This document discusses how palm vein biometric technology from Fujitsu and M2SYS can help strengthen compliance for PCI and workforce management. It outlines the costs of non-compliance for PCI and explains how palm vein biometrics can help by enabling stronger user validation and access controls. It also discusses the costs of non-compliance for workforce management regulations and how palm vein biometrics can help by preventing time theft and providing an audit trail. Representatives from Fujitsu and M2SYS then provide contact information for more details on their palm vein biometric solutions.
Automating Google Workspace (GWS) & more with Apps Script
Fujitsu & M2SYS Webinar - How Palm Vein Biometrics Can Strengthen PCI and Workforce Management Compliance
1. Using Biometric Palm Vein Technology
To Strengthen Compliance
Hosts:
Bill Geary – Sales Manager, Retail & Education, Fujitsu Frontech North America
John Trader – Communications Specialist, M2SYS Technology
If tweeting during the presentation, please use hashtag #palmsecure
2. Agenda
• Company Overviews
• The Cost of Non-Compliance
• PCI Compliance
• How Can Palm Vein Biometrics Help?
• Workforce Management Compliance
• How Can Palm Vein Biometrics Help?
• Why Fujitsu Palm Vein Biometrics Technology?
• Why M2SYS?
• Contact Information
3. Fujitsu Overview
PalmSecure™ Biometric Solution
Company
Leading Provider of Customer – Focused Information Technology and Communication Solutions
Founded in 1935 – 76 years in existence
Annual Revenue – $53 Billion
Over 160,000 Employees
100+ Offices Worldwide
Products, Services and Support
Delivering Computers, Software, Telecommunications, Microelectronics, Electronic Devices
– 34,000 Patents
Providing Consulting, Systems Integration, IT Infrastructure, Solutions
– Third Largest IT Services Provider in the World
Worldwide Support
Partners
Partnerships with Leading Distributors, Resellers, ISV’s and Software Companies
Customers
Most Global Fortune 500 Companies
4. M2SYS Overview
We Simplify the Adoption of Biometric Technology
• Winner of 2007 Frost & Sullivan Biometrics Technology
Innovation of the Year Award
• Winner of 2011 Frost & Sullivan North American Biometrics
Industry New Product Innovation Award
• Primary Markets Served: Public Safety – Law Enforcement,
Electoral, Healthcare, Banking, Education, POS, Childcare,
Transportation, Workforce Management, Membership
Management, Application Security
• Over 500 enterprise software integrators
• Tens of Thousands of End User Deployments in 90 Countries
• Unique Hybrid Biometric Platform™ solutions for rapid
biometric adoption and deployment
• Headquarters in Atlanta, GA with Satellite Office in Asia
5. Components of PCI
Compliance:
Software
Merchants and
Manufacturers Developers
Processors
PCI/PTS PCI-PA-DSS PCI DSS
PIN transaction
Payment
security Data Security
Application
Standard
Vendors
Ecosystem of payment devices, apps, infrastructure and users
6. The Cost of PCI
Non-Compliance:
• Effective security strategies lower the
cost of non-compliance
• Absence of enabling technologies
raises the reactive costs of non-
compliance
• Consequential costs can include
business disruption, productivity
loss, revenue loss and fines/penalties
9. How Can Biometrics Help?
Palm Vein Biometrics to Strengthen PCI Compliance
Benefits:
• Passwords/Network Security
• Stronger validation – eliminates sophisticated POS
passwords
• Avoid costly security breaches – stops
unauthorized access using borrowed or stolen
passwords
• Record Storage
• Strengthens access control to areas containing
sensitive data
• Cost savings
• Reduce help desk calls
• Tactic to help lower largest contributor to shrink –
employee theft
10. Components of Workforce
Management Compliance:
Time and Labor Management
Employee Scheduling
Employee and Manager Self-Service
Absence and Leave Management
Workforce Analytics
Union Requirements & Gov’t Regulations
11. The Cost of Non-Compliance:
Workforce Management
• Wal-Mart pays $172 million in 2005
• A&P pays $3.1 million in 2004
• Lawyer fees and court costs
• Productivity losses
• Irreparable damage to reputation and
consumer loyalty
12. The Cost Of Compliance:
Workforce Management
According to the U.S. Department of Justice, an employer can be ordered to
pay liquidated damages and back-pay as well as any criminal fine or penalty
that is imposed in court. Criminal penalties under the Fair Labor Standards
Act (FLSA) impose a fine of up to $10,000 on the first conviction and a fine of
up to $10,000, a term of imprisonment of up to 6 months, or both, on all
convictions after the first conviction.
13. How Can Biometrics Help?
Palm Vein Biometrics to Strengthen WFM Compliance
Benefits:
• Stops time theft and buddy punching
• Strengthens employee accountability
• Improves productivity – no PINS or passwords
• Concrete audit trail that provides irrefutable
proof
• Eliminates identity fraud
• Reduces payroll inflation and payroll errors
• Solidifies value of punch restriction
14. Palm Vein Biometric ID
Key Advantages
High Authentication Accuracy
• FAR: 0.00008%
• FRR: 0.01%
Non-Traceable and Non-Shareable Authentication Method
• Delivering unmatched security and privacy that is virtually impossible to forge
Non-Intrusive Interface
• Contactless solution that leaves no biometric footprints following authentication
• High level of user acceptance
Applicable to All Users with Virtual No Enrollment Failure
• Works regardless of ethnicity, age, and other demographical statistics
• Highly applicable to all users due to minimal impact from external factors (abrasions, dry
skin, chemical damage, wearing skin lotion, etc.)
