Training and Monitoring Your Checkout Personnel

Training and Monitoring Your Checkout Personnel

Recently CCS had a customer call about a problem with two purchases and credit/debit payments.

A Short overview:

Customer A finished shopping, made a $50 purchase and left. She did not get a receipt.

Customer B was next at the checkout. He made his $110 purchase and left with a receipt.

Later that day, Customer A called and said she was charged $110 on her debit card when it should have been $50. Our customer reviewed their system and could not find a ticket for Customer A. They did find the ticket for Customer B and on the Secure Pay payment portal saw that Customer B was billed to Customer A’s card.

What had happened? Luckily our customers have surveillance cameras over their registers. They went back and reviewed the transactions for that period.

They were able to see that the clerk had not finished the 1st transaction. So Customer A had not received a receipt. Instead of completing or clearing the complete Customer A transaction, the clerk just deleted the line items. The clerk rang up Customer B on the same ticket, and since the payment was still attached to it, Customer A’s card was charged.

Luckily by having the cameras, they were able to solve the problem. Are cameras something you should consider to ensure proper checkout activities?

Some additional training would be a good idea for the clerks. CCS has a full suite of classroom, onsite, and Webinar training offerings. A firm policy that every customer gets a receipt – either paper or email should be implemented. Therefore, a transaction is always completed for each customer.

Marilyn

New TLS Patch Coming for 8.5.2.1

 

ViewPoint Newsletter | NCR
New TLS Patch Coming for V8.5.2.1 March 6th

Payment Card Industry Data Security Standards (PCI DSS) require all PA-DSS validated payment applications to discontinue the use of “early TLS” (i.e., all versions of SSL and TLS 1.0) by June 30th, 2018. For more information on this, please refer to the TLS 1.2 transition document. 

To comply with this requirement, NCR Secure Pay will no longer accept early TLS connections after 2:30 A.M. on June 5th, 2018. In addition to the previously mentioned updates to NCR Counterpoint V8.5.4 and V8.4.6, we will also be releasing a patch for V8.5.2.1 . Releases will are scheduled as follows: 

  • V8.5.4 Patch 002: Scheduled for 2/20/2018
  • V8.4.6.19 Service Pack: Scheduled for 3/6/2018
  • V8.5.2.1 Patch: Scheduled for 3/6/2018

We do not plan to release patches or Service Packs to support TLS 1.2 in other versions of NCR Counterpoint.

To prepare for the transition to TLS 1.2, you must first ensure that TLS 1.2 is supported and enabled on your workstations by following the appropriate steps for your operating system, as outlined in our TLS 1.2 transition document. 

Marilyn.

Getting Ready For Transport Security Layer (TLS) 1.2

GETTING READY FOR TLS 1.2

Payment Card Industry Data Security Standards (PCI DSS) require all PA-DSS validated payment applications to discontinue the use of “early TLS” (i.e., all versions of SSL and TLS 1.0) by June 30th, 2018.

To comply with this requirement, NCR Secure Pay will no longer accept early TLS connections after 2:30 A.M. on June 5th, 2018. In addition, updates to NCR Counterpoint V8.5.4 and V8.4.6 that will require the use of TLS 1.2 for payment transactions processed through NCR Secure Pay will be released as follows:

  • V8.5.4 Patch 002: Scheduled for 2/20/2018
  • V8.4.6.19 Service Pack: Scheduled for 3/6/2018

We do not plan to release patches or Service Packs to support TLS 1.2 in other versions of NCR Counterpoint. To prepare for the transition to TLS 1.2, you must first ensure that TLS 1.2 is supported and enabled on your

workstations by following the appropriate steps for your operating system, as outlined below.

 Do NOT disable early TLS on your workstations, as NCR Counterpoint Services (CPServices) requires TLS 1.0 for internal communications. Because PCI DSS prohibits the use of early TLS for the external communication of payment transactions only, using TLS 1.0 with CPService does not violate PCI-DSS compliance.

CPServices will be updated to use TLS 1.2 in a future NCR Counterpoint release.

Once TLS 1.2 is enabled, you can install V8.5.4 Patch 002 or the V8.4.6.19 Service Pack—depending on which version of NCR Counterpoint you are using—to begin using TLS 1.2 for all communications with NCR Secure Pay.

  V8.5.4 Patch 002 and the V8.4.6.19 Service Pack will only work with TLS 1.2. If you install these updates on a workstation for which TLS 1.2 is not supported and enabled, NCR Counterpoint will be unable to connect to NCR Secure Pay and you will be unable to process payments.

