GPUG® Summit 2011November 8-11

Caesars Palace – Las Vegas, NV

Payment Processing Online and Within

Dynamics GPPCI Compliance and Secure Payment Processing

GPUG Summit 2011– Las Vegas www.gpug.com

Presenter

Giuseppe Ianni Director of Sales & Marketing at Azox 6 Years channel management

experience 8 years of ecommerce and

payment processing experience

GPUG Summit 2011– Las Vegas www.gpug.com

Session Objective Inform, train and present options for

solving/ automating electronic payment processing needs using Dynamics GP or a website

Understand the impact of PCI compliance mandates and cardholder security requirement for companies

GPUG Summit 2011– Las Vegas www.gpug.com

Agenda PCI Compliance: Security issues facing

merchants Processing payments within Dynamics GP

and online

Live Solution Tutorial

Questions?

GPUG Summit 2011– Las Vegas www.gpug.com

Win a $50 Gift Card First person to write their credit card

information and pass it forward will win.

Don’t worry, your credit card information will not be used.

Don’t ever write down your credit card information!

CARDHOLDERJeff Smith

CC #1234 5678 9123 4567

CVV2 123

GPUG Summit 2011– Las Vegas www.gpug.com

Security Issues Facing Merchants

Payment card info is sensitive so why would anyone freely pass around their information

PCI compliance mandates were created to protect cardholder data from being compromised.

Merchants must use PA-DSS validated software to adhere to PCI-DSS requirements or face:– Losing the ability to process credit card payments – Being fined– Being audited

GPUG Summit 2011– Las Vegas www.gpug.com

PCI Compliance: Security Issues Facing Merchants

Refers to the Payment Card Industry Data Security Standard (PCI DSS)

Formed to help prevent organizations that process credit cards from credit card data breaches

PA-DSS (Payment Application Data Security Standard) refers to the payment applications themselves (Azox Credit Card Extension) that store, process or transmit cardholder data.

GPUG Summit 2011– Las Vegas www.gpug.com

12 Steps to PCI Compliance

GPUG Summit 2011– Las Vegas www.gpug.com

12 RequirementsBuild and Maintain a Secure Network1. Install and Maintain a firewall configuration to protect cardholder data.2. Do not use vendor-supplied defaults for system passwords & other security parameters.Protect Cardholder Data3. Protect stored cardholder data4. Encrypt transmission of cardholder data across open, public networksMaintain a Vulnerability Management Program5. Use and regularly update anti-virus software6. Develop and maintain secure systems and applicationsImplement Strong Access Control Measures7. Restrict access to cardholder data by business need-to-know8. Assign a unique ID to each person with computer access9. Restrict physical access to cardholder dataRegularly Monitor and Test Networks10. Track and monitor all access to network resources and cardholder data11. Regularly test security systems and processesMaintain an Information Security Policy12. Maintain a policy that addresses information security

GPUG Summit 2011– Las Vegas www.gpug.com

Processing Credit Cards Available in Sales Order

Processing & Receivable Management modules.

Users can lookup and select multiple credit cards/customer

Transaction Types: authorization, post-authorization, sale, void/credit, or return

GPUG Summit 2011– Las Vegas www.gpug.com

Managing Credit Card Info Customer credit

card information is stored encrypted in the Customer Credit Card Maintenance Window

GPUG Summit 2011– Las Vegas www.gpug.com

Tokenization Allows companies to store sensitive

customer credit card data off site.

Reduces the scope of PCI Compliance for companies.

GPUG Summit 2011– Las Vegas www.gpug.com

Live Solution Tutorial Authorize a credit card in Dynamics GP Charge a credit card in Dynamics GP Batch Process credit card transactions in

Dynamics GP Show online payment processing and

payment date pushed back securely into Dynamics GP.

GPUG Summit 2011– Las Vegas www.gpug.com

Q&A

GPUG Summit 2011– Las Vegas www.gpug.com

Contact

Giuseppe Ianni

Director of SalesOffice: 734-928-6004

Mobile: 734-233-1175

Fax: 734-928-6070Azox, Inc.

45550 Helm St.Plymouth, MI 48170

gianni@azox.comwww.azox.com