PCI-DSS

18 cards   |   Total Attempts: 192
  

Cards In This Set

Front Back
Card Checks
AVSDaily spend limitDaily Cash limitDaily Velocity limitName MatchFalcon Score ThresholdsHot Card DenialIncorrect PINPin Attempts ExceededCommunications CutoutCountry/Region BlockState BlockDelinquent loansPAN does not existCVV2 incorrectCard DamagedPickup due to fraudHold on Pledged fundsOver the limitCard not activatedExp date mismatchTransaction was approved in Stand inIllegal Transaction
What does PCI-DSS stand for
Payment Card Industry-Data Security Standard Provides a baseline of technical and operational requirements designed to protect account data
Now list the 12 PCI=DSS requirements (high level overview)
  1. Install and maintain a firewall configuration to protect cardholder data
  2. Do not use vendor supplied defaults for system passwords and other security parameters
  3. Protect stored cardholder data
  4. Encrypt transmission of cardholder data across open public networks
  5. Protect all systems against malware and regularly update anti virus software or programs
  6. Develop and maintain secure systems and applications
  7. Restrict access to cardholder data by business need to know
  8. Identify and authenticate access to system components
  9. Restrict physical access to cardholder data
  10. Track and monitor all access to resources and cardholder data
  11. Regularly test security systems and processes
  12. Maintain a policy that addresses information security for all personnel
What is CDE
Cardholder Data Environment
What are some fraud controls
  1. AVS-usually zip code
  2. Velocity
  3. Setting fraud score thresholds
As it relates to the issuer, a preauthorization can be approved by either
  1. The issuers host system
  2. Stand in limits established by the issuer and executed by Visa
Settlement between issuers and merchants bank happens
Via Visanet on a daily basis (merchant may not see funds in their account for up to 48 hours)
Authorization steps
  1. Cardholder presents card
  2. Merchant swipes card
  3. Visanet passes on the request to issuer
  4. Issuer approves or declines
  5. Visanet forwards issuer response to merchant bank
  6. Merchant bank forwards response to merchant
  7. Merchant submits the final amount into clearing
Clearing and Settlement steps
  1. Merchant deposits the transaction receipt with the merchant bank for final transaction amount
  2. Merchant bank credits the merchant account and electronically submits the transaction to Visa for settlement
  3. Visanet facilitates settlement by paying the merchant bank for the transaction amount and debiting the card issuer account and sends the transaction to the card issuer
  4. Card issuer posts the transaction to the cardholder account and sends the monthly statement to the cardholder
  5. Cardholder receives statement
When did CUCO start issuing chip cards
Spring 2016, they have a unique one time code, also it costs $2 to produce mag stripe card and about $15-$20 for a chip card, liability was set to shift October of 2015
What does EMV stand for
Europay, Mastercard and Visa, the 3 companies who pioneered the technology
What stat indicates the anti fraud capability of chip cards
Reported that fraud in October 2016 decreased by 43% when compared to previous year.Note: Pay at pump merchants have until October 2020 to become compliant while ATM's have until October 2017
Expenses for plastic cards shows $5.9 mil and $5.6 mil respectively for 2015 and 2014 curious as to how much 2016 increased as a consequence of EMV
X
Types of Visa's
Platinum Preferred Rewards Visa 7.75%Platinum Preferred Visa 6.75%Business Rewards Credit Card 9.75%
What ATM networks does the credit union use
COOP and MoneyPassAlso credit union has 15 ATM locations