enables Better Overall Solution Development –Reduces Overall Implementation Industry Costs –Provides Confidence in the Payment Chain Retailer BenefitsRetailer Benefits –Reduces Integration Costs –Provides Higher Value Solutions –Reduces Proprietary Solutions –Reduces Risk of Data Breaches –Eases Payment Standards Compliance VeriFone Standards Participation PCI Security Standards Council IFSF PCATS: Chair – Payment Systems X9: ANSI Committee W3C: XML Schema Working Group XML Forms Initiative EBT, WIC, ECC

6 Why VeriFone Supports Standards? VeriFone BenefitsVeriFone Benefits –Raise Barrier to Market Entry –R&D Investment Builds Portfolio Advantages –Provides Opportunity to Become Security Vendor –Raises the Competitive Bar –Establish & Maintain Payment Leadership Position

7 VeriFone Security Leadership As Industry Leader It Is Our Responsibility to Solve Industry ProblemsAs Industry Leader It Is Our Responsibility to Solve Industry Problems –Member of PCI Security Standards Council Board of Advisors –Published PIN PAD Security Best Practices –Secure Retail Payments Website –Payment Security Newsletter –Retail Payments Security Conference –New Products & Services

8 PIN Pad Security Best Practices PIN PAD Security Best Practices 1.Weekly Visual Terminal Inspections 2.Serial Number Validation 3.Monitor Pin Pad Problems 4.Secure Terminal Storage 5.Terminal Asset Tracking 6.Repair Technician Verification & Log 7.Mount PIN Pads Securely to Counter 8.Electronic Serial Number Validation 9.Change Default PIN Pad Password 10.Purchase From Authorized Sources 11.Use Authorized Repair Centers 12.Develop a Response Plan! There is a Gap in PIN Pad SecurityThere is a Gap in PIN Pad Security Need Better PIN Pad ControlsNeed Better PIN Pad Controls –Physical Control –Logical Control –Access Control

9 www.secureretailpayments.com VeriFone Secure Retail Payments

10 Email: PaymentSecurity@VeriFone.com to subscribePaymentSecurity@VeriFone.com Secure Retail Payments Newsletter

11 Retail Payments Conference

12 New Security Products & Services Compliance Reporting - TrustwaveCompliance Reporting - Trustwave Compliance Monitoring - ArcSightCompliance Monitoring - ArcSight Secure Terminal RetirementSecure Terminal Retirement Terminal Security AuditTerminal Security Audit Tamper Resistant ShippingTamper Resistant Shipping Locking PIN Pad StandLocking PIN Pad Stand Payment ProductPayment Product $

13 Need To Eliminate Skimming Consumers Handing Their Cards to Clerks & Waiters Remains a ProblemConsumers Handing Their Cards to Clerks & Waiters Remains a Problem As An Industry We Need to Either:As An Industry We Need to Either: –Develop Solutions and Operating Rules to Eliminate Card Handover Or Or –Make The Information Obtained by Criminals Not Valuable

14

15 Degree of Security RetailRestaurantPetro Fuel Dispenser Organized Crime Focus 0% 100% “Using a credit card at a gas station could pose more of a risk for data theft than shopping online, as point-of-sale (POS) terminals at the pump have emerged as a weak link in the security chain” - Gartner Group Fuel Pump Fraud Increases

16 “Secure PumpPAY” Launch at NACSLaunch at NACS OP4100 & PrinterOP4100 & Printer Retrofit Kits for PumpsRetrofit Kits for Pumps PAYware Device & ContentPAYware Device & Content 900,000 Million Fuel Points900,000 Million Fuel Points TDES by 2010TDES by 2010

17 PCI’s Biggest Shortcoming Our System Requires Sensitive DataOur System Requires Sensitive Data We Are Building Higher Walls & Wider MoatsWe Are Building Higher Walls & Wider Moats As Long As The Gold is There, Criminals Will Target Retail LocationsAs Long As The Gold is There, Criminals Will Target Retail Locations An Industry-wide Initiative is Required to Eliminate Data That Has Criminal ValueAn Industry-wide Initiative is Required to Eliminate Data That Has Criminal Value

18 Merchant Compliance Issue Store Back Office Payment Processor In-store LAN Home Office WAN Consumer Facing Devices POS Local Area Network POS Cash Register Home office Server Enterprise Wide Area Network Store Back Office Server Must Protect:

19 Retailer’s PCI DSS Challenge PCI DSS compliance issues will continue to evolve and as such, represent an ever-increasing cost for Retailers to remain compliant with current industry standards.PCI DSS compliance issues will continue to evolve and as such, represent an ever-increasing cost for Retailers to remain compliant with current industry standards. As long as Consumer Card data resides in Retail Systems, organized crime will continue to focus their data breach efforts on Retailers to obtain that valuable Card data.As long as Consumer Card data resides in Retail Systems, organized crime will continue to focus their data breach efforts on Retailers to obtain that valuable Card data. The solution lies in protecting Consumer Card data before it enters the Retailers payment systems for processing.The solution lies in protecting Consumer Card data before it enters the Retailers payment systems for processing.

