DOCSLIB.ORG

STATE of MICHIGAN CENTRAL PROCUREMENT SERVICES Department of Technology, Management, and Budget 525 W

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
STATE of MICHIGAN CENTRAL PROCUREMENT SERVICES Department of Technology, Management, and Budget 525 W STATE OF MICHIGAN CENTRAL PROCUREMENT SERVICES Department of Technology, Management, and Budget 525 W. ALLEGAN ST., LANSING, MICHIGAN 48913 P.O. BOX 30026 LANSING, MICHIGAN 48909 CONTRACT CHANGE NOTICE Change Notice Number 1 to Contract Number 200000002198 Program Fidelity Information Services, LCC Manager Various MDHHS CONTRACTOR 601 Riverside Avenue STATE Jacksonville, FL 32204 Administrator Kim Bynan Contract Joy Nakfoor DTMB 414-577-9861 (517) 249-0481 [email protected] [email protected] VC0006630 CONTRACT SUMMARY ELECTRONIC BENEFITS TRANSFER (EBT) FOR SNAP AND WIC PROGRAMS INITIAL EFFECTIVE DATE INITIAL EXPIRATION DATE INITIAL AVAILABLE OPTIONS EXPIRATION DATE BEFORE November 1, 2020 September 14, 2027 1 - 3 Year September 14, 2027 PAYMENT TERMS DELIVERY TIMEFRAME N/A ALTERNATE PAYMENT OPTIONS EXTENDED PURCHASING ☐ P-Card ☐ PRC ☐ Other ☐ Yes ☒ No MINIMUM DELIVERY REQUIREMENTS N/A DESCRIPTION OF CHANGE NOTICE OPTION LENGTH OF OPTION EXTENSION LENGTH OF EXTENSION REVISED EXP. DATE ☐ ☐ September 14, 2027 CURRENT VALUE VALUE OF CHANGE NOTICE ESTIMATED AGGREGATE CONTRACT VALUE $22,655,691.55 $0.00 $22,655,691.55 DESCRIPTION Effective August 24, 2021, the new Go Live date is August 29, 2021. As of the Go Live, pricing is updated to: - SNAP CSR Cost per Minute is $0.699 (per the attached Schedule B – MDHHS SNAP Pricing, II. Call Center/Telecommunication). - WIC Cost per Case Month is $0.414 (per the attached Schedule B – MDHHS WIC Pricing, A. Cost Per Case Month). All other terms, conditions, specifications and pricing remain the same. Per contractor and agency agreement, and DTMB Central Procurement approval. CHANGE NOTICE NO. 1 TO CONTRACT NO. 200000002198 Program Managers for Multi-Agency and Statewide Contracts AGENCY NAME PHONE EMAIL MDHHS Andrew Piper 517-241-9881 [email protected] MDHHS Christina Herring 517-335-8448 [email protected] CN 1 – 200000002198 SCHEDULE B PRICING SCHEDULE B – MDHHS SNAP Pricing II. CALL CENTER / TELECOMMUNICATION Transaction Type Est. Monthly Usage Cost Annual Cost Payphone charges (per call) 300 $0.75* $2,700 IVRU Cost Minute 1,800,000 $0.0350 $756,000.00 CSR Cost per Minute 140,000 $0.6990 $1,174,320.00 Total $1,933,020.00 * The FDC controls the rate of Payphone charges. FIS will pass thru the FDC rate to the State. The current rate is $0.75/call, however, this rate may change at any time based on FDC decisioning. SCHEDULE B – MDHHS WIC Pricing A. Cost Per Case Month WIC Cost Per Case Est. Annual Cost Per Case Annual Cost Total Contractual (Household) Month Usage (Household) Cost (7 years) WIC Cost Per Case Month 130,000 $0.414 $622,440.00 $4,357,080.00 STATE OF MICHIGAN PROCUREMENT Department of Technology, Management & Budget – Central Procurement Services 525 W Allegan St, Lansing, MI 48933 P.O. Box 30026, Lansing, MI 48909 NOTICE OF CONTRACT NOTICE OF CONTRACT NO. 200000002198 . between THE STATE OF MICHIGAN and Various DHHS Fidelity Information Services, LLC (FIS) 601 Riverside Avenue Program Manager Jacksonville, FL 32204 Joy Nakfoor DTMB - Kim Bynan STATE CPS (414) 577-9861 517-249-0481 Contract CONTRACTOR [email protected] Administrator [email protected] VC0006630 CONTRACT SUMMARY DESCRIPTION: Electronic Benefits Transfer (EBT) for SNAP and WIC programs INITIAL AVAILABLE EXPIRATION DATE BEFORE INITIAL EFFECTIVE DATE INITIAL EXPIRATION DATE OPTIONS CHANGE(S) NOTED BELOW November 1, 2020 September 14, 2027 1 – 3 year PAYMENT TERMS DELIVERY TIMEFRAME Net 45 N/A ALTERNATE PAYMENT OPTIONS EXTENDED PURCHASING ☐ P-card ☐ Payment Request (PRC) ☐ Other ☐ Yes ☒ No MINIMUM DELIVERY