GPUG ® Summit 2011 November 8-11 Caesars Palace – Las Vegas, NV Payment Processing Online and Within Dynamics GP PCI Compliance and Secure Payment Processing.

GPUG® Summit 2011November 8-11

Caesars Palace – Las Vegas, NV

Payment Processing Online and Within

Dynamics GPPCI Compliance and Secure Payment Processing

GPUG Summit 2011– Las Vegas www.gpug.com

Presenter

Giuseppe Ianni Director of Sales & Marketing at Azox 6 Years channel management

experience 8 years of ecommerce and

payment processing experience

GPUG Summit 2011– Las Vegas www.gpug.com

Session Objective

Inform, train and present options for solving/ automating electronic payment processing needs using Dynamics GP or a website

Understand the impact of PCI compliance mandates and cardholder security requirement for companies

GPUG Summit 2011– Las Vegas www.gpug.com

Agenda

PCI Compliance: Security issues facing merchants

Processing payments within Dynamics GP and online

Live Solution Tutorial

Questions?

GPUG Summit 2011– Las Vegas www.gpug.com

Win a $50 Gift Card

First person to write their credit card information and pass it forward will win.

Don’t worry, your credit card information will not be used.

Don’t ever write down your credit card information!

CARDHOLDER

Jeff Smith

CC #1234 5678 9123

4567

CVV2 123

GPUG Summit 2011– Las Vegas www.gpug.com

Security Issues Facing Merchants

Payment card info is sensitive so why would anyone freely pass around their information

PCI compliance mandates were created to protect cardholder data from being compromised.

Merchants must use PA-DSS validated software to adhere to PCI-DSS requirements or face:

– Losing the ability to process credit card payments – Being fined– Being audited

GPUG Summit 2011– Las Vegas www.gpug.com

PCI Compliance: Security Issues Facing Merchants

Refers to the Payment Card Industry Data Security Standard (PCI DSS)

Formed to help prevent organizations that process credit cards from credit card data breaches

PA-DSS (Payment Application Data Security Standard) refers to the payment applications themselves (Azox Credit Card Extension) that store, process or transmit cardholder data.

GPUG Summit 2011– Las Vegas www.gpug.com

12 Steps to PCI Compliance

GPUG Summit 2011– Las Vegas www.gpug.com

12 RequirementsBuild and Maintain a Secure Network1. Install and Maintain a firewall configuration to protect cardholder data.

2. Do not use vendor-supplied defaults for system passwords & other security parameters.

Protect Cardholder Data

3. Protect stored cardholder data

4. Encrypt transmission of cardholder data across open, public networks

Maintain a Vulnerability Management Program

5. Use and regularly update anti-virus software

6. Develop and maintain secure systems and applications

Implement Strong Access Control Measures

7. Restrict access to cardholder data by business need-to-know

8. Assign a unique ID to each person with computer access

9. Restrict physical access to cardholder data

Regularly Monitor and Test Networks

10. Track and monitor all access to network resources and cardholder data

11. Regularly test security systems and processes

Maintain an Information Security Policy

12. Maintain a policy that addresses information security

GPUG Summit 2011– Las Vegas www.gpug.com

Processing Credit Cards

Available in Sales Order Processing & Receivable Management modules.

Users can lookup and select multiple credit cards/customer

Transaction Types: authorization, post-authorization, sale, void/credit, or return

GPUG Summit 2011– Las Vegas www.gpug.com

Managing Credit Card Info

Customer credit card information is stored encrypted in the Customer Credit Card Maintenance Window

GPUG Summit 2011– Las Vegas www.gpug.com

Tokenization

Allows companies to store sensitive customer credit card data off site.

Reduces the scope of PCI Compliance for companies.

GPUG Summit 2011– Las Vegas www.gpug.com

Live Solution Tutorial

Authorize a credit card in Dynamics GP

Charge a credit card in Dynamics GP

Batch Process credit card transactions in Dynamics GP

Show online payment processing and payment date pushed back securely into Dynamics GP.

GPUG Summit 2011– Las Vegas www.gpug.com

Q&A

GPUG Summit 2011– Las Vegas www.gpug.com

Contact

Giuseppe Ianni

Director of SalesOffice: 734-928-6004

Mobile: 734-233-1175

Fax: 734-928-6070Azox, Inc.

45550 Helm St.Plymouth, MI 48170

[email protected]

www.azox.com