1 / 8

Mercury Payment Systems

Mercury Payment Systems. Dan Osby Director, Technical Services Technical Lead, Incident Response dosby@mercurypay.com. Recent Statistics. Organized crime has learned to hack Level 4 merchants are new target 84% were from PC based POS systems

edric
Download Presentation

Mercury Payment Systems

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Mercury Payment Systems Dan Osby Director, Technical Services Technical Lead, Incident Response dosby@mercurypay.com

  2. Recent Statistics • Organized crime has learned to hack • Level 4 merchants are new target • 84% were from PC based POS systems • Approximately 60% were within the restaurant environment

  3. Compromise Statistics Cases by Card Acceptance About 5 out of every 6 cases is a traditional Brick and Mortar environment. Card Present Merchants are not aware of these risks!

  4. Compromise Statistics Merchant Error vs. 3rd Party Error Majority of the compromises were caused by a fault in the service provided by a 3rd party to a merchant. POS developers, integrators, IT firms are not following PCI DSS and leaving merchants at risk!

  5. What if a Security Loss Occurs? • If a loss is suspected, a forensics audit is done at merchant’s cost • Forensics report can expose reseller deficiencies • If a loss did occur, fines will be assessed • The merchant is responsible but may be able to successfully sue other service providers

  6. In addition to the upgrade, what is needed? • Other Actions: • Internet connected sites should have a properly configured firewall protecting them from unsolicited external connections • Remote access software should be turned off when not in use • All passwords should be complex and not shared among sites or users • Updated anti-virus software and OS patches • Always be aware of changes to your POS environment!

  7. Disclosure Data Security Disclosure - Notify your merchants - Completely customizable - Send by certified mail or in person to ensure delivery

  8. Mercury Payment Systems Questions?

More Related