SlideShare une entreprise Scribd logo

PCI FAQs and Myths

B
BluePayProcessing

Learn about the importance of PCI compliance.

Business
1  sur  14
Télécharger pour lire hors ligne
PCI FAQS AND MYTHS Presented by BluePay
When your business — no matter its size — began accepting credit card payments, it immediately became a potential target for data thieves. Much more is at risk than your customers’ sensitive information, however. If you aren’t employing the best industry practices to protect that data, your business could face fines, lose the ability to accept credit and debit card payments, and jeopardize its credibility. To help protect consumers’ credit card information from data thieves, the Payment Card Industry Security Standards Council created data security standards that businesses must follow to be in compliance. The cost of noncompliance can be staggering. The bank that processes your payments could be fined $5,000 to $100,000 per month by the credit card companies — amounts likely to be passed along to you — until the business is following the requirements. Your bank also could raise the fees it charges to process your business’s transactions, or stop handling them altogether. (Check your account agreement with the bank.) Your business also might have to cover the cost if the bank has to issue new cards to customers whose data has been compromised — and who could become former customers if there has been a data breach. Finally, your business also may be liable for losses due to fraud and other financial losses. THE IMPORTANCE OF PCI COMPLIANCE PCI FAQS AND MYTHS BLUEPAY | 2
TABLE OF CONTENTS FAQ 1: What are the PCI compliance levels and how are they determined? 4 FAQ 2: My business has multiple locations; is each location required to validate PCI compliance? 5 FAQ 3: Am I PCI compliant if I have an SSL certificate? 6 FAQ 4: What is a vulnerability scan? 7 FAQ 5: Are debit card transactions in scope for PCI? 8 MYTH 1: I’m a small merchant who takes only a handful of cards, so I don’t need PCI. 9 MYTH 2: PCI applies only to e-commerce companies. 10 MYTH 3: I can wait until my business grows. 11 MYTH 4: Outsourcing card processing makes us compliant. 12 MYTH 5: PCI compliance is an IT project. 13 PCI FAQS AND MYTHS BLUEPAY | 3
FAQ 1: WHAT ARE THE PCI COMPLIANCE LEVELS AND HOW ARE THEY DETERMINED? There are four levels of PCI compliance as determined by Visa and Mastercard. These levels are based on the transaction volume (including credit, debit and prepaid) over a 12-month period. Merchants that have been affected by a security breach that resulted in compromised card data may be escalated to the next level. Merchant Level Description LEVEL 1: Any merchant processing more than $6 million Visa and/or Mastercard transactions per year. LEVEL 2: Any merchant processing $1 million to $6 million Visa and/or Mastercard transactions per year. LEVEL 3: Any merchant processing $20,000 to $1 million Visa and/or Mastercard e-commerce transactions per year. LEVEL 4: Any merchant processing less than $20,000 Visa and/or Mastercard e-commerce transactions per year, and all other merchants processing up to $1 million Visa and/or Mastercard transactions per year. PCI FAQS AND MYTHS BLUEPAY | 4
FAQ 2: MY BUSINESS HAS MULTIPLE LOCATIONS; IS EACH LOCATION REQUIRED TO VALIDATE PCI COMPLIANCE? Best practices would be to certify each merchant ID (MID) number individually. Some businesses choose to certify by multiple MID numbers under one entity. However, if multiple locations are certified under one entity and a compromise were to occur, all MID numbers are subject to forensic investigation (versus only the identified MID). PCI FAQS AND MYTHS BLUEPAY | 5
FAQ 3: AM I PCI COMPLIANT IF I HAVE AN SSL CERTIFICATE? As of June 30, 2018, the Payment Card Industry Security Standards Council issued a mandatory security upgrade to disable SSL and early versions of TLS and update systems to TLS 1.2. SSL is no longer allowed for PCI compliance and should be considered permanently broken, from a security perspective. Used widely online, TLS is a cryptopgraphic protocol used to establish a secure communication channel between two systems. Updating to TLS 1.2 is just one piece of the puzzle to becoming PCI compliant. PCI FAQS AND MYTHS BLUEPAY | 6
A vulnerability scan is an automated tool that conducts a nonintrusive scan of a merchant or service provider’s system to remotely review networks and Web applications based on the external-facing Internet protocol (IP) addresses provided by the merchant or service provider. The scan pinpoints vulnerabilities in operating systems, services and devices that could be used by hackers to target the company’s private network. Approved Scanning Vendors (ASVs) do not require the merchant or service provider to install any software on their systems, and no denial-of-service attacks will be performed. The terms ASV and QSA (Qualified Security Assessor) may seem interchangeable, but they are really two separate entities. While the ASV scans websites hosting or processing PCI data, a QSA is a company or an employee of the QSA company that audits PCI environments. FAQ 4: WHAT IS A VULNERABILITY SCAN? PCI FAQS AND MYTHS BLUEPAY | 7
Any debit, credit and prepaid cards branded with one of the five card association/brand logos that participate in the PCI SSC — American Express, Discover, JCB International, Mastercard and Visa — are within scope. FAQ 5: ARE DEBIT CARD TRANSACTIONS IN SCOPE FOR PCI? PCI FAQS AND MYTHS BLUEPAY | 8
Merchants are divided into four categories based on the number of card transactions handled in a 12-month period, but all must meet PCI requirements, regardless of their size-level designation. Smaller merchants do face fewer validation requirements, however. For a Level 4 merchant (processing fewer than $20,000 in e-commerce transactions or up to $1 million in transactions overall), an annual self-assessment questionnaire is recommended and a network scan by an approved vendor is to be performed quarterly if applicable, but the requirements of the bank handling the merchant’s transactions still must be met for the business to be in compliance. MYTH 1: I’M A SMALL MERCHANT WHO TAKES ONLY A HANDFUL OF CARDS, SO I DON’T NEED PCI. PCI FAQS AND MYTHS BLUEPAY | 9
MYTH 2: PCI APPLIES ONLY TO E-COMMERCE COMPANIES. Whether your business handles one transaction or hundreds of credit/debit card purchases per day, it is subject to the PCI Data Security Standards, regardless of whether the transactions are electronic, in person or by phone. The requirements apply to your business if any customer ever pays you directly using a debit or credit card. PCI FAQS AND MYTHS BLUEPAY | 10
MYTH 3: I CAN WAIT UNTIL MY BUSINESS GROWS. As previously noted, a business of any size that processes a credit or debit card transaction is subject to PCI compliance. If you think your business is too small to attract a hacker, consider this: In Ponemon Institute’s annual State of Cybersecurity in Small and Medium-Sized Businesses (SMB) report, 61 percent of the businesses surveyed experienced a cyber attack in 2017. Additionally, 54 percent reported a data breach involving sensitive customer and employee information. Due to these incidents, these companies spent an average of $1,027,053 because of damage or theft of assets. In addition, disruption to normal business operations cost an average of $1,207,965. Source: https://csrps.com/Media/Default/2017%20Reports/2017-Ponemon-State-of-Cybersecurity-in-Small-and-Medium-Sized- Businesses-SMB.pdf PCI FAQS AND MYTHS BLUEPAY | 11
Relying on an outside vendor does not ensure that your business is PCI compliant. Outsourcing could reduce your risk and make it easier to prove that your business is compliant, but much like with paying your taxes to the IRS, relying on an external “expert” does not relieve your accountability. MYTH 4: OUTSOURCING CARD PROCESSING MAKES US COMPLIANT. PCI FAQS AND MYTHS BLUEPAY | 12
Any temptation to shift the entire burden of PCI compliance onto the IT staff could prove costly. While IT can set up, run and test programs, compliance is an ongoing task. Rules change and regular assessments are needed, and with so much at stake from financial and reputation standpoints, your entire organization is affected. MYTH 5: PCI COMPLIANCE IS AN IT PROJECT. PCI FAQS AND MYTHS BLUEPAY | 13
BluePay, Naperville, IL (Note: BluePay has multiple offices nationwide and in Canada; corporate headquarters is in Naperville) www.bluepay.com 866-444-6216 (sales, toll free) 866-739-8324 (U.S. merchant, toll free) BluePay, a First Data company, is a leading provider of technology-enabled payment processing for merchants in the United States and Canada. Through physical POS, online, and mobile interfaces, as well as CRM and ERP software integrations, BluePay processes business-to-consumer and business-to-business payments while providing real-time settlement, reporting, and reconciliation, along with robust security features such as tokenization and point-to-point encryption. BluePay is headquartered in Illinois, with offices in Maryland, Mississippi, New York, and Toronto, Canada. THIS PRESENTATION IS BROUGHT TO YOU BY BLUEPAY.