20 PCI Compliance: The Elusive Goal Successful compromises of customer card data are increasing.Successful compromises of customer card data are increasing. The costs associated with these compromises are extremely highThe costs associated with these compromises are extremely high Retailers have the responsibility to protect critical consumer data and are dependent on a number of disparate systems for their POS and EFT solution.Retailers have the responsibility to protect critical consumer data and are dependent on a number of disparate systems for their POS and EFT solution. Costs associated with the changes to these disparate payment systems required to protect this data impact the retailer several ways:Costs associated with the changes to these disparate payment systems required to protect this data impact the retailer several ways: –Certification Cost –Manpower –Opportunity Cost (usurp other projects) Certification costs associated with PCI DSS compliance are expensive and very time consuming and resource intensive.Certification costs associated with PCI DSS compliance are expensive and very time consuming and resource intensive.

21 The VeriShield DSS™ Solution VeriShield DSS™protects Retailers by encrypting Consumer Card data before it enters the Retailers pos & payment systems Encrypt critical card data in the PIN Pad/TerminalEncrypt critical card data in the PIN Pad/Terminal Completely “cloaks” critical information that protects Mag Stripe data, even if it ends up in the wrong handsCompletely “cloaks” critical information that protects Mag Stripe data, even if it ends up in the wrong hands No changes required at the POS … transaction “Looks” exactly the same to POS but Consumer Card data is completely protected.No changes required at the POS … transaction “Looks” exactly the same to POS but Consumer Card data is completely protected. Few (if any) changes are required at the Retailers host for decryption, depending on the Retailers environmentFew (if any) changes are required at the Retailers host for decryption, depending on the Retailers environment Solution supports cost savings measures offered by PIN encouragement/BIN Management without compromiseSolution supports cost savings measures offered by PIN encouragement/BIN Management without compromise

22 How it works in the terminal When a card is read, unique algorithms encrypt card data while preserving essential portions for specific purposesWhen a card is read, unique algorithms encrypt card data while preserving essential portions for specific purposes –ISO Prefix for PIN Encouragement –Last 4 digits for receipt printing –DUKPT V eri- S hield

23 VeriShield DSS™ Magstripe Encryption Store Back Office Payment Processor In-store LAN Encryption Gateway WAN VeriShield™ DSS VeriShield™ Encrypted Cardholder Information Outside of Merchant Enterprise Responsibility to Manage Secret Keys Outside of Retailers Enterprise

24 VeriShield DSS™ Benefits VeriShield easily secures critical Consumer Card data even if compromisedVeriShield easily secures critical Consumer Card data even if compromised No changes required to the Retailer POS for easy and quick implementationNo changes required to the Retailer POS for easy and quick implementation Instantly achieves a higher standard of security with little if any developmentInstantly achieves a higher standard of security with little if any development Reduces efforts to become and maintain for PCI DSS complianceReduces efforts to become and maintain for PCI DSS compliance Positions VeriFone as the Leader in Secure Payment SolutionsPositions VeriFone as the Leader in Secure Payment Solutions

25 VeriFone As A Trusted Advisor Recurring Business Increasing Margins Sales Level 4 3 2 1 Commodity-Based Project-Based Consultation-Based Trusted Advisor

26 Thank You

27 PAY at the Table Mobile Payments America’s Growth Opportunities WirelessSecurity PCI Compliance Contactless Contactless is paving the road for Mobile Phone Payments and Consumers will finally “get it” VeriFone is already delivering this infrastructure Bringing secure payments & PIN debit to the table has real benefits VeriFone has solutions at the ready for any size restaurant Security is an enormous issue for issuers, acquirers and merchants VeriFone is taking on the role of Trusted Advisor and is delivering comprehensive products and solutions

28


Download ppt "Payment Security Opportunities for Leadership & Growth Jeff Wakefield."

Similar presentations


Ads by Google