REQUIREMENTS N/A MISCELLANEOUS INFORMATION THIS IS NOT AN ORDER: This Contract Agreement is awarded on the basis of our inquiry bearing the Solicitation # 190000001593. Orders for delivery will be issued through the issuance of a Delivery Order (DO). ESTIMATED CONTRACT VALUE AT TIME OF EXECUTION $ 22,655,691.55 CONTRACT NO. 200000002198 Program Managers for Multi-Agency and Statewide Contracts AGENCY NAME PHONE EMAIL MDHHS - SNAP Andrew Piper Office: (517) 241-9881 [email protected] Cell: (517) 285-8747 MDHHS - WIC Christina Herring-Johnson Office: (517) 335-8448 [email protected] Cell: (517) 243-7930 0 CONTRACT NO. 200000002198 FOR THE CONTRACTOR: Company Name Authorized Agent Signature Authorized Agent (Print or Type) Date FOR THE STATE: Signature Name & Title Agency Date 1 Contract # 200000002198 STATE OF MICHIGAN Electronic Benefit Transfer (EBT) for Food and Cash Benefit Services and Women, Infants and Children (WIC) for MDHHS Table of Contents Title Page Standard Contract Terms 5 Schedule A – Statement of Work Background 23 Scope 24 1. Requirements 1.1. General Requirements 24 1.2. Special Requirements 27 1.3. Technical Environment 28 1.4. Deliverables 29 1.5. Errors 30 1.6. Functional Requirements 30 1.7. Performance and Technical Standards 30 1.8. System ease of use 30 1.9. Minimum card requirements 30 1.10. POS terminals 30 1.11. Transaction receipts 30 1.12. Performance bonding 31 1.13. Minimum transaction set 31 1.14. Interoperability 31 1.15. Concentrator Bank Responsibilities 31 1.16. Re-Presentation 31 1.17. Store and Forward 31 1.18. State Agency Requirements for Photo EBT Card Implementation 31 1.19. SNAP EBT Card Issuance 31 1.20. WIC Technical Implementation Guide 32 1.21. SNAP EBT Card Replacement 32 1.22. Activate Michigan SNAP EBT Card 32 1.23. De-Activate Michigan SNAP EBT Card 32 1.24. SNAP EBT Card Suspension for Invalid PIN Attempts 34 1.25. SNAP EBT Issue PIN 34 1.26. SNAP EBT Assign PIN 34 1.27. SNAP EBT Client Account Maintenance 34 1.28. SNAP EBT Transaction Processing 36 1.29. SNAP EBT Retail Merchant Management 39 1.30. SNAP EBT Settlement 40 1.31. Online Application for Administrative and Client Access 42 1.32. Online Application Administrative Access Security 43 2. SNAP EBT Service Requirements 2.1. Card Specifications (SNAP and WIC) 43 2.2. Card Security Specifications 45 2.3. SNAP EBT PIN Issuance and Management 46 2.4. SNAP EBT Benefit Access via the Card 47 2.5. Processing Technology 47 2.6. SNAP EBT EBT Account Structure 48 1 Contract # 200000002198 2.7. EBT Account Types 49 2.8. EBT Account Number 49 2.9. SNAP EBT Primary Program Designation for Cash Withdrawals 50 2.10. System Interface Requirements 50 2.11. Equipment Services 50 2.12. Administrative Transaction Functionality 50 2.13. Authorized Representatives 50 2.14. Terminal Deployment in Authorized Food Assistance Stores 51 2.15. Contractor Marketed POS Services and Terminals 52 2.16. Third Party Processors (TPP) 52 2.17. POS Terminal Processing Standards 52 2.18. POS Terminal Support Services 53 2.19. Merchant Agreements 53 2.20. Regulatory Provisions 53 2.21. Application of EBT POS Functionality 53 2.22. Transaction Fee Accounting 53 2.23. Adding Program Benefits to an Existing Card 54 2.24. SNAP EBT Replacement issuances and cards to households 54 3. Interface Requirements 54 3.1. Server to Server 54 3.2. Recipient and Benefit Identification 54 3.3. SNAP EBT Transaction Processing 55 3.4. Access Device 55 3.5. Online Communications 55 3.6. WIC EBT System Design and Interface Considerations 55 4. Women, Infants, and Children (WIC) EBT Requirements 59 4.1. Account Set-up and Benefit Authorization 59 4.2. Card Issuance/Replacement and PIN Selection 60 4.3. Training and Training Materials 61 4.4. Client Account Management 62 4.5. Transaction Processing 66 4.6. Customer Service 69 4.7. WIC