Recommandé

PCI FAQs and Myths - BluePay
PCI FAQs and Myths - BluePayPCI FAQs and Myths - BluePay
PCI FAQs and Myths - BluePayBluePayProcessing
 
How to Start Payment Gateway Business in India
How to Start Payment Gateway Business in IndiaHow to Start Payment Gateway Business in India
How to Start Payment Gateway Business in IndiaMyOnlineCA.in
 
Why the Right Merchant Account is Vital to Business Growth
Why the Right Merchant Account is Vital to Business GrowthWhy the Right Merchant Account is Vital to Business Growth
Why the Right Merchant Account is Vital to Business GrowthInsideUp
 
Everything You Need to Know About Taking Plastic
Everything You Need to Know About Taking PlasticEverything You Need to Know About Taking Plastic
Everything You Need to Know About Taking PlasticBusiness.com
 
MTBiz May-June 2019
MTBiz May-June 2019 MTBiz May-June 2019
MTBiz May-June 2019 Mutual Trust Bank Ltd.
 
[Slideshare] Evolution of B2B Payments
[Slideshare] Evolution of B2B Payments[Slideshare] Evolution of B2B Payments
[Slideshare] Evolution of B2B PaymentsAvidXchangeAutomation
 
Small_Merchant_Guide_to_Safe_Payments
Small_Merchant_Guide_to_Safe_PaymentsSmall_Merchant_Guide_to_Safe_Payments
Small_Merchant_Guide_to_Safe_PaymentsSteve Abrams
 
Deloitte B2B Payments 2015 Report
Deloitte B2B Payments 2015 ReportDeloitte B2B Payments 2015 Report
Deloitte B2B Payments 2015 ReportRichard Miller
 

Recommandé

PCI FAQs and Myths - BluePay
PCI FAQs and Myths - BluePayPCI FAQs and Myths - BluePay
PCI FAQs and Myths - BluePayBluePayProcessing
 
How to Start Payment Gateway Business in India
How to Start Payment Gateway Business in IndiaHow to Start Payment Gateway Business in India
How to Start Payment Gateway Business in IndiaMyOnlineCA.in
 
Why the Right Merchant Account is Vital to Business Growth
Why the Right Merchant Account is Vital to Business GrowthWhy the Right Merchant Account is Vital to Business Growth
Why the Right Merchant Account is Vital to Business GrowthInsideUp
 
Everything You Need to Know About Taking Plastic
Everything You Need to Know About Taking PlasticEverything You Need to Know About Taking Plastic
Everything You Need to Know About Taking PlasticBusiness.com
 
MTBiz May-June 2019
MTBiz May-June 2019 MTBiz May-June 2019
MTBiz May-June 2019 Mutual Trust Bank Ltd.
 
[Slideshare] Evolution of B2B Payments
[Slideshare] Evolution of B2B Payments[Slideshare] Evolution of B2B Payments
[Slideshare] Evolution of B2B PaymentsAvidXchangeAutomation
 
Small_Merchant_Guide_to_Safe_Payments
Small_Merchant_Guide_to_Safe_PaymentsSmall_Merchant_Guide_to_Safe_Payments
Small_Merchant_Guide_to_Safe_PaymentsSteve Abrams
 
Deloitte B2B Payments 2015 Report
Deloitte B2B Payments 2015 ReportDeloitte B2B Payments 2015 Report
Deloitte B2B Payments 2015 ReportRichard Miller
 
MensWearhouse_3728
MensWearhouse_3728MensWearhouse_3728
MensWearhouse_3728Bradley Jones
 
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds DissectedEconomic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissectedamiable_indian
 
Payment card industry data security standard 1
Payment card industry data security standard 1Payment card industry data security standard 1
Payment card industry data security standard 1wardell henley
 
ECMTA 2009 PCI Compliance and the Ecommerce Merchant
ECMTA 2009 PCI Compliance and the Ecommerce MerchantECMTA 2009 PCI Compliance and the Ecommerce Merchant
ECMTA 2009 PCI Compliance and the Ecommerce MerchantMelanie Beam
 
PCI Compliance - How To Keep Your Business Safe From Credit Card Criminals
PCI Compliance - How To Keep Your Business Safe From Credit Card CriminalsPCI Compliance - How To Keep Your Business Safe From Credit Card Criminals
PCI Compliance - How To Keep Your Business Safe From Credit Card CriminalsFit Small Business
 
Business Identity Theft
Business Identity TheftBusiness Identity Theft
Business Identity Theft- Mark - Fullbright
 
Everything You Need to Know About Virtual Credit Cards
Everything You Need to Know About Virtual Credit CardsEverything You Need to Know About Virtual Credit Cards
Everything You Need to Know About Virtual Credit CardsRon Griswold
 
Payment Gateway
Payment GatewayPayment Gateway
Payment GatewayNyros Technologies
 
Factors to Consider While Choosing a Payment Gateway Provider
Factors to Consider While Choosing a Payment Gateway ProviderFactors to Consider While Choosing a Payment Gateway Provider
Factors to Consider While Choosing a Payment Gateway ProviderAlaina Carter
 
Ronghan Group how we works
Ronghan Group how we worksRonghan Group how we works
Ronghan Group how we worksRonghan Group
 
Navigating Payment Processing | Jay Wigdore
Navigating Payment Processing | Jay Wigdore Navigating Payment Processing | Jay Wigdore
Navigating Payment Processing | Jay WigdoreJayWigdore
 
Age Verificationn in the Alcohol industry
Age Verificationn in the Alcohol industry Age Verificationn in the Alcohol industry
Age Verificationn in the Alcohol industry BrandonRuse1
 
Payment Gateway Integration: Growth Strategy for SAAS
Payment Gateway Integration: Growth Strategy for SAASPayment Gateway Integration: Growth Strategy for SAAS
Payment Gateway Integration: Growth Strategy for SAASWayne Akey
 
Introduction to B2B Electronic Payments
Introduction to B2B Electronic PaymentsIntroduction to B2B Electronic Payments
Introduction to B2B Electronic PaymentsGriffin McGahey
 
Mobile payment solutions pp.
Mobile payment solutions pp. Mobile payment solutions pp.
Mobile payment solutions pp. Gary Diego
 
Payment Gateways in Kuwait - 2014 Update
Payment Gateways in Kuwait - 2014 UpdatePayment Gateways in Kuwait - 2014 Update
Payment Gateways in Kuwait - 2014 UpdateBurhan Khalid
 
Fintech - MSME lending score card template for flow based lending
Fintech - MSME lending score card template for flow based lendingFintech - MSME lending score card template for flow based lending
Fintech - MSME lending score card template for flow based lendingFreelancer -Fintech and Blockchain consultant
 
