1 / 13

Youngstown State University

Youngstown State University. PCI Training. enter or left click on mouse to advance slides. Overview.

thy
Télécharger la présentation

Youngstown State University

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Youngstown State University PCI Training enter or left click on mouse to advance slides

  2. Overview In response to consumer concerns with the security of credit card usage, the Payment Card Industry (PCI) council – which includes American Express, Discover, MasterCard, and Visa – has issued Payment Card Industry Data Security Standards (PCI DSS) which must be complied with by any business or organization accepting those card brands. If compliance is not maintained, Youngstown State University could lose its right to accept those cards, suffer fees, fines, permit financial harm to befall our stakeholders, and irreparably damage the University’s reputation. Part of the University’s PCI Compliance Plan is an annual PCI training conducted by the Bursar.

  3. PCI Council Training Video Add me- not available on this Power Point https://www.pcisecuritystandards.org/smb/

  4. Which statement below is true? • The only person who should be presenting a credit card to you for payment is the person whose name is on the front of the card and their name is signed. • It is okay to accept a parent's credit card from a student as long as their last name matches and they can show proof of relationship. • It is okay to accept a spouse's credit card if the last names match. • It is okay to accept someone else's credit card if the person in possession of the card has a signed letter from the owner of the card and their signature. Correct Answer

  5. Departments/cashiers/student employees who work with credit cards, • and/or credit card machines. • The machines should be settled every night after closing • Do not allow anyone to inspect or remove the machine unless you know who they are • If your machine appears to have been tampered with, please contact Gloria Kobus, Bursar. You are required to keep the signed copy of the credit card receipt for 18 months • If you are hand entering credit card numbers, do not accept credit card numbers taken through e-mail (phone, fax, and US mail are okay as long as the credit card number is kept secure until entered and destroyed afterwards). • If a credit card is denied, do NOT override under any circumstances (phone call from a “bank” for example). • You should not accept an unsigned card. • Do not accept a credit card if the signatures do not match, the card appears to have been altered or tampered with, or you are told when the card is swiped to “pick up” the card.

  6. Which of the following are red flags for potential credit card fraud and may indicate that a closer inspection of the card or extra identification may be required? • The person using the credit card tries to distract or rush you during the sale. • The person makes a large purchase right after opening or right before closing. • A purchase is made, and the person leaves and then returns to make more purchases. • The card appears to have been altered or damaged. • All of the above.

  7. PCI Training Video Add me- not available on this Power Point https://www.pcisecuritystandards.org/smb/

  8. General Reminders : • Make sure you are not storing full credit card numbers anywhere. • Please double check old forms on file, old receipts, ect. Black out or • destroy the credit card number. It is NOT okay to throw away old • credit card receipts with full credit card numbers – PCI requirements • override record retention requirements.

  9. Additional Reminders!!!! • Please double check to make sure there are no Social Security numbers on old forms or stored in your computer. Do not post or display SSNs or transmit over the internet. • Limit access to personal information as much as possible. • Be sure to change passwords on a regular basis and never use default passwords. • Secure customer records and information by locking rooms and file cabinets. • If you think that you’ve had a compromise/breach (for example, a locked cabinet with credit card numbers waiting to be entered was broken into), please contact the Bursar. The Bursar will work with the department to determine the extent of the breach and may need to contact Visa etc., the local FBI, and/or U.S. Secret Service. • Please make sure anyone in your department who will be working with credit cards completes this training. • Just a reminder for departmental credit card users, please do not write down the credit card number for someone else to use and make sure when entering the credit card number on-line that it is only through a secure site (https).

  10. Which of the following could indicate a counterfeit credit card? All of the Above

  11. Don’t Get Targeted

  12. Breaking down the avg. cost • Average cost per breach: $5.4 million • $400k on detection on escalation cost • $565k on notifications • $1.4 million of post breach cost • $3 million on lost customer base

  13. Thank you Don’t forget !!!!! Directors/Responsible Party: complete the requirement form and return to Gloria Kobus Office of University Bursar, Meshel Hall, Room 227. Staff: complete the requirement form and give to your Director or Responsible Party. Both forms can be found at: http://web.ysu.edu/contentm/easy_pages/easy_page_view.php?sid=25&page_id=1301

More Related