WPM Payment Acceptance & Security Conference

Helping institutions meet the challenges of compliance and realise the opportunities of improving their approach to accepting payments.

Hilton Manchester Deansgate, 17-18 May 2017

A one-of-a-kind annual opportunity for the higher and further education sector to come together to address Payment Acceptance & Security.

The event is hosted by WPM Education on behalf of the higher education sector, and in conjunction with the PCI DSS Special Interest Group (SIG). The event is free to attend, with residential accommodation being subsidised to maximise the accessibility to all institutions. Typically attracting over 200 attendees from across the country, this year will see the event return to its roots in Manchester.

If you have any questions please call 0844 264 1580 or email pasc2017@wpmeducation.com.

WPM Payment Acceptance & Security Conference

95% of attendees say the PASC met or exceeded their expectations.

80% of attendees discovered new skills to impact their education establishment.

WPM Payment Acceptance & Security Conference

Why Attend?

Find out how the conference can support your role.


Payment Acceptance

Individuals with Finance roles anywhere in the institution which are responsible for the collection of card payments, and especially those who set the institution’s strategic direction around payment collection, will benefit from attending the event. The content is focused on ensuring attendees get a good understanding of the current sector payment acceptance landscape, while providing a wide range of plenary and optional sessions which cover a wide breadth of more specific topics and specific payment methods.

Payment Security

PCI DSS applies anywhere within your institution where debit/credit cards are available as a payment method. Therefore, ensuring PCI DSS compliance within a transactional environment is a key component which an institution needs to get right. The event looks to provide both an introduction and insight into the risks and best practice associated with taking card payments in a compliant way – both online and offline.

Responsible for PCI DSS Compliance

If you work for a higher or further education institution and are responsible for PCI DSS compliance, this is the one event that should be in your calendar. The conference is the premier event for the HE/FE sector for payment security, with a particular focus on attaining and maintaining PCI DSS compliance.

Whether you are completely new to PCI DSS or already compliant, the content covered will be extremely relevant to the start, or indeed continuation, of your compliance journey. Even if you are not yet a member of the PCI DSS SIG you will still greatly benefit from the depth and breadth of detail which is shared my SIG members and external speakers. Although by the end of the event we certainly hope that you will see the benefits in joining the existing SIG members in working together to address, and at least ease, the specific challenges the sector faces around achieving and maintaining compliance.

PCI DSS SIG Members & Internal Security Assessors (ISAs)

The conference is the premier event for the higher education sector for payment security, with a particular focus on attaining and maintain PCI DSS compliance. The content and presentations have been developed with, and in many cases are presented by, the PCI DSS SIG. This is your annual opportunity to network with, and learn from, your peers within the SIG.

Cyber Security

While your role may be at the periphery of the payment processes, and the specific detail of the different controls which are required for PCI DSS, it is nonetheless essential in ensuring that your institution’s networks and systems are protected. Without this protection, PCI DSS compliance is unachievable, and therefore ensuring institutions have suitable representatives from these more specialised areas take the opportunity to benefit from attending this event.

Having attended the event, you will have a much better high level appreciation of the intent of PCI DSS, the need for your institution to ensure compliance in a cost effective/time/resource-effective way, and for involved parties to share an understanding of the end goals.

Don’t take our word for it, hear what previous attendees have to say…?

“Imperative if you want your institution to respond to the changing environment of payments. I feel equipped, tooled up and inspired!.”

“The content of this conference was excellent and has continued to give us more things to think about, both in terms of our PCI compliance, but also PA strategy.”

“Informative, educational, thought-provoking and was a great opportunity to share experiences and best practice with colleagues.”


