AJB Footnotes Winter 2014 The AJB Software Design community newsletter AJB @ NRF 2014, Javits Center, NY, NY IN THIS ISSUE SECURITY ISSUE Top Story: PA-DSS 3.0: What Merchants Need to Know PA-DSS 3.0: What Merchants Need to Know Simon Li, Manager, PCI Compliance, AJB Software Design Inc. With technology advancing in leaps and bounds, merchants are struggling to keep up with securing payment systems that work with EMV, Managed Payments Solutions mobile and social media. Combined with the complexities of PCI comHelp Secure Cardholder Data pliance, it is no wonder that retailers are looking to decrease the friction Keep Your Options Open While points required to annually validate their payment systems. Eliminating Scope at the POS Industry Buzz- Smart Card Alliance Payments Summit Partner Highlights Heartland Payment Systems Spotlight on AJB Larry Muldoon Vince Oppedisano Ron Singh AJB Events Calendar AJB In the News AJB Makes EMV Easy for J Crew Heartland Partners with AJB AP NRF Coverage Questions or comments? [email protected] As a result, the third major version of PCI’s Payment Application Data Security Standard (PA-DSS) was announced November 2013 with much anticipation by merchants & payment application vendors. The endgame of PA-DSS is to reduce the merchants pain-points in using a PADSS certified application to support their PCI-DSS efforts. Based on initial feedback from the QSA, merchant and vendor communities, the new standard takes big steps to address shortcomings of the previous PADSS 2.0 standard. Key new features include requirements for protection of card data in memory and more rigorous risk assessment processes. So when does PA-DSS 3.0 become effective and when do current PA-DSS 2.0 validated payment applications expire? Officially, merchants can start using PA-DSS 3.0 applications optionally on January 1, 2014. For netnew products, PA-DSS 3.0 is mandatory on January 1, 2015. Customers on existing payment products validated against PA-DSS 2.0 products, can use these products until October, 2016. Continued on Page 3 Missed a Technical Webinar? Email us today for a copy of a past presentation! [email protected] Recent Webinars A) Managed Service Options B) EMV in Retail AJB Footnotes Winter 2014 Managed Payments Solutions Help Secure Cardholder Data Travis Lee, Director of Strategic Partnerships and Product Marketing Transaction Network Services Consumers who provide merchants with their sensitive cardholder data are placing significant trust in them to protect it from unscrupulous individuals. However, as the number of cyber-attacks continues to grow, many merchants are still leaving themselves vulnerable. One of the easiest ways to secure and protect cardholder data is by using a PCI DSS certified managed payments solution which also offers point-to-point encryption and tokenization; a combination that when properly deployed can greatly reduce a merchant’s PCI-DSS scope. Travis Lee, Director of Strategic Relations and Product Marketing, and Umer Ayub, Vice President of Global Risk Management, at TNS, provide an insight into how these technologies can help merchants strengthen their payments infrastructure. Read our article in full here: http://www.tnsi.com/tnspay/tnspay-solution/tnspay-direct/ajb-newsletter-article-2 AJB IN THE NEWS AJB Makes EMV Easy for J Crew Heartland Partners with AJB to Reduce Transaction Costs for Merchants Associated Press NRF Coverage AJB @ NRF - Booth # 1561 The National Retail Federation’s “Retail’s BIG Show”, held in New York City, NY, brought together over 30,000 attendees to the Javits Center, including representatives from the AJB Sales and MARCOM team and our partner TNS. Always a pleasure to see our AJB community merchants at the show and meet with new prospective merchants alike. The 2014 show hosted more than 300 exhibiting organizations and was held January 12-15, 2014. See everyone next year in New York City. Spotlight on AJB: Larry Muldoon Position: Senior Technical Writer Years with AJB : 1 year, 6 months Upcoming: Create and manage documentation for new products and customers, in particular future Web Portal products, with intuitive online help documents as well as our standard printed resources. Quote: “Genius is the ability to reduce the complicated to the simple.” C. W. Ceram Personal Interests: Reading, baseball, and writing. 2 AJB Software Design Inc. 5255 Solar Drive Mississauga ON L4W 5B8 Canada Larry in the testing lab at the AJB head office in Mississauga, ON. ajbsoftware.com AJB Footnotes Winter 2014 AJB Events Calendar PCATS AGM - April 28-May 2 Loews Ventana Canyon Tucson, AZ Exchange 2015 - AJB users’s conference is a biennial event with our next planned conference targeted for late spring 2015. Stay tuned for more details! Other Upcoming events for AJB include SWPetro, NACS show, and NCR Synergy Spotlight on AJB: Vince Oppedisano Position: Senior Support Analyst Years With AJB: 6 years Upcoming: Continue to support customers and assist with daily issues. Quote: “You miss 100 percent of the shots you don’t take.” Wayne Gretzky Personal Interests: Vince enjoys travelling around the globe, as well as watching and playing