15. Why M2SYS?
Key Advantages
• Instantly interfaces with any third-party
WFM or POS application
• Custom versions already built for
Kronos, ADP, Qqest, Zoll Data
Systems, Empower, Fujitsu GlobalStore
and others
• Can facilitate offline punch capture and
discreet “typeless” schedule
enforcement (Kronos and ADP)
• Easily scale to share templates across
terminals or stores
• Seamless interface to end users
16. Contact Information
Bill Geary John Trader
Sales Manager, Retail & Education Communications Specialist
Biometric Solutions M2SYS Technology
Fujitsu Frontech North America 1050 Crown Pointe Pkwy.
25902 Towne Centre Dr Suite 470
Foothill Ranch, CA 92610 Atlanta, GA 30338
bill.geary@us.fujitsu.com john@m2sys.com
+1-813-855 8452 office +1-770-393-0986 x34
+1-813-380 9423 cell www.m2sys.com
www.fujitsu.com/us/services/
biometrics/palm-vein/ Twitter: twitter.com/m2sys
Facebook: facebook.com/m2sys
LinkedIn: linkedin.com/company/
m2sys-technology
Editor's Notes
Here is a brief overview of the ecosystem of payment devices, applications, infrastructure and users.Starting on the right hand side with the green block, you have the PCI Data Security Standard (or DSS) which applies to all entities that store, process and/or transmit cardholder data. It covers technical and operational system components included in or connected to cardholder data. So if you are a merchant that accepts or processes payment cards, you must comply with the PCI DSS.The center red section covers is for software developers and integrators of payment applications that store, process or transmit cardholder data as part of authorization or settlement when these applications are sold, distributed or licensed to third parties. The left blue section is a set of security requirements focused on charactsristics and management of devices used in the protection of cardholder PINs and other payment processing related activities. The requirements are for manufacturers to follow in the design, manufacture and transport of a device to the entity that implements it.Biometric identification pertains to the green PCI DSS section to strengthen implementation of access control measures which applies to: restricting access to cardholder data by employees, assigning a unique ID to each person with computer access, and restricting physical access to cardholder data.
The PonemonInstisute recently did a study of 36 multinational organizations and found out that the average cost of compliance for those organizations is $3.5 million and the average cost for these organizations for non-compliance is $9.4 million. They also discovered that in terms of external compliance, respondents indicated that the PCI-Data Security Standards were one of the most important and difficult requirments to comply with. It seems obvious to point this out but being proactive by providing technology mechanisms that increase security along the chain of PCI requirements, you will lower the reactive costs of non-compliance.I’ts interesting to note that business disruption and productivity losses are the most expensive consequences of non-compliance. Non-compliance can also negatively impact revenues and rack up significant amounts in fines and penalties levied. It’s interesting to note than in the Ponemon Study, they discovered that there is an inverse relationship between per capita non-compliance cost and the percentage of compliance spending in relation to the total IT budget. In other words, the more that an organization spent on the costs of non-compliance, the smaller the amount of the IT budget the organization had allocated to compliance costs.
I included this graph from the Ponenmon Report that I mentioned earlier just to give you an idea of the percentage gaps between compliance and non-compliance costs by industry. As you can see, retail is #2 on the list followed by healthcare at #3.
This graph reports the average number of compromised records over a 12 month period by industry classification. You will notice that although it isn’t a perfect match, there appears to be a close relationship between the average number of lost or stolen records and the percentage gap by industry shown in the previous graph.
Here are a list of the components that are part of workforce management compliance. Employers must be aware of all these elements of their workforce management strategy which can be a complicated task. As this list clearly indicates, there are many facets of workforce management compliance that require attention and many different facets of compliance that are important to include.
So let’s talk for a minute about the consequences of non-compliance. Does anyone remember the lawsuit that was brought against Wal Mart back in 2005? 116,000 current and former California Wal Mart employees claimed that they were illegally denied lunch breaks and Wal Mart was ordered to pay $57 million in general damages and $115 million in punitive damages for violating a state law that requires employers to give 30-minute unpaid lunch breaks to employees who work at least six hours.In 2004, a $3.1 million dollar settlement was levied against A&P by hourly employees that claimed they had not received proper compensation for all hours worked (off-the-clock) or overtime premium pay for all hours worked in excess of 40 in a work week in violation of the Fair Labor Standards Act.There are many costs associated with workforce management non-compliance including lawyer fees and court costs, losses in employee productivity, and perhaps one of the most damaging is a hit to a businesses reputation which can cause irreversible damage to consumer loyalty. In a day and age where social media shines the spotlight on these types of egregious violations of an employee’s rights and in an economy that is increasingly tighter, companies can’t afford to take a risk on their workforce management compliance policies.
The costs of compliance can also go well beyond heavy monetary losses. There can also be criminal convictions requiring imprisonment.
We designed our biometric identification software to instantly interface with any third party WFM or POS application. We have a version of our flagship Hybrid Biometric Platform software called Bio-SnapOn that will act as a biometric identification layer on top of other applications or we have several custom versions of our software that are custom built to interface with leading WFM and POS software providers.Our software can facilitate offline punch captures and typelessIn addition, with our Hybrid Biometric Platform software, if you are an organization with more than one site or with more than one store terminal, you can easily share employee templates across terminals and stores. Our software is built to seamlessly interface and be hassle free to our end users so you can concentrate on your core business and not have to be tied down to software glitches or support problems.