Volume 5, Issue 1 Payment Processing News from Shift4 Corporation August 2005
   

With the rise in credit card data theft, increasing financial fines and the approaching deadlines for compliance, the security of transaction processing has never been more important. That is why Shift4 is sponsoring this year's Transaction Security Summit, with two distinct and detailed tracks, one for merchants and one for payment applications (point-of-sale and property management systems).

This unique program is designed to offer payment applications and merchants a first hand look at how to obtain, maintain and certify the security of their payment solutions. The Payment Application Track will focus on the Payment Application Best Practice (PABP) guidelines. PABP was developed by Visa to address security and the risks associated with varying payment applications (point-of-sale or property management systems). To be considered secure, these applications must not retain full magnetic stripe data or CVV2 data and must support a merchant's ability to comply with PCI DSS requirements.

The card associations do not currently require the payment applications to certify compliance with the PABP standards. However, POS and PMS systems are being pressured by merchants, who need the systems to comply with PABP regulations in order for the merchant to pass their own certification. POS/PMS companies are also being pressured by processors, who are requiring payment applications to validate their compliance with PABP in order to maintain their certification to the processors and continue to be able to send transactions from their merchants to these processors for authorization and settlement. The industry's largest processor is requiring validation by October 1, 2005. The summit will delve into the specifics of the PABP regulations and the in-depth assessment process required for validation.

Presenters include a variety of industry security experts, including Chris Mark from MasterCard, Wen Free from Security Metrics (one of just a handful of security audit companies qualified to do both PABP and PCI DSS certifications) and D.J. Vogel, a leading forensic expert on credit card data theft and fraud who worked directly with the card association on the development of the security regulations. Other speakers include individuals from law enforcement, leading corporate law firms, banks and processors.

The event is $299 for the first attendee from your company and $199 for each additional attendee. The event will be held at the beautiful JW Marriott Las Vegas.

As you will see from the agenda outlined below, we are covering a lot of information, so sessions will run 9:00 am to 5:00 pm on both days. Please plan your travel accordingly.

Working Agenda for Merchants

  • Live Hack Demo – This exciting, interactive session will show attendees just how vulnerable their systems are.
  • Forensics – CSI for credit card data. A detailed look at what happens when there is a breach and the clues experts follow to find the culprit and trace the data.
  • Payment Application PABP Validation – A 2 ½ hour seminar that looks at the nuts and bolts of the PABP guidelines
    • What it is
    • Deadlines
    • How it works
    • Costs
    • What to do to prepare
  • Legacy Systems –What payment applications can do to upgrade the security of their legacy applications
    • Protecting merchants
    • Migration paths
    • Patches/fixes
    • Why merchants are pushing you now
  • The Processor Perspective
    • The importance of regulations
    • Why processors are pushing for certification now
    • What it means if you're not certified
  • Gift Card Security
    • The unique security issues surrounding gift card
  • Legal
    • How to protect yourself against litigation
  • How a gateway can help payment applications obtain and maintain the right level of security
    • Using a gateway to store data
    • Faster certification
    • Changing regulations

The summit is designed to be an in-depth program that will provide you with all the tools and resources you need to complete your certification. If you have any questions about this event, please call (702) 938-3439 to speak with Christa Kelly. The online registration for this summit, as well as further information, can be found on the Shift4 website . Please note that attendance is limited to the first 350 registrants, so sign up today.

Continued
Page 1 2 3 Printer Friendly Version