Money Laundering in the Art, Collectibles, and Luxury Goods Industry
Money Laundering in the Art, Collectibles, and Luxury Goods IndustryMoney Laundering in the Art, Collectibles, and Luxury Goods Industry
Money Laundering in the Art, Collectibles, and Luxury Goods IndustryBrandonRuse1
 
Virtual Credit Cards
Virtual Credit Cards Virtual Credit Cards
Virtual Credit Cards OnPay Solutions
 
Payment Gateway History: An interview with the Inventor
Payment Gateway History: An interview with the InventorPayment Gateway History: An interview with the Inventor
Payment Gateway History: An interview with the InventorWayne Akey
 
Pci compliance
Pci compliancePci compliance
Pci compliancepcihghg23
 
PCI Compliance Process
PCI Compliance ProcessPCI Compliance Process
PCI Compliance ProcessBluePayProcessing
 

Contenu connexe

Tendances

Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds DissectedEconomic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissectedamiable_indian
 
Payment card industry data security standard 1
Payment card industry data security standard 1Payment card industry data security standard 1
Payment card industry data security standard 1wardell henley
 
ECMTA 2009 PCI Compliance and the Ecommerce Merchant
ECMTA 2009 PCI Compliance and the Ecommerce MerchantECMTA 2009 PCI Compliance and the Ecommerce Merchant
ECMTA 2009 PCI Compliance and the Ecommerce MerchantMelanie Beam
 
PCI Compliance - How To Keep Your Business Safe From Credit Card Criminals
PCI Compliance - How To Keep Your Business Safe From Credit Card CriminalsPCI Compliance - How To Keep Your Business Safe From Credit Card Criminals
PCI Compliance - How To Keep Your Business Safe From Credit Card CriminalsFit Small Business
 
Everything You Need to Know About Virtual Credit Cards
Everything You Need to Know About Virtual Credit CardsEverything You Need to Know About Virtual Credit Cards
Everything You Need to Know About Virtual Credit CardsRon Griswold
 
Factors to Consider While Choosing a Payment Gateway Provider
Factors to Consider While Choosing a Payment Gateway ProviderFactors to Consider While Choosing a Payment Gateway Provider
Factors to Consider While Choosing a Payment Gateway ProviderAlaina Carter
 
Ronghan Group how we works
Ronghan Group how we worksRonghan Group how we works
Ronghan Group how we worksRonghan Group
 
Navigating Payment Processing | Jay Wigdore
Navigating Payment Processing | Jay Wigdore Navigating Payment Processing | Jay Wigdore
Navigating Payment Processing | Jay WigdoreJayWigdore
 
Age Verificationn in the Alcohol industry
Age Verificationn in the Alcohol industry Age Verificationn in the Alcohol industry
Age Verificationn in the Alcohol industry BrandonRuse1
 
Payment Gateway Integration: Growth Strategy for SAAS
Payment Gateway Integration: Growth Strategy for SAASPayment Gateway Integration: Growth Strategy for SAAS
Payment Gateway Integration: Growth Strategy for SAASWayne Akey
 
Introduction to B2B Electronic Payments
Introduction to B2B Electronic PaymentsIntroduction to B2B Electronic Payments
Introduction to B2B Electronic PaymentsGriffin McGahey
 
Mobile payment solutions pp.
Mobile payment solutions pp. Mobile payment solutions pp.
Mobile payment solutions pp. Gary Diego
 
Payment Gateways in Kuwait - 2014 Update
Payment Gateways in Kuwait - 2014 UpdatePayment Gateways in Kuwait - 2014 Update
Payment Gateways in Kuwait - 2014 UpdateBurhan Khalid
 
Money Laundering in the Art, Collectibles, and Luxury Goods Industry
Money Laundering in the Art, Collectibles, and Luxury Goods IndustryMoney Laundering in the Art, Collectibles, and Luxury Goods Industry
Money Laundering in the Art, Collectibles, and Luxury Goods IndustryBrandonRuse1
 
Payment Gateway History: An interview with the Inventor
Payment Gateway History: An interview with the InventorPayment Gateway History: An interview with the Inventor
Payment Gateway History: An interview with the InventorWayne Akey
 

Tendances (20)

MensWearhouse_3728
MensWearhouse_3728MensWearhouse_3728
MensWearhouse_3728
 
Economic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds DissectedEconomic offenses through Credit Card Frauds Dissected
Economic offenses through Credit Card Frauds Dissected
 
Payment card industry data security standard 1
Payment card industry data security standard 1Payment card industry data security standard 1
Payment card industry data security standard 1
 
ECMTA 2009 PCI Compliance and the Ecommerce Merchant
ECMTA 2009 PCI Compliance and the Ecommerce MerchantECMTA 2009 PCI Compliance and the Ecommerce Merchant
ECMTA 2009 PCI Compliance and the Ecommerce Merchant
 
PCI Compliance - How To Keep Your Business Safe From Credit Card Criminals
PCI Compliance - How To Keep Your Business Safe From Credit Card CriminalsPCI Compliance - How To Keep Your Business Safe From Credit Card Criminals
PCI Compliance - How To Keep Your Business Safe From Credit Card Criminals
 
Business Identity Theft
Business Identity TheftBusiness Identity Theft
Business Identity Theft
 