sports including hockey, baseball,and football. Continued from Cover Both the PA-DSS and PCI-DSS are maturing, and the clarification of several requirements in version 3.0 reflects this. The new standards will allow customers to more thoroughly integrate their PA-DSS software into their PCIDSS assessments while reducing risk. AJB looks forward to delivering its first PA-DSS 3.0 products in 2014. For more information on PA-DSS 3.0 requirements and effective dates please see: http://www.ajbsoftware.com/News.aspx Keep Your Options Open While Eliminating Scope at the POS Phil Stead, Vice-President, Retail Systems, Reliant Taking the POS out of scope ultimately provides retail merchants with a secure, robust, and flexible payment architecture positioned for ongoing innovation. This involves isolating & removing all components involved in storing, processing & transmitting cardholder data from the POS workstations. The benefits include: •Singular Point Of Entry – all credit card entry occurs securely directly through the payment device for all electronically authorized tender types. •Payment Processor Flexibility – an open architecture ultimately provides both the lowest cost & highest value with any bank processor. •Payment System Innovation – New technologies can be on-boarded leveraging the same payment infrastructure at store level through a converged infrastructure strategy. •Payment Hardware Dexterity – select from any certified vendor payment device with reusable/upgradable security and not be locked in by a specific bank technology. Isolating the in-store payment processing environment ultimately provides dramatic scope reduction, hardware dexterity, innovation options and flexible bank processing. This strategy positions retail merchants for both a sustainable payment technology platform & a predictable cost structure for today’s complex technological landscape. To understand more about Reliant, strategies to take POS out of Scope – contact Phil Stead Vice President Of Retail Systems at [email protected] or at (646)867-1270. AJB Software Design Inc. 5255 Solar Drive Mississauga ON L4W 5B8 Canada ajbsoftware.com 3 AJB Footnotes Winter 2014 Industry Buzz- Smart Card Alliance Payments Summit Feb 5-7, Salt Lake City, Utah. Bohdan Myroniw, Director Business Development, AJB Software Design Earlier this month at the 7th Annual Smart Card Alliance Payments Summit, industry experts reviewed the implications of the current EMV plans for the USA. It was clear that merchants need to invest in new hardware and plan for enough time to get through the EMV certification cycle. Processors and acquirers will have to handle a lot of merchants’ certification requests ahead of the fast-approaching EMV October 2015 deadline. Discussions on PIN versus signature capture authentication methods for cardholder verification are still pending and dependent on individual bank issuers. The consensus in the room was that we will be supporting both methods. The EMV deadline is an opportunity to converge and layer other important payment initiatives. Specific consideration should be made to look at enhanced protection of the magnetic stripe with P2PE and tokenization efforts, to replace the PAN and additional de-scoping of the POS from PCI. These are safe harbor initiatives that enhance the protection of consumer card data that flows through the merchants’ infrastructure. The mobile track at the conference emphasized the need to consider mobile POS EMV hardware capabilities and RFID hardware capabilities. Future proofing involves looking ahead and seeing what contactless cards and mobile NFC payments can do. Merchants need to be aware that these mobile technologies are in the field today and customers will soon be coming to your store carrying them as forms of payment. For more information on any of the above please contact your AJB account executive for details. We value our people. Join Our Team Today Innovative Passionate Flexible http://www.ajbsoftware.com/company/careers.aspx Partner Highlights Spotlight on AJB: Heartland Payment Systems, Inc. (NYSE: HPY), the fifth largest payments processor in the United States, delivers credit/debit/prepaid card processing, mobile commerce, e-commerce, solutions, security, payroll solutions, and related business solutions and services to more than 275,000 business and educational locations nationwide. Position: Business Analyst Years with AJB: 1 year, 9 months Upcoming: Currently working on innovative mobile retail and petroleum solutions for major companies globally. Working across all levels of AJB and involved with initiatives ranging from defining strategy, creating the enterprise architecture, taking a leadership role by defining the goals and requirements for projects and programs or supporting continuous improvement in technology and processes. Interests: Travelling to exotic places, investing into the capital markets, playing sports and eating exotic foods. 4 Ron Singh AJB Software Design Inc. 5255 Solar Drive Mississauga ON L4W 5B8 Canada Quote: “We are what we repeatedly do. Excellence, then, is not an act but a habit.” Aristotle ajbsoftware.com
© Copyright 2024 ExpyDoc