Time Details
08:00 Registration & Networking
09:15 A Changing Landscape: Introduction to the Conference Holger Bollmann, Director, WPM Education
10:00 Evidence-Based Decision Making in Payment Acceptance Claire Taylor, Principal Consultant, SUMS Consulting
10:30 Morning Break
11:00 Panel Discussion: PCI DSS and the New General Data Protection Regulation (GDPR)
11:45 The Dutch Situation: Insights from the New Personal Data Protection ActKrijn de Mik, Head of Security Research Team, Fox IT
12:20 GDPR - It's Not the Security Issue You Think It Is John Elliott, Head of Payment Security, EasyJet
13:00 Networking Lunch
Security Track International Payments Track
14:00 Fraud & Corruption: What Do They Do With The Money They Steal From You? David Clarke, Trustee Director of the Fraud Advisory Panel and former Detective Chief Superintendent with the City of London Police The Value of Education and How Increasing Numbers of Chinese Students Studying Abroad Impacts the Higher Education System in the UK
14:20 Building Student Engagement Dino Leo, Head of Education, Western Union Business Solutions
14:40 Case Study: University Spear-Phishing Chris Patten, University of Cambridge Client Case Study: International Payments
15:00 Panel Discussion: Security Focused Q&A Panel Discussion: International Payments Q&A
15:40 Afternoon Break
16:00 How Do We Protect Ourselves in the Era of "Internet of Things"Professor Kamal Bechkoum, Head of the School of Business and Computing, University of Gloucestershire
16:20 The Internet of Things and How It Affects PaymentsKen Munro, Partner, Pen Test Partners
17:00 Close
18:30 Networking Drinks
19:30 Networking Dinner & Entertainment
Time Exhibition General Payment
Acceptance & Security
PCI in Practice Your Data, Their Target
  Exhibition – Deansgate 2 & 3 Track 1 – Deansgate 1 Track 2 – Room 2, 3, 4 Track 3 – Room 8 & 9
08:30 Exhibition Open Registration & Networking Registration & Networking Registration & Networking
09:00 Why You Need a Payment Acceptance Strategy, Holger Bollmann, Director, WPM Education Where Do You Have Cardholder Data, Branimir Pacar, Director of PCI and Payment Services, Cognosec GDPR – An Opportunity To Provide Better Services To Citizens and Consumers In An Era Of Increased Complexity And Threat, Gordon Morrison, Director Government Relatons, Inter Security UK (McAfee)
09:40 New Research Insight - Realising The Payment Acceptance Goals Claire Taylor, Principal Consultant, SUMS Consulting PCI DSS - Understand Your Payment Channels Steve Fawcett, University of Manchester Phishing - Social Engineering. What It Is and How It Works, Sec-1
10:20 Getting Paid Now: Reducing The Barriers To Payment Online and On Campus, Nicola Longfield, Director of Small and Medium Business PayPal Virtual Terminals Master Class - PCI DSS SIG Dave Neild, University of Leeds Penetration Testing, Sec-1
10:55 Morning Break Morning Break Morning Break Morning Break
11:30 Exhibition Open Global Payments Workshop ASV Scanning & CHD Scanning Using Nessus PCI DSS SIG: Supporting The Sector and Breach Day Retrospective Matt Ball, PCI DSS SIG Chairman
12:10 Developing Consensus - How To Build A Case For Change Dino Leo, Head of Education, Western Union Business Solutions Update From The PCI Security Standards Council Tom White, PCI SSC Standards Trainer, PCI Security Standards Council Forensics 101 Duncan Slater, Digital Forensics & Incident Response Team Manager, Foregenix
12:45 Lunch Break Lunch Break Lunch Break Lunch Break
13:45 Exhibition Open Card Aquiring Costs - The Review Versus Tender Conundrum Tim Wilding, Director, Finalysis GDPR and PCI DSS Symantec Janet CSIRT and Cyber Securty Frances Burton, Securirty Services Group Manager, JISC Cyber Security Services
14:25 Striking a Balance Neill MacKinnon, Client Services Director, STA International P2PE Practical : P2PE Terminal Management Requirements and Formulating Usage and Handling Policies - Including Identifying How It Is Compliant Paolo Basilio, P2PE Practice Manager, Foregenix Breach Reporting Process Daniel Marsh, Global Payments
15:00 Afternoon Break Afternoon Break Afternoon Break Afternoon Break
15:15 Exhibition Open Payment Acceptance Panel Q&A Panellists: Tim Wilding, Director, Finalysis; Claire Taylor, Principal Consultant, SUMS Consulting; Richard Poynder, Chairman, Smartex SAQ Master Class Paolo Basilio, P2PE Practice Manager, Foregenix Lessons From The Counter Fraud Working Group Matt Sissons, Counter-Fraud Coordinator, British Universities Finance Directors Group (BUFDG)
15:55 Options For Less-Cash Campus Richard Poynder, Chairman, Smartex ISA / QSA / Panel Q&A - Covering Questions on PCI, GDPR, Breach Reporting & Payment Acceptance Panellists: Matt Ball, PCI DSS SIG Chairman; QSA - Duncan Slater, Digital Forensics & Incident Response Manager (EMEA), Foregenix; ISA - Mike Vale, University of Manchester, Paolo Basilio, P2PE Practice Manager, Foregenix  
16:30 Close Close Close Close

Meet Our Sponsors & Exhibitors

Western Union
Global Payments
SUMS Consulting
PCI Security Standards Council
STA International
Fraud Advisory Board

Register Now

The event is free to attend, with residential accommodation being subsidised to maximise the accessibility to all institutions.