Everything You Need to Know About Virtual Credit Cards
Everything You Need to Know About Virtual Credit CardsEverything You Need to Know About Virtual Credit Cards
Everything You Need to Know About Virtual Credit Cards
 
Payment Gateway
Payment GatewayPayment Gateway
Payment Gateway
 
Factors to Consider While Choosing a Payment Gateway Provider
Factors to Consider While Choosing a Payment Gateway ProviderFactors to Consider While Choosing a Payment Gateway Provider
Factors to Consider While Choosing a Payment Gateway Provider
 
Ronghan Group how we works
Ronghan Group how we worksRonghan Group how we works
Ronghan Group how we works
 
Navigating Payment Processing | Jay Wigdore
Navigating Payment Processing | Jay Wigdore Navigating Payment Processing | Jay Wigdore
Navigating Payment Processing | Jay Wigdore
 
Age Verificationn in the Alcohol industry
Age Verificationn in the Alcohol industry Age Verificationn in the Alcohol industry
Age Verificationn in the Alcohol industry
 
Payment Gateway Integration: Growth Strategy for SAAS
Payment Gateway Integration: Growth Strategy for SAASPayment Gateway Integration: Growth Strategy for SAAS
Payment Gateway Integration: Growth Strategy for SAAS
 
Introduction to B2B Electronic Payments
Introduction to B2B Electronic PaymentsIntroduction to B2B Electronic Payments
Introduction to B2B Electronic Payments
 
Mobile payment solutions pp.
Mobile payment solutions pp. Mobile payment solutions pp.
Mobile payment solutions pp.
 
Payment Gateways in Kuwait - 2014 Update
Payment Gateways in Kuwait - 2014 UpdatePayment Gateways in Kuwait - 2014 Update
Payment Gateways in Kuwait - 2014 Update
 
Fintech - MSME lending score card template for flow based lending
Fintech - MSME lending score card template for flow based lendingFintech - MSME lending score card template for flow based lending
Fintech - MSME lending score card template for flow based lending
 
Money Laundering in the Art, Collectibles, and Luxury Goods Industry
Money Laundering in the Art, Collectibles, and Luxury Goods IndustryMoney Laundering in the Art, Collectibles, and Luxury Goods Industry
Money Laundering in the Art, Collectibles, and Luxury Goods Industry
 
Virtual Credit Cards
Virtual Credit Cards Virtual Credit Cards
Virtual Credit Cards
 
Payment Gateway History: An interview with the Inventor
Payment Gateway History: An interview with the InventorPayment Gateway History: An interview with the Inventor
Payment Gateway History: An interview with the Inventor
 

Similaire à PCI FAQs and Myths

Pci compliance
Pci compliancePci compliance
Pci compliancepcihghg23
 
PCI Compliance for Payment Security
PCI Compliance for Payment SecurityPCI Compliance for Payment Security
PCI Compliance for Payment SecurityPaymentAsia
 
eCommerce Summit Atlanta Mountain Media
eCommerce Summit Atlanta Mountain MediaeCommerce Summit Atlanta Mountain Media
eCommerce Summit Atlanta Mountain MediaeCommerce Merchants
 
PCI_Presentation_OASIS
PCI_Presentation_OASISPCI_Presentation_OASIS
PCI_Presentation_OASISDermot Clarke
 
When does a company need to be PCI compliant
When does a company need to be PCI compliantWhen does a company need to be PCI compliant
When does a company need to be PCI compliantDivya Kothari
 
Introduction To SAQ 4 U
Introduction To SAQ 4 UIntroduction To SAQ 4 U
Introduction To SAQ 4 URAlcala65
 
How Credit Card Processing Works
How Credit Card Processing WorksHow Credit Card Processing Works
How Credit Card Processing WorksBusiness.com
 
Merchant Services Audit 03 2011
Merchant Services Audit 03 2011Merchant Services Audit 03 2011
Merchant Services Audit 03 2011carolta555
 
Reduce PCI Scope - Maximise Conversion - Whitepaper
Reduce PCI Scope - Maximise Conversion - WhitepaperReduce PCI Scope - Maximise Conversion - Whitepaper
Reduce PCI Scope - Maximise Conversion - WhitepaperShaun O'keeffe
 
Symbiotic Consulting Group LLC - PCI Compliance Overview
Symbiotic Consulting Group LLC - PCI Compliance OverviewSymbiotic Consulting Group LLC - PCI Compliance Overview
Symbiotic Consulting Group LLC - PCI Compliance OverviewRosy Kaur
 
Online_Transactions_PCI
Online_Transactions_PCIOnline_Transactions_PCI
Online_Transactions_PCIKelly Lam
 
PCI compliance and fraud prevention for non profits
PCI compliance and fraud prevention for non profitsPCI compliance and fraud prevention for non profits
PCI compliance and fraud prevention for non profitsNetSquared Vancouver
 
PCI DSS: What it is, and why you should care
PCI DSS: What it is, and why you should carePCI DSS: What it is, and why you should care
PCI DSS: What it is, and why you should careSean D. Goodwin
 