W I N D O WS 8. 1/ W I N D O W S 1 0 / W I N D O W S  S E R V E R 2 01 2 R 2

By default, TLS 1.2 is supported and enabled in Windows 8.1, Windows 10, and Windows Server 2012 R2. Thus,

no additional configuration is required to use TLS 1.2 with these operating systems.

W I N D O S 7/ W I N D O W S  E M B E D D E D  P O S  R EA D Y  7 / W I N D O W S  S E R V E R  2 0 0 8 R 2

If your NCR Counterpoint workstations are running Windows 7, Windows Embedded POSReady 7, or Windows

Server 2008 R2, first ensure that you have installed all current Service Packs, updates, and security patches.

To enable TLS 1.2, create the registry setting entries (in the Client subkey) that are specified in the TLS 1.2

section of the Transport Security Layer (TLS) registry settings page in the Microsoft documentation library

(https://docs.microsoft.com/en-us/windows-server/security/tls/tls-registry-settings#tls-12).

Every effort has been made to ensure the accuracy of this document. NCR makes no representations or warranties with respect to any of the information contained in this document and specifically disclaims any express or implied warranties of merchantability or fitness for a particular purpose with respect to such information. NCR shall not be liable for any errors or for incidental, indirect or consequential damages in connecting with the furnishing, performance or use of this document.

V E R I FY I N G  T H A T  T L S 1 .2  I S  E N A B L E D

If you are using Windows 7, Windows Embedded POSReady 7, or Windows Server 2008 R2, you can verify whether TLS 1.2 is supported and enabled on each of your NCR Counterpoint workstations by using Microsoft Internet Explorer to access the How’s My SSL? Website (https://howsmyssl.com).

Only use Internet Explorer to verify that your workstation is using TLS 1.2; other browsers do not use the Windows TLS system and may display incorrect results.

The Version section of the page should indicate that your client is using TLS 1.2, as illustrated below.

W I N D O W S  E M B E D D E D  P O S  R E A D Y  2 0 0 9

NCR does not currently plan to test or support TLS 1.2 with Windows Embedded POSReady 2009. Although Microsoft has indicated that an update will be made available to support TLS 1.2 with Windows POSReady 2009 (https://cloudblogs.microsoft.com/microsoftsecure/2017/10/05/announcing-support-for-tls-1-1-and-tls-1-2-in- xp-posready-2009/), merchants who wish to continue using POSReady 2009 must do so at their own risk.

We strongly recommend upgrading any workstation that is running Windows POSReady 2009 to a newer, supported operating system.

Marilyn.

Benefits of NCR Secure Pay

Benefits of NCR Secure Pay

Without P2PE Hardware

NCR Secure Pay offers added security even when it is employed without Point-to-Point Encrypting (P2PE) Hardware.

Tokenization
The way card information is stored in your retail location is a key component of security. You need to ensure that you are storing cardholder information securely at all locations in your retail environment.

NCR Secure Pay utilizes tokenization, which is the most secure method of credit card data storage, also known as a token replacement. Tokenization allows NCR Counterpoint to store a token instead of an actual card number. If your system were breached, unauthorized users would only find the token information and not the actual card information, which is stored in a token vault hosted by NCR. With
the token, you can access the transaction information as needed for returns and other operations, including a card on file billing, while maintaining a secure system.

Host-Based Settlement
NCR Secure Pay uses host-based settlement, which stores transaction information at NCR’s host, rather than your NCR Counterpoint installation, until settlement. This provides flexibility allowing a settlement to be easily automated from the host or initiated from any web browser by using the NCR Secure Pay merchant portal.

In addition, with a host-based settlement, POS workstations running in “offline” mode can are still able to settle their transactions. This is a great benefit when offline workstations are disconnected for an extended period, such as during large upgrades.

With P2PE Hardware

Point-to-Point Encryption
Transmission of cardholder data between your system and the payment processor can be an area of a weakness that cyber payment criminals target.

To get an approval from a credit processor, card information must travel from the MSR (card reader) through the Point of Sale (POS) application and operating system (OS) to an application which communicates with the credit processor in order to get an authorization. Most systems pass the card data from the MSR unencrypted through the OS to the POS application and encrypt before sending the
approval communication to the credit processor.

