Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Retail & Hospitality Services PCI Compliance: How compliant is your payment security?

1,227 views

Published on


Ever wonder how you stack up on PCI compliance? Hear from the payment security experts behind our latest report and get the insight you need to manage risk and improve payment security. Discover the challenges organizations like your face and how to improve your security controls.
To learn more about PCI security and the Verizon 2017 PCI report, visit
http://www.verizonenterprise.com/verizon-insights-lab/payment-security/2017/

Published in: Business
  • Be the first to comment

  • Be the first to like this

Retail & Hospitality Services PCI Compliance: How compliant is your payment security?

  1. 1. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. Verizon 2017 Payment Security Report. Retail and Hospitality Webinar Wednesday, September 20th
  2. 2. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. This document and any attached materials are the sole property of Verizon and are not to be used by you other than to evaluate Verizon's service. © 2017 Verizon. All rights reserved. The Verizon name and logo and all other names, logos and slogans identifying Verizon's products and services are trademarks and service marks or registered trademarks and service marks of Verizon Trademark Services LLC or its affiliates in the United States and/or other countries. All other trademarks and service marks are the property of their respective owners. 2 Proprietary statement
  3. 3. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. Please advance to the next slide where you can watch the video. The total slide deck is available for your reference after the video. Thank you. 3
  4. 4. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 4 Payment Security Experts Franklin Tallah Sr. Manager Payment Security Practice Verizon Enterprise Solutions Mark Stachowicz Principal Consultant Payment Security Practice Verizon Enterprise Solutions Ciske Van Oosten Senior Manager Payment Security Practice Verizon Enterprise Solutions Ron Tosto Global Sr. Manager Payment Security Practice Verizon Enterprise Solutions
  5. 5. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. The 2017 Payment Security Report. • This report provides a thorough investigation of the challenges of securing customers’ payment data. • It examines the state of payment security, and looks at what needs to improve. • Based on our PCI assessments, the report explores compliance with PCI DSS in great detail, and is an invaluable resource for security and compliance professionals. 5
  6. 6. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 6 There’s good news: full compliance continued its upward progression. But still almost half of organizations analyzed failed to maintain compliance.
  7. 7. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. Payments Acceptance Landscape
  8. 8. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. Hospitality
  9. 9. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. Retail
  10. 10. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. Compliance Statistics - Analysis & Insight
  11. 11. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. Industry Comparison Full Compliance: All 55.4% Financial Services 59.1% Retail 50.0% Hospitality 42.9% Worst IT Services 61.3% Best FullCompliance:Hospitality FullCompliance:Retail
  12. 12. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. DSS Requirement 3 Protect stored cardholder data 12 Financial Retail Hospitality IT Services Req 3 7.8% 21.5% 8.5% 3.9% 7.8% 21.5% 8.5% 3.9% 0.0% 5.0% 10.0% 15.0% 20.0% 25.0% 30.0% %ControlsNotinPlace Financial Retail Hospitality IT Services Req 3 92.2% 78.5% 91.5% 96.1% 92.2% 78.5% 91.5% 96.1% 70.0% 75.0% 80.0% 85.0% 90.0% 95.0% 100.0% %ControlsinPlace In place Control gap
  13. 13. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 13 DSS Requirement 4 Protect data in transit Financial Retail Hospitality IT Services Req 4 7.4% 23.0% 7.8% 9.7% 7.4% 23.0% 7.8% 9.7% 0.0% 5.0% 10.0% 15.0% 20.0% 25.0% 30.0% %ControlsNotinPlace Financial Retail Hospitality IT Services Req 4 92.6% 77.0% 92.2% 90.3% 92.6% 77.0% 92.2% 90.3% 70.0% 75.0% 80.0% 85.0% 90.0% 95.0% 100.0% %ControlsinPlace In place Control gap
  14. 14. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 14 DSS Requirement 5 Protect against malicious software Financial Retail Hospitality IT Services Req 5 2.2% 9.8% 0.4% 1.9% 2.2% 9.8% 0.4% 1.9% 0.0% 5.0% 10.0% 15.0% 20.0% 25.0% 30.0% %ControlsNotinPlace Financial Retail Hospitality IT Services Req 5 97.8% 90.2% 99.6% 98.1% 97.8% 90.2% 99.6% 98.1% 70.0% 75.0% 80.0% 85.0% 90.0% 95.0% 100.0% %ControlsinPlace In place Control gap
  15. 15. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 15 DSS Requirement 7 Restrict access Financial Retail Hospitality IT Services Req 7 1.1% 4.2% 1.3% 0.3% 1.1% 4.2% 1.3% 0.3% 0.0% 5.0% 10.0% 15.0% 20.0% 25.0% 30.0% %ControlsNotinPlace Financial Retail Hospitality IT Services Req 7 98.9% 95.8% 98.7% 99.7% 98.9% 95.8% 98.7% 99.7% 70.0% 75.0% 80.0% 85.0% 90.0% 95.0% 100.0% %ControlsinPlace In place Control gap
  16. 16. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. Sustaining Payment Card Security
  17. 17. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 17 The lifecycle of PCI DSS controls
  18. 18. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. Keep the ultimate goal in mind. The point of payment security is to safeguard customer data, not just pass an assessment.
  19. 19. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. Make everyone aware of what they need to do. Assign roles, define responsibilities and verify that everyone understands what’s expected of them.
  20. 20. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. Thank you. Q&A.
  21. 21. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. 21 Read Verizon’s 2017 Payment Security Report to get the full picture: VerizonEnterprise.com/PaymentSecurity Verizon Insights Podcast on iTunes Payment security and PCI compliance: What does it mean and how does it help to keep you and your customers safe? Featuring: Mauro Lance, COO – PCI Security Standards Council and Troy Leach, CTO – PCI Security Standards Council Contact us: Paymentsecurity@Verizon.com
  22. 22. Confidential and proprietary materials for authorized Verizon personnel and outside agencies only. Use, disclosure or distribution of this material is not permitted to any unauthorized persons or third parties except by written agreement. Thank you.

×