Data Security, Fraud Prevention and PCI for Nonprofit Payment Processors in D...
Data Security, Fraud Prevention and PCI for Nonprofit Payment Processors in D...Data Security, Fraud Prevention and PCI for Nonprofit Payment Processors in D...
Data Security, Fraud Prevention and PCI for Nonprofit Payment Processors in D...Stephanie Gutowski
 

Similaire à PCI FAQs and Myths (20)

Pci compliance
Pci compliancePci compliance
Pci compliance
 
PCI Compliance Process
PCI Compliance ProcessPCI Compliance Process
PCI Compliance Process
 
PCI Compliance for Payment Security
PCI Compliance for Payment SecurityPCI Compliance for Payment Security
PCI Compliance for Payment Security
 
eCommerce Summit Atlanta Mountain Media
eCommerce Summit Atlanta Mountain MediaeCommerce Summit Atlanta Mountain Media
eCommerce Summit Atlanta Mountain Media
 
PCI compliance
PCI compliancePCI compliance
PCI compliance
 
Evolution Pci For Pod1
Evolution Pci For Pod1Evolution Pci For Pod1
Evolution Pci For Pod1
 
PCI_Presentation_OASIS
PCI_Presentation_OASISPCI_Presentation_OASIS
PCI_Presentation_OASIS
 
When does a company need to be PCI compliant
When does a company need to be PCI compliantWhen does a company need to be PCI compliant
When does a company need to be PCI compliant
 
Introduction To SAQ 4 U
Introduction To SAQ 4 UIntroduction To SAQ 4 U
Introduction To SAQ 4 U
 
How Credit Card Processing Works
How Credit Card Processing WorksHow Credit Card Processing Works
How Credit Card Processing Works
 
Merchant Services Audit 03 2011
Merchant Services Audit 03 2011Merchant Services Audit 03 2011
Merchant Services Audit 03 2011
 
Reduce PCI Scope - Maximise Conversion - Whitepaper
Reduce PCI Scope - Maximise Conversion - WhitepaperReduce PCI Scope - Maximise Conversion - Whitepaper
Reduce PCI Scope - Maximise Conversion - Whitepaper
 
Requirement of PCI-DSS in India.
Requirement of PCI-DSS in India.Requirement of PCI-DSS in India.
Requirement of PCI-DSS in India.
 
Symbiotic Consulting Group LLC - PCI Compliance Overview
Symbiotic Consulting Group LLC - PCI Compliance OverviewSymbiotic Consulting Group LLC - PCI Compliance Overview
Symbiotic Consulting Group LLC - PCI Compliance Overview
 
Online_Transactions_PCI
Online_Transactions_PCIOnline_Transactions_PCI
Online_Transactions_PCI
 
What Everybody Ought to Know About PCI DSS and PA-DSS
What Everybody Ought to Know About PCI DSS and PA-DSSWhat Everybody Ought to Know About PCI DSS and PA-DSS
What Everybody Ought to Know About PCI DSS and PA-DSS
 
PCI compliance and fraud prevention for non profits
PCI compliance and fraud prevention for non profitsPCI compliance and fraud prevention for non profits
PCI compliance and fraud prevention for non profits
 
Financial Fitness February 2016
Financial Fitness February 2016Financial Fitness February 2016
Financial Fitness February 2016
 
PCI DSS: What it is, and why you should care
PCI DSS: What it is, and why you should carePCI DSS: What it is, and why you should care
PCI DSS: What it is, and why you should care
 
Data Security, Fraud Prevention and PCI for Nonprofit Payment Processors in D...
Data Security, Fraud Prevention and PCI for Nonprofit Payment Processors in D...Data Security, Fraud Prevention and PCI for Nonprofit Payment Processors in D...
Data Security, Fraud Prevention and PCI for Nonprofit Payment Processors in D...
 

Dernier

Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Serviceritikaroy0888
 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataExhibitors Data
 
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLSeo
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...rajveerescorts2022
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Dipal Arora
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...amitlee9823
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyEthan lee
 
Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Servicediscovermytutordmt
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756dollysharma2066
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Centuryrwgiffor
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...lizamodels9
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxWorkforce Group
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfPaul Menig
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityEric T. Tung
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesDipal Arora
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...anilsa9823
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangaloreamitlee9823
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayNZSG
 

Dernier (20)

unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabiunwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
unwanted pregnancy Kit [+918133066128] Abortion Pills IN Dubai UAE Abudhabi
 
Call Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine ServiceCall Girls In Panjim North Goa 9971646499 Genuine Service
Call Girls In Panjim North Goa 9971646499 Genuine Service
 
RSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors DataRSA Conference Exhibitor List 2024 - Exhibitors Data
RSA Conference Exhibitor List 2024 - Exhibitors Data
 
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRLMONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
MONA 98765-12871 CALL GIRLS IN LUDHIANA LUDHIANA CALL GIRL
 
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
👉Chandigarh Call Girls 👉9878799926👉Just Call👉Chandigarh Call Girl In Chandiga...
 
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
Call Girls Navi Mumbai Just Call 9907093804 Top Class Call Girl Service Avail...
 
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
Call Girls Jp Nagar Just Call 👗 7737669865 👗 Top Class Call Girl Service Bang...
 