Authorized Vendor Participation 69 4.8. WIC EBT Settlement 71 4.9. WIC EBT Base Service Requirements 71 5. Training and Training Materials 75 6. Service Level Agreements (SLAs) 6.1. Time Frames 78 6.2. Additional Regulatory Requirements 78 6.3. Acceptance 85 6.4. Testing Requirements 86 7. Staffing 7.1. Work Hours 87 7.2. Key Personnel 87 7.3. Customer Service Toll-Free Number 89 7.4. Project Management Staffing 89 7.5. Disclosure of Subcontractors 89 7.6. Meetings 90 8. Customer Service 8.1. Required Service Groups 90 8.2. Customer Service Performance Reports 92 8.3. Customer Service Performance Standards 93 9. Project Management/Project Implementation Plan 94 2 Contract # 200000002198 9.1. EBT Project Schedule 94 9.2. Project Wide Conversion and Implementation Plan 95 9.3. Design Phase 96 9.4. Development Phase 98 9.5. Transition Phase 101 9.6. Operations Phase 104 9.7. Reports 104 9.8. Issue Management 105 9.9. Risk Management 105 10. Escalation and Vendor Performance 105 11. Reports 106 12. IT Specific Standards 12.1. IT Policies, Standards and Procedures (PSP) 113 12.2. Enterprise IT Policies, Standards and Procedures 113 12.3. Secure Web Application Standard 113 12.4. Secure Application Development Life Cycle (SADLC) 113 12.5. Acceptable Use Policy 114 12.6. Look and Feel Standard 114 12.7. Mobile Responsiveness 114 12.8. ADA Compliance 114 12.9. Federation/Single Sign-on (SSO) 114 12.10. End-User Operating Environment 114 12.11. Web Browsers 114 12.12. Mobile 115 12.13. Security 115 12.14. Capacity 115 12.15. Access Control and Audit 115 12.16. Hosted Services 116 12.17. SUITE Documentation 116 12.18. Agency Specific Standards 117 13. Pricing 13.1. Price Term 117 13.2. Price Changes 117 13.3. Additional Price Conditions 118 14. Ordering 118 15. Invoice and Payment 15.1. Invoice Requirements 118 15.2. Payment Methods 118 16. Security and Audit Requirements 118 Schedule B – Pricing and Fees 128 Schedule E – Support Services and Service Level Agreement for Hosted Services 142 Exhibit 1 to Schedule E (as applicable) – Contractor Hosted Software and Services 148 Schedule F (as applicable) – Data
Load more

Recommended publications
  • POS Interface Specifications ISO 8583 (1987 Version)
    POS Interface Specifications ISO 8583 (1987 version) Prepared by: Nigeria Inter – Bank Settlement System (NIBSS) Version: 1.16 August 07, 2018 Page 1 of 64 POS ISO 8583 Interface Specification TABLE OF CONTENTS POS INTERFACE SPECIFICATIONS .................................................................................... 1 ISO 8583 (1987 VERSION) ............................................................................................... 1 DOCUMENT CONTROL .................................................................................................... 3 1. INTRODUCTION ....................................................................................................... 4 2. EXTERNAL MESSAGE TYPES ........................................................................................ 5 2.1 PROTOCOL ............................................................................................................ 5 2.2 BITMAP .................................................................................................................... 5 2. 3 SUPPORTED MESSAGE TYPE ......................................................................................... 5 3. EXTERNAL MESSAGE TYPE LAYOUTS ........................................................................... 6 3.1 AUTHORIZATION REQUEST/REPEAT (0100) ..................................................................... 6 3.2 AUTHORIZATION REQUEST RESPONSE (0110) .................................................................. 7 3.3 FINANCIAL REQUEST/REPEAT (0200) ..........................................................................
