Payment Processing Online and Within Dynamics GP

1. Payment Processing Online and Within Dynamics GP PCI Compliance and Secure Payment Processing

2. Presenter • Giuseppe Ianni • Director of Sales & Marketing at Azox • 6 Years channel management experience • 8 years of ecommerce and payment processing experience

3. Session Objective • Inform, train and present options for solving/ automating electronic payment processing needs using Dynamics GP or a website • Understand the impact of PCI compliance mandates and cardholder security requirement for companies

4. Agenda • PCI Compliance: Security issues facing merchants • Processing payments within Dynamics GP and online • Live Solution Tutorial • Questions?

5. Win a $50 Gift Card • First person to write their credit card information and pass it forward will win. • Don’t worry, your credit card information will not be used. • Don’t ever write down your credit card information! CARDHOLDER Jeff Smith CC # 1234 5678 9123 4567 CVV2 123

6. Security Issues Facing Merchants • Payment card info is sensitive so why would anyone freely pass around their information • PCI compliance mandates were created to protect cardholder data from being compromised. • Merchants must use PA-DSS validated software to adhere to PCI-DSS requirementsor face: • Losing the ability to process credit card payments • Being fined • Being audited

7. PCI Compliance: Security Issues Facing Merchants • Refers to the Payment Card Industry Data Security Standard (PCI DSS) • Formed to help prevent organizations that process credit cards from credit card data breaches • PA-DSS (Payment Application Data Security Standard) refers to the payment applications themselves (Azox Credit Card Extension) that store, process or transmit cardholder data.

8. 12 Steps to PCI Compliance

9. 12 Requirements Build and Maintain a Secure Network • Install and Maintain a firewall configuration to protect cardholder data. • Do not use vendor-supplied defaults for system passwords & other security parameters. Protect Cardholder Data • Protect stored cardholder data • Encrypt transmission of cardholder data across open, public networks Maintain a Vulnerability Management Program • Use and regularly update anti-virus software • Develop and maintain secure systems and applications Implement Strong Access Control Measures • Restrict access to cardholder data by business need-to-know • Assign a unique ID to each person with computer access • Restrict physical access to cardholder data Regularly Monitor and Test Networks • Track and monitor all access to network resources and cardholder data • Regularly test security systems and processes Maintain an Information Security Policy • Maintain a policy that addresses information security

10. Processing Credit Cards • Available in Sales Order Processing & Receivable Management modules. • Users can lookup and select multiple credit cards/customer • Transaction Types: authorization, post-authorization, sale, void/credit, or return

11. Managing Credit Card Info • Customer credit card information is stored encrypted in the Customer Credit Card Maintenance Window

12. Tokenization • Allows companies to store sensitive customer credit card data off site. • Reduces the scope of PCI Compliance for companies.

13. Live Solution Tutorial • Authorize a credit card in Dynamics GP • Charge a credit card in Dynamics GP • Batch Process credit card transactions in Dynamics GP • Show online payment processing and payment date pushed back securely into Dynamics GP.

14. Q&A

15. Contact Giuseppe Ianni Director of Sales gianni@azox.com www.azox.com Office: 734-928-6004 Mobile: 734-233-1175 Fax: 734-928-6070 Azox, Inc. 45550 Helm St. Plymouth, MI 48170