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case studyThe Coffee Bean & Tea Leaf(CBTL), Business strategy case study
The Coffee Bean & Tea Leaf(CBTL), Business strategy case study
 
Call Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room ServiceCall Girls in Gomti Nagar - 7388211116 - With room Service
Call Girls in Gomti Nagar - 7388211116 - With room Service
 
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
FULL ENJOY Call Girls In Mahipalpur Delhi Contact Us 8377877756
 
Famous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st CenturyFamous Olympic Siblings from the 21st Century
Famous Olympic Siblings from the 21st Century
 
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
Call Girls In DLf Gurgaon ➥99902@11544 ( Best price)100% Genuine Escort In 24...
 
Cracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptxCracking the Cultural Competence Code.pptx
Cracking the Cultural Competence Code.pptx
 
Forklift Operations: Safety through Cartoons
Forklift Operations: Safety through CartoonsForklift Operations: Safety through Cartoons
Forklift Operations: Safety through Cartoons
 
Grateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdfGrateful 7 speech thanking everyone that has helped.pdf
Grateful 7 speech thanking everyone that has helped.pdf
 
How to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League CityHow to Get Started in Social Media for Art League City
How to Get Started in Social Media for Art League City
 
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best ServicesMysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
Mysore Call Girls 8617370543 WhatsApp Number 24x7 Best Services
 
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
Lucknow 💋 Escorts in Lucknow - 450+ Call Girl Cash Payment 8923113531 Neha Th...
 
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service BangaloreCall Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
Call Girls Hebbal Just Call 👗 7737669865 👗 Top Class Call Girl Service Bangalore
 
It will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 MayIt will be International Nurses' Day on 12 May
It will be International Nurses' Day on 12 May
 