    [Show full text]
  • Pre-Solicitation Instructions
    CALIFORNIA DEPARTMENT OF TECHNOLOGY PRE-SOLICITATION INSTRUCTIONS TO: All Interested Bidders RE: Pre-Solicitation Feedback DATE: November 9, 2016 The California Department of Technology (CDT) requests feedback and/or questions on the following Pre- Solicitation documents. FOR: ELECTRONIC WOMEN, INFANT AND CHILDREN MANAGEMENT INFORMATION SYSTEMS (eWIC MIS) PRE-SOLICITATION REVIEW 1. eWIC MIS Project Request for Proposal (RFP) in its entirety a. Part 1 – Bidders Instructions b. Part 2 – Bidders Response 2. Exhibit 22 – Cost Workbook Please note these documents are drafts and are subject to change. GENERAL QUESTIONS If the answer is yes to any of the questions below, please explain. 1. Are there any requirements for which assumptions are required to be made to provide a response? 2. Are there areas in the Statement of Work (SOW) that you believe are not clear? 3. Are there any Sections which are inconsistent and/or contradictory? 4. Is any additional information needed to prepare a response? REQUIREMENTS 1. Are there any requirements too onerous or which may result in unnecessary costs or risks to the State? If so, please indicate which ones and explain why. 2. Are there any requirements which may prevent you from submitting a response? If so, what are they, and why would they prevent you from responding? 3. Are there any requirements which may make it difficult to implement the solution by April 1, 2020? If yes, why? OTHER 1. Please provide a Rough Order of Magnitude (budgetary estimate) of the total costs for the solution required by this RFP. 2. Please review Section 5, Cost (Part 2) and Exhibit 22, Cost Worksheet, of the RFP and provide input on whether the Section and worksheet(s) are clear, concise, complete, and easy to use.
    [Show full text]
  • Technical Standards Catalogue VERSION 6.2
    e-Government Technical Standards Catalogue VERSION 6.2 FINAL September 2005 Technical Standards Catalogue / version 6.2 final / September 2005 1 CONTENTS 1 INTRODUCTION ...........................................................................................................................3 2 CHANGES FROM PREVIOUS VERSION..................................................................................4 3 ISSUES UNDER CONSIDERATION............................................................................................5 4 INTERCONNECTION ...................................................................................................................7 TABLE 1 SPECIFICATIONS FOR INTERCONNECTIVITY.......................................................................7 TABLE 2 SPECIFICATIONS FOR WEB SERVICES ..............................................................................10 5 DATA INTEGRATION ................................................................................................................16 TABLE 3 SPECIFICATIONS FOR DATA INTEGRATION ...........................................................................16 6 CONTENT MANAGEMENT METADATA ...............................................................................19 TABLE 4 SPECIFICATIONS FOR CONTENT MANAGEMENT METADATA .................................................19 TABLE 5 SPECIFICATIONS FOR IDENTIFIERS .......................................................................................20 7 E-SERVICES ACCESS.................................................................................................................23
    [Show full text]
  • Why Is There a Need for GSMA Mobile Money API Specification? a Comparison with Other Industry Standards
    Why is there a need for GSMA Mobile Money API Specification? A comparison with other industry standards July 2020 Copyright © 2020 GSM Association GSMA Mobile Money The GSMA represents the interests of mobile operators The GSMA’s Mobile Money programme works to accelerate worldwide, uniting more than 750 operators with almost the development of the mobile money ecosystem for the 400 companies in the broader mobile ecosystem, including underserved. handset and device makers, software companies, equipment providers and internet companies, as well as organizations For more information, please contact us: in adjacent industry sectors. Web: www.gsma.com/mobilemoney Twitter: @gsmamobilemoney The GSMA also produces the industry-leading MWC events Email: [email protected] held annually in Barcelona, Los Angeles and Shanghai, as well as the Mobile 360 Series of regional conferences. Inclusive Tech Lab: www.gsma.com/lab For more information, please visit the GSMA corporate website at www.gsma.com. Follow the GSMA on Twitter: @GSMA Authors: Viji Pathy, API Architect, Inclusive Tech Lab Bart-Jan Pors, Director, Inclusive Tech Lab, Mobile Money Gareth Pateman, Founding Partner, MFX THE GSMA MOBILE MONEY PROGRAMME IS SUPPORTED BY THE BILL AND MELINDA GATES FOUNDATION Why is there a need for GSMA Mobile Money API Specification? A comparison with other industry standards Contents Executive summary ................................................................................................. 5 01 Introduction ................................................................................................