With the addition of P2PE Hardware, NCR Secure Pay enables you to encrypt directly by the MSR hardware at the time the card is swiped, rather than solely during the transmission to the credit processor. The encryption happens in the hardware on the MSR device, not inside your NCR Counterpoint system and unencrypted data never exists on your POS network. This ensures sensitive cardholder information is encrypted throughout its lifecycle in your environment, limiting your risk of an unauthorized user scraping that data from memory.
Benefits of NCR Secure Pay

Another difference worth noting with P2PE as compared to traditional encryption is that the encryption and decryption processes use different keys. Even if you have the encrypting key, you can’t decrypt the data because the key to unlock the data is not the same. When using P2PE with NCR Secure Pay, the decryption key does not exist in the store environment, again reducing the risk that sensitive data could
be stolen from the system.

Contact CCS Retail Systems to get started with your NCR Secure Pay Systems.

Marilyn.

NOTICE: PCI DSS Requires Transition to Secure Pay Before April 30th, 2018!

PCI DSS Requires Transition to Secure Pay Before April 30th, 2018!

TSYS and WorldPay Ending CPGateway Support

TSYS will discontinue support for the NCR Counterpoint Gateway (CPGateway) platform on April 30th, 2018. Merchants who are currently processing EDC payments through TSYS via CPGateway are advised to migrate to NCR Secure Pay before this date to ensure they can continue processing without interruption.

In addition, Worldpay will discontinue support for CPGateway within a similar time frame (we will announce the actual date on which CPGateway support will end for Worldpay merchants as soon as it is confirmed). Again, we strongly encourage merchants who are currently processing EDC payments through Worldpay via CPGateway to migrate to a Worldpay (TCMP) account for NCR Secure Pay to avoid any interruptions.

TLS (Transaction Level Security) 1.2 Transition

Getting Ready for TLS 1.2 (Check My TLS Status)

Payment Card Industry Data Security Standards (PCI DSS) require all PA-DSS validated payment applications to discontinue the use of “early TLS” (i.e., all versions of SSL and TLS 1.0) by June 30th, 2018.

To comply with this requirement, NCR Secure Pay will no longer accept early TLS connections after 2:30 A.M. on June 5th, 2018. In addition, updates to NCR Counterpoint V8.5.4 and V8.4.6 that will require the use of TLS 1.2 for payment transactions processed through NCR Secure Pay will be released as follows:

  • V8.5.4 Patch 002: Scheduled for 2/20/2018
  • V8.4.6.19 Service Pack: Scheduled for 3/6/2018

NCR does not plan to release patches or Service Packs to support TLS 1.2 in other versions of NCR Counterpoint.

To sign up for an NCR Secure Pay account, Contact CCS Retail Systems  ASAP.

Marilyn.

Using The Passport Payroll and a Time Clock Function

Using The Passport Payroll and a Time Clock Function

Meet TimeClick 2018

Rated the best time clock software by Top Ten Reviews, TimeClick is a simple to use time clock program that allows employees to clock in and out from their computers. It keeps detailed records of all time worked for as long as the user wishes and allows reporting of any time period asked for. TimeClick works with Passport’s PBS Payroll to simplify payroll preparation.

And now, new TimeClick 2018 features a sleek interface that makes it easy for any employee to clock in/out, switch departments or jobs, review messages, view current hours, all on one customizable screen.

Real-time reporting allows instant viewing of employee hours and prevents unwanted overtime by using employee schedules with “early” clock in prevention.

Employees can be assigned to jobs and departments to break down hours worked into different categories and track where time is being expended.

Depending on settings, employees are able to access the Employee Options Menu, which allows employees to send/receive messages, request Vacation, Sick, or PTO off, receive notifications and submit missed time requests. This simple messaging system allows for easy communication!

Contact CCS Retail Systems to explore how a Time Clock can streamline your payroll operations efficiency and accuracy.

Marilyn

CCS Achieves NCR Centurion Club Status

CCS Achieves NCR Centurion Club Status

NCR monitors the performance of its channel partners such as CCS Retail Systems, Inc.  Achieving Centurion Club Staus at CCS helps us maintain the best relationship possible with NCR.  This status ensures we get priority in pricing, discounts, shipping, and support from NCR for our customers.  We wish to thank all of our customers who helped make it possible for us to provide the maximum leverage of NCR resources to pass on to all customers.

“I wanted to congratulate you on meeting the Q4 Centurion Club requirements for 2017.  I also wanted to officially recognize CCS Retail Systems, Inc. and personally take the opportunity to say thank you for putting up a great Q4.