PCI FAQs and Myths

  • 1. PCI FAQS AND MYTHS Presented by BluePay
  • 2. When your business — no matter its size — began accepting credit card payments, it immediately became a potential target for data thieves. Much more is at risk than your customers’ sensitive information, however. If you aren’t employing the best industry practices to protect that data, your business could face fines, lose the ability to accept credit and debit card payments, and jeopardize its credibility. To help protect consumers’ credit card information from data thieves, the Payment Card Industry Security Standards Council created data security standards that businesses must follow to be in compliance. The cost of noncompliance can be staggering. The bank that processes your payments could be fined $5,000 to $100,000 per month by the credit card companies — amounts likely to be passed along to you — until the business is following the requirements. Your bank also could raise the fees it charges to process your business’s transactions, or stop handling them altogether. (Check your account agreement with the bank.) Your business also might have to cover the cost if the bank has to issue new cards to customers whose data has been compromised — and who could become former customers if there has been a data breach. Finally, your business also may be liable for losses due to fraud and other financial losses. THE IMPORTANCE OF PCI COMPLIANCE PCI FAQS AND MYTHS BLUEPAY | 2
  • 3. TABLE OF CONTENTS FAQ 1: What are the PCI compliance levels and how are they determined? 4 FAQ 2: My business has multiple locations; is each location required to validate PCI compliance? 5 FAQ 3: Am I PCI compliant if I have an SSL certificate? 6 FAQ 4: What is a vulnerability scan? 7 FAQ 5: Are debit card transactions in scope for PCI? 8 MYTH 1: I’m a small merchant who takes only a handful of cards, so I don’t need PCI. 9 MYTH 2: PCI applies only to e-commerce companies. 10 MYTH 3: I can wait until my business grows. 11 MYTH 4: Outsourcing card processing makes us compliant. 12 MYTH 5: PCI compliance is an IT project. 13 PCI FAQS AND MYTHS BLUEPAY | 3
  • 4. FAQ 1: WHAT ARE THE PCI COMPLIANCE LEVELS AND HOW ARE THEY DETERMINED? There are four levels of PCI compliance as determined by Visa and Mastercard. These levels are based on the transaction volume (including credit, debit and prepaid) over a 12-month period. Merchants that have been affected by a security breach that resulted in compromised card data may be escalated to the next level. Merchant Level Description LEVEL 1: Any merchant processing more than $6 million Visa and/or Mastercard transactions per year. LEVEL 2: Any merchant processing $1 million to $6 million Visa and/or Mastercard transactions per year. LEVEL 3: Any merchant processing $20,000 to $1 million Visa and/or Mastercard e-commerce transactions per year. LEVEL 4: Any merchant processing less than $20,000 Visa and/or Mastercard e-commerce transactions per year, and all other merchants processing up to $1 million Visa and/or Mastercard transactions per year. PCI FAQS AND MYTHS BLUEPAY | 4
  • 5. FAQ 2: MY BUSINESS HAS MULTIPLE LOCATIONS; IS EACH LOCATION REQUIRED TO VALIDATE PCI COMPLIANCE? Best practices would be to certify each merchant ID (MID) number individually. Some businesses choose to certify by multiple MID numbers under one entity. However, if multiple locations are certified under one entity and a compromise were to occur, all MID numbers are subject to forensic investigation (versus only the identified MID). PCI FAQS AND MYTHS BLUEPAY | 5
  • 6. FAQ 3: AM I PCI COMPLIANT IF I HAVE AN SSL CERTIFICATE? As of June 30, 2018, the Payment Card Industry Security Standards Council issued a mandatory security upgrade to disable SSL and early versions of TLS and update systems to TLS 1.2. SSL is no longer allowed for PCI compliance and should be considered permanently broken, from a security perspective. Used widely online, TLS is a cryptopgraphic protocol used to establish a secure communication channel between two systems. Updating to TLS 1.2 is just one piece of the puzzle to becoming PCI compliant. PCI FAQS AND MYTHS BLUEPAY | 6