    [Show full text]
  • Mobile and Contactless Payments Standards Glossary
    Mobile and Contactless Payments Standards Glossary Version 1.0 Publication Date: November 2019 U.S. Payments Forum ©2019 Page 1 About the U.S. Payments Forum The U.S. Payments Forum is a cross-industry body focused on supporting the introduction and implementation of EMV chip and other new and emerging technologies that protect the security of, and enhance opportunities for payment transactions within the United States. The Forum is the only non- profit organization whose membership includes the entire payments ecosystem, ensuring that all stakeholders have the opportunity to coordinate, cooperate on, and have a voice in the future of the U.S. payments industry. Additional information can be found at http://www.uspaymentsforum.org. EMV® is a registered trademark of EMVCo, LLC in the United States and other countries around the world. About the Mobile and Contactless Payments Working Committee The goal of the Mobile and Contactless Payments Working Committee is for all interested parties to work collaboratively to explore the opportunities and challenges associated with implementation of mobile and contactless payments in the U.S. market, identify possible solutions to challenges, and facilitate the sharing of best practices with all industry stakeholders. Copyright ©2019 U.S. Payments Forum and Secure Technology Alliance. All rights reserved. Comments or recommendations for edits or additions to this document should be submitted to: [email protected]. U.S. Payments Forum ©2019 Page 2 Table of Contents 1. Purpose of the Document
    [Show full text]
  • Open Terminal Requirement Specification 2006–07–01
    Technical Reference Guide – Open Terminal Requirement Specification 2006–07–01 Public Version © PBS A/S 1999–2006 i 2006–07–01 Technical Reference Guide – Open Terminal Requirement Specification Version 2.5 How to Contact PBS A/S PBS A/S Lautrupbjerg 10 DK–2750 Ballerup DENMARK Tel.no.: +45 44 68 44 68, att. PE 862 Chip og Terminaler Fax.no.: +45 44 86 09 30 E–mail: [email protected] Web–site: www.pbs.dk Disclaimers Copyright Information This document contains information proprietary to PBS A/S. The informa- tion, whether in the form of e.g. text, schematics, tables, drawings or illustra- tions, must not, without the prior, written consent of PBS A/S, be copied, re- produced or otherwise duplicated, disclosed outside the recipient company or organization or used by the recipient for purposes other than those explic- itly agreed in writing with PBS A/S. This limitation does not limit the recipient’s right to duplicate and use infor- mation contained in the document if such information is received from another source without restriction provided such source is not in breach of an obligation of confidentiality towards PBS A/S. Trademarks PBS and the PBS–logo are registered trademarks of PBS A/S. Dankort, VISA, Eurocard, MasterCard and Maestro names and logos are registered trademarks of PBS A/S and its international partners. Limitation of Liability Under no circumstances shall PBS A/S be liable for any direct incidental, in- direct, special or consequential damages whatsoever (including but not lim- ited to lost profits) arising out of or relating to this document or the informa- tion contained in it, even if PBS A/S has been advised, knew or should have known of the possibility of such damages.