Best,

Jason Skolak
Channel Account Manager – Retail Solutions Division”

Marilyn

GDPR – The General Data Protection Regulation Compliance Requirements

GDPR – The General Data Protection Regulation

The GDPR imposes rules on organizations that offer goods and services to people in the European Union (EU), or that collect and analyze data tied to EU residents, no matter where those businesses are located. Among the key elements of the GDPR are the following:

Enhanced personal privacy rights – strengthened data protection for residents of the EU by ensuring that they have the right to access their personal data, to correct inaccuracies in that data, to erase that data, to object to processing of their personal data, and to move it

Increased duty for protecting personal data – reinforced accountability of organizations that process personal data, providing increased clarity of responsibility in ensuring compliance

Mandatory personal data breach reporting – organizations that control personal data are subject to stringent reporting and notification requirements in the event of a personal data breach

Significant penalties for non-compliance – steep sanctions, including substantial fines that are applicable whether an organization has intentionally or inadvertently failed to comply November Accelerate Your GDPR Journey 2017 13

As you might anticipate, the GDPR may have a significant impact on your business, potentially requiring you to update privacy policies, implement and strengthen data protection controls and breach notification procedures, deploy highly transparent policies, and further invest in IT and training.

If your company has business transactions that involve European Union (EU**) Companies or customers, you can contact CCS Retail Systems to help you plan how to avoid GDPR penalties before this regulation is enacted on May 25th, 2018.

**EU Austria, Belgium, Croatia, Bulgaria, Cyprus, CzechRepublic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxemburg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, United Kingdom
 
 

Marilyn McCormick

New Technology Requires Changes

New Technology Requires Changes

Have you ever had problems with your computer, like extreme slowness, after an update was applied? This problem happened to me a few days ago on my home computer, and I was perplexed as to what was going on. I had not done anything unusual on my PC, yet it was struggling to load anything.

Bryan, one of our great techs, checked it out for me and found that the memory was not sufficient to handle the update. The machine was also aging, so that complicated the issue. Additional memory was inserted, and it immediately solved the problem.

This kind of situation can happen in the office environment, also. Machines, as well as software, need to be updated as new technology increases the load. Sometimes a quick fix will correct the issue, but sometimes the machine itself will need to be replaced. Think of it this way: Would you like to try using an old rotary dial telephone with a party line in the age of smartphones?

Luckily, you can call us for assistance if something isn’t working right. Our techs have years of experience working with both POS Systems and Operating Systems. They can effectively pinpoint the problem and work with you to provide the best solution.

Our phone number is 425-672-4806, or you can email us. Solve that problem today!

Marlene

PROTECTING AGAINST MALWARE ATTACKS

PROTECTING AGAINST MALWARE ATTACKS

Retailers need to have computerized operations and eCommerce capabilities to be successful in today’s highly competitive markets.  With this environment comes the risks of Malware invasions.  The use of Viruses, Scareware, and Ransomware by cybercriminals, hackers, and spammers is on the rise.   A successful Malware invasion can cripple your business very quickly – in a matter of minutes.  In the worst case, you can lose all your files without recourse.  We suggest you secure your systems sooner than later.  A Malware invasion will cost a lot more than invasion protection software and equipment.

To protect your operations against these Malware invasions there are several steps we recommend at CCS Retail Systems.

  1. Create a detailed profile of all your computer systems assets to use in developing a comprehensive security and invasion recovery plan.
  2. Setup a comprehensive firewall with aggressive Malware filtering.
  3. Schedule image backups of all your systems to use in invasion recovery.
  4. Scan all your systems with comprehensive malware detection software on a daily basis.
  5. Have System and IT Support review the CVE (https://cve.mitre.org/) cybersecurity vulnerability database lists regularly for developing threats. 
  6. Analyze system and application logs for suspicious activity.
  7. Restrict access by location, user, and level.
  8. Age Passwords regularly to prevent intrusions.
  9. Distribute prevention, invasion detection, and invasion recovery management policies and procedures to all managers and employees.
  10. Coordinate with CCS Retail Systems to make sure your plans are complete.
  11. Contact CCS Retail Systems IMMEDIATELY if an invasion is suspected.
  12. Regular Status Meetings to ensure compliance and make adjustments.
  13. Ensure your company has Corporate Identity Monitoring and Protection.

CCS has Malware Invasion Recovery Technicians to help you develop your prevention, invasion detection, and invasion recovery plans.   CCS technicians can recommend appropriate software, hardware, and best practices for management and users.

Contact CCS Support for comprehensive assistance.

Marilyn