  • 7. A vulnerability scan is an automated tool that conducts a nonintrusive scan of a merchant or service provider’s system to remotely review networks and Web applications based on the external-facing Internet protocol (IP) addresses provided by the merchant or service provider. The scan pinpoints vulnerabilities in operating systems, services and devices that could be used by hackers to target the company’s private network. Approved Scanning Vendors (ASVs) do not require the merchant or service provider to install any software on their systems, and no denial-of-service attacks will be performed. The terms ASV and QSA (Qualified Security Assessor) may seem interchangeable, but they are really two separate entities. While the ASV scans websites hosting or processing PCI data, a QSA is a company or an employee of the QSA company that audits PCI environments. FAQ 4: WHAT IS A VULNERABILITY SCAN? PCI FAQS AND MYTHS BLUEPAY | 7
  • 8. Any debit, credit and prepaid cards branded with one of the five card association/brand logos that participate in the PCI SSC — American Express, Discover, JCB International, Mastercard and Visa — are within scope. FAQ 5: ARE DEBIT CARD TRANSACTIONS IN SCOPE FOR PCI? PCI FAQS AND MYTHS BLUEPAY | 8
  • 9. Merchants are divided into four categories based on the number of card transactions handled in a 12-month period, but all must meet PCI requirements, regardless of their size-level designation. Smaller merchants do face fewer validation requirements, however. For a Level 4 merchant (processing fewer than $20,000 in e-commerce transactions or up to $1 million in transactions overall), an annual self-assessment questionnaire is recommended and a network scan by an approved vendor is to be performed quarterly if applicable, but the requirements of the bank handling the merchant’s transactions still must be met for the business to be in compliance. MYTH 1: I’M A SMALL MERCHANT WHO TAKES ONLY A HANDFUL OF CARDS, SO I DON’T NEED PCI. PCI FAQS AND MYTHS BLUEPAY | 9
  • 10. MYTH 2: PCI APPLIES ONLY TO E-COMMERCE COMPANIES. Whether your business handles one transaction or hundreds of credit/debit card purchases per day, it is subject to the PCI Data Security Standards, regardless of whether the transactions are electronic, in person or by phone. The requirements apply to your business if any customer ever pays you directly using a debit or credit card. PCI FAQS AND MYTHS BLUEPAY | 10
  • 11. MYTH 3: I CAN WAIT UNTIL MY BUSINESS GROWS. As previously noted, a business of any size that processes a credit or debit card transaction is subject to PCI compliance. If you think your business is too small to attract a hacker, consider this: In Ponemon Institute’s annual State of Cybersecurity in Small and Medium-Sized Businesses (SMB) report, 61 percent of the businesses surveyed experienced a cyber attack in 2017. Additionally, 54 percent reported a data breach involving sensitive customer and employee information. Due to these incidents, these companies spent an average of $1,027,053 because of damage or theft of assets. In addition, disruption to normal business operations cost an average of $1,207,965. Source: https://csrps.com/Media/Default/2017%20Reports/2017-Ponemon-State-of-Cybersecurity-in-Small-and-Medium-Sized- Businesses-SMB.pdf PCI FAQS AND MYTHS BLUEPAY | 11
  • 12. Relying on an outside vendor does not ensure that your business is PCI compliant. Outsourcing could reduce your risk and make it easier to prove that your business is compliant, but much like with paying your taxes to the IRS, relying on an external “expert” does not relieve your accountability. MYTH 4: OUTSOURCING CARD PROCESSING MAKES US COMPLIANT. PCI FAQS AND MYTHS BLUEPAY | 12
  • 13. Any temptation to shift the entire burden of PCI compliance onto the IT staff could prove costly. While IT can set up, run and test programs, compliance is an ongoing task. Rules change and regular assessments are needed, and with so much at stake from financial and reputation standpoints, your entire organization is affected. MYTH 5: PCI COMPLIANCE IS AN IT PROJECT. PCI FAQS AND MYTHS BLUEPAY | 13
  • 14. BluePay, Naperville, IL (Note: BluePay has multiple offices nationwide and in Canada; corporate headquarters is in Naperville) www.bluepay.com 866-444-6216 (sales, toll free) 866-739-8324 (U.S. merchant, toll free) BluePay, a First Data company, is a leading provider of technology-enabled payment processing for merchants in the United States and Canada. Through physical POS, online, and mobile interfaces, as well as CRM and ERP software integrations, BluePay processes business-to-consumer and business-to-business payments while providing real-time settlement, reporting, and reconciliation, along with robust security features such as tokenization and point-to-point encryption. BluePay is headquartered in Illinois, with offices in Maryland, Mississippi, New York, and Toronto, Canada. THIS PRESENTATION IS BROUGHT TO YOU BY BLUEPAY.