    [Show full text]
  • ISO 8583-1:2003(E) This Is a Free 12 Page Sample
    INTERNATIONAL ISO STANDARD 8583-1 First edition 2003-06-15 Financial transaction card originated messages — Interchange message specifications — Part 1: Messages, data elements and code values Messages initiés par cartes de transaction financière — Spécifications d'échange de messages — Partie 1: Messages, éléments de données et valeurs de code Reference number ISO 8583-1:2003(E) This is a free 12 page sample. Access the full version online. © ISO 2003 www.standards.com.au Copyright ISO www.isostandards.com.au ISO 8583-1:2003(E) PDF disclaimer This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may be printed or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the software products used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below. © ISO 2003 All rights reserved. Unless otherwise specified, no part of this publication may be reproduced or utilized in any form or by any means, electronic or mechanical, including photocopying and microfilm, without permission in writing from either ISO at the address below or ISO's member body in the country of the requester.
    [Show full text]
  • ISO 20022 for Dummies, 2Nd Edition
    ISO 20022 2nd Edition ISO 20022 2nd Edition by The SWIFT Standards Team ISO 20022 For Dummies, 2nd Edition Published by John Wiley & Sons, Ltd The Atrium Southern Gate Chichester West Sussex PO19 8SQ England For details on how to create a custom For Dummies book for your business or organisation, contact [email protected]. For information about licensing the For Dummies brand for products or services, contact BrandedRights&[email protected]. Visit our Home Page on www.customdummies.com Copyright © 2013 by John Wiley & Sons Ltd, Chichester, West Sussex, England All Rights Reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, mechanical, photocopying, recording, scanning or otherwise, except under the terms of the Copyright, Designs and Patents Act 1988 or under the terms of a licence issued by the Copyright Licensing Agency Ltd, 90 Tottenham Court Road, London, W1T 4LP, UK, without the permission in writing of the Publisher. Requests to the Publisher for per- mission should be addressed to the Permissions Department, John Wiley & Sons, Ltd, The Atrium, Southern Gate, Chichester, West Sussex, PO19 8SQ, England, or emailed to [email protected], or faxed to (44) 1243 770620. Trademarks: Wiley, the Wiley logo, For Dummies, the Dummies Man logo, A Reference for the Rest of Us!, The Dummies Way, Dummies Daily, The Fun and Easy Way, Dummies.com and related trade dress are trademarks or registered trademarks of John Wiley & Sons, Inc. and/or its affiliates in the United States and other countries, and may not be used without written permission.
    [Show full text]
  • Security Rules and Procedures Merchant Edition 5 February 2015 Notices
    Security Rules and Procedures Merchant Edition 5 February 2015 Notices Notices Proprietary Rights The information contained in this document is proprietary and confidential to MasterCard International Incorporated, one or more of its affiliated entities (collectively “MasterCard”), or both. This material may not be duplicated, published, or disclosed, in whole or in part, without the prior written permission of MasterCard. Trademarks Trademark notices and symbols used in this document reflect the registration status of MasterCard trademarks in the United States. Please consult with the Customer Operations Services team or the MasterCard Law Department for the registration status of particular product, program, or service names outside the United States. All third-party product and service names are trademarks or registered trademarks of their respective owners. Disclaimer MasterCard makes no representations or warranties of any kind, express or implied, with respect to the contents of this document. Without limitation, MasterCard specifically disclaims all representations and warranties with respect to this document and any intellectual property rights subsisting therein or any part thereof, including but not limited to any and all implied warranties of title, non-infringement, or suitability for any purpose (whether or not MasterCard has been advised, has reason to know, or is otherwise in fact aware of any information) or achievement of any particular result. Without limitation, MasterCard specifically disclaims all representations and warranties that any practice or implementation of this document will not infringe any third party patents, copyrights, trade secrets or other rights. Translation A translation of any MasterCard manual, bulletin, release, or other MasterCard document into a language other than English is intended solely as a convenience to MasterCard customers.
    [Show full text]
  • Security Rules and Procedures—Merchant Edition • 27 February 2020 2 Contents
    Security Rules and Procedures Merchant Edition 27 February 2020 SPME Contents Contents Chapter 1: Customer Obligations........................................................................ 8 1.1 Compliance with the Standards....................................................................................9 1.2 Conflict with Law.........................................................................................................9 1.3 The Security Contact.................................................................................................... 9 1.4 Connecting to Mastercard—Physical and Logical Security Requirements....................... 9 1.4.1 Minimum Security Requirements.........................................................................10 1.4.2 Additional Recommended Security Requirements................................................11 1.4.3 Ownership of Service Delivery Point Equipment.................................................. 11 1.4.4 Component Authentication................................................................................ 11 Chapter 2: Cybersecurity Standards and Programs..................................12 2.1 Cybersecurity Standards............................................................................................. 13 Cybersecurity Minimum Requirement.......................................................................... 13 Cybersecurity Best Practice.......................................................................................... 13 2.1.1 Payment Card Industry
    [Show full text]
  • Guidelines on Cryptographic Algorithms Usage and Key Management
    EPC342-08 Version 8.0 18 December 2018 [X] Public – [ ] Internal Use – [ ] Confidential – [ ] Strictest Confidence Distribution: Publicly available GUIDELINES ON CRYPTOGRAPHIC ALGORITHMS USAGE AND KEY MANAGEMENT Abstract This document defines guidelines on cryptographic algorithms usage and key management. Document EPC342-08 Reference Issue Version 8.0 Date of Issue 18 December 2018 Reason for Issue Publication on EPC website Produced by PSSG Authorised by EPC Conseil Européen des Paiements AISBL– Cours Saint-Michel 30A – B 1040 Brussels Tel: +32 2 733 35 33 – Fax: +32 2 736 49 88 Enterprise N° 0873.268.927 – www.epc-cep.eu – [email protected] © 2016 Copyright European Payments Council (EPC) AISBL: Reproduction for non-commercial purposes is authorised, with acknowledgement of the source Document History This document was first produced by ECBS as TR 406, with its latest ECBS version published in September 2005. The document has been handed over to the EPC which is responsible for its yearly maintenance. DISCLAIMER: Whilst the European Payments Council (EPC) has used its best endeavours to make sure that all the information, data, documentation (including references) and other material in the present document are accurate and complete, it does not accept liability for any errors or omissions. EPC will not be liable for any claims or losses of any nature arising directly or indirectly from use of the information, data, documentation or other material in the present document. 2 EPC342-08 v8.0 Approved Guidelines on cryptographic algorithms usage and key management_final TABLE OF CONTENT MANAGEMENT SUMMARY ....................................................................................................... 6 1 INTRODUCTION ................................................................................................................ 8 1.1 Scope of the document .............................................................
    [Show full text]
  • Standards Analysis Ict Sector Luxembourg
    STANDARDS ANALYSIS ICT SECTOR LUXEMBOURG Version 7.0 · March 2017 · ISSN 2354-483X 2 WHITE PAPER · DIGITAL TRUST · Version 3.0 · October 2016 Executive summary In 2012 the “Institut Luxembourgeois de la Normalisation, de l’Accréditation, de la Sécurité et qualité des produits et services” (ILNAS) initiated an analysis of European and international standards in the Information and Communication Technology (ICT) sector. The aim of this analysis is to develop an information and exchange network for ICT standardization knowledge in the Grand Duchy of Luxembourg. Since 2013, this analysis has been carried out in the frame of the implementation of the “Luxembourg’s policy on ICT technical standardization” (which was last updated in 2015)1. The ICT sector is already involved at the national standardization level with 69 national delegates currently registered by ILNAS2. These delegates participate in standardization technical committees and follow closely the work performed at international level. Moreover, the national delegates also ensure that the views and positions of Luxembourg are understood and known by the technical committees. ILNAS recognizes the effort and support provided by this network of experts. Nevertheless, ILNAS is convinced that this sector could be more represented in terms of delegates and experts in technical standardization, especially since some ICT areas do not yet benefit from a sufficient representation of national delegates (e.g.: Internet of Things, Cloud Computing, Big Data, Smart Cities). Thus, the purposes of this analysis are firstly, to provide useful information to national stakeholders regarding standardization activities in the field of ICT and secondly, to attract and involve them into an integrated and innovative approach of standardization.
    [Show full text]