The Second Payment Services Directive (PSD2), a key piece of payments-related legislation in Europe, which came into effect on the 13th January 2018, and the EU General Data Protection Regulation (GDPR) will come into force on the 25th May 2018.
PASC 2018 (Payment Acceptance & Security Conference) is the premier annual event for the higher education sector. The UK higher education turnover is in excess of £33bn, of which £10bn is collected directly from students, parents/ guardians, sponsors, alumni and commercial customers. The sector has to ensure the security of payments and personal data for its customers. The 2018 conference will have three key themes; Payment Acceptance (including the opportunities brought about by PSD2), Payment Security and GDPR Compliance.
Individuals with Finance roles anywhere in the institution which are responsible for the collection of card payments, and especially those who set the institution’s strategic direction around payment collection, will benefit from attending the event. The content is focused on ensuring attendees get a good understanding of the current sector payment acceptance landscape, while providing a wide range of plenary and optional sessions which cover a wide breadth of more specific topics and specific payment methods.
PCI DSS applies anywhere within your institution where debit/credit cards are available as a payment method. Therefore, ensuring PCI DSS compliance within a transactional environment is a key component which an institution needs to get right. The event looks to provide both an introduction and insight into the risks and best practice associated with taking card payments in a compliant way – both online and offline.
PCI DSS applies anywhere within your institution where debit/credit cards are available as a payment method. Ensuring that your institution’s networks and systems are protected is a key component which an institution needs to get right. Without this protection, PCI DSS compliance is unachievable, and therefore ensuring institutions have suitable representatives from these areas and take the opportunity to benefit from attending this event.
If you work for a higher or further education institution and are responsible for PCI DSS compliance, this is the one event that should be in your calendar. The conference is the premier event for the HE/FE sector for payment security, with a particular focus on attaining and maintain PCI DSS compliance.
Whether you are completely new to PCI DSS or already compliant, the content covered will be extremely relevant to the start, or indeed continuation, of your compliance journey. Even if you are not yet a member of the HE/FE PCI DSS SIG you will still greatly benefit from the depth and breadth of detail which is shared my SIG members and external speakers. Although by the end of the event we certainly hope that you will see the benefits in joining the existing SIG members in working together to address, and at least ease, the specific challenges the sector faces around achieving and maintaining compliance.
The conference is the premier event for the HE/FE sector for payment security, with a particular focus on attaining and maintain PCI DSS compliance. The content and presentations have been developed with, and in many cases are presented by, the HE/FE PCI DSS SIG. This is your annual opportunity to network with, and learn from, your peers within the SIG. If you are a member of the PCI DSS SIG you will benefit from this.
While your role may be at the periphery of the payment processes, and the specific detail of the different controls which are required for PCI DSS, it is nonetheless essential in ensuring that your institution’s networks and systems are protected. Without this protection, PCI DSS compliance is unachievable, and therefore ensuring institutions have suitable representatives from these more specialised areas take the opportunity to benefit from attending this event.
Having attended the event, you will have a much better high level appreciation of the intent of PCI DSS, the need for your institution to ensure compliance in a cost effective/time/resource-effective way, and for involved parties to share an understanding of the end goals. Often there are many solutions available to a particular, but the answer may well be to stop creating the problem, rather than pursuing a route which is not warranted. You will probably find the plenary sessions of interest, both to allow you to understand your institution’s rationale around payment security, to learn about best practice, and also to get an insight into what happens when things go wrong.
If you did not find your role listed then you are probably from an area in the institution which is not directly responsible for PCI DSS, or indeed involved in an area which could affect compliance. However, you probably have an interest due to legal, HR, compliance, or other reason to find out more.
Get best practices and insights from industry leaders and convert them into powerful, actionable strategies.
Network and share ideas with your industry peers.
Choose from over 25 inspiring breakout sessions and hear case studies and expert panel discussions to build your knowledge.
Meet key players in the industry - to support you on your compliance journey.
|Time||Payment Acceptance & Security Conference Day 1 (incl. HE International Payment Summit)|
|08:00-09:00||Registration and Networking|
|09:00-10:00||Welcome and The HE Payment Acceptance & Security Update 2018 Holger Bollmann, Director, WPM Education & Matt Ball, Chairman, PCI DSS SIG|
|10:00-10:20||Keynote: Payment Acceptance in a Global Context|
|Managing Your Data: GDPR Track||Payment Acceptance Track|
|10:40-11:10||GDPR Compliance - What, How and Who? Stuart Ritchie, Co-Founder, gdpr360||How will PSD2 affect the payments industry? Speaker TBC|
|11:10-11:30||The relationship between the PSD2 and the GDPR Speaker TBC|
|11:30-11:50||Sector Case Study: Dog Licences & GDPR Mike Vale, IT Risk Manager, University of Manchester||Payment Acceptance Session Global Payments|
|11:50-12:10||Beyond GDPR: Making Privacy Business as Usual Elliot Rose, Partner, PA Consulting||Sector Case Study: Improving the online payment experience Speaker TBC|
|12:10-13:00||GDPR Panel Session and Q&A Mike Vale, University of Manchester; Elliot Rose, PA Consulting; Stuart Ritchie, GDPR360 - Moderated by Simon Mander, WPM Education||Payment Acceptance Panel Session and Q&A Panellists TBC - Moderated by Holger Bollmann|
|Managing Your Data: PCI DSS Focus||HE International Payment Summit|
|13:50-14:35||21st Century Risk in a Connected #fakenews World Jason Thomas, Thomson Reuters Special Services||WPM International Payer Research Sheona Griffiths, WPM Education|
|14:35-15:05||Sector Case Study: PCI Compliance from an Office of One Andrea Hendricks, ISA, PCIP, Coorindator eCommerce/PCI, Oklahoma State University||International Students and their Parents - Human Dilemmas and Human Solutions HSBC|
|15:05-15:35||Penetration Testing Speaker TBC||Alipay|
|16:00-16:45||PCI DSS Panel Session and Q&A David Clarke, Trustee Director, Fraud Advisory Panel||International Payments Panel Session and Q&A|
|16:45-17:15||Keynote: Is Your Coffee Machine Making Micropayments to a Hacker Tony Gee, Senior Consultant, Pen Test Partners||End|
|19:30-23:00||Dinner and Entertainment|
|Time||Payment Acceptance & Security Conference Day 2|
|08:00||Registration and Networking|
|Payment Acceptance||PCI DSS||GDPR & Other Topics||Practical Workshops||ISA Focus|
|08:45||The American Express Experience - Charlie Bedson and Ian Carpenter, Sales Managers, American Express||Counter Fraud and Embedding Counter Fraud Practices within Your Own Institutions - David Clarke, Trustee Director, Fraud Advisory Panel||Cisco - Title TBC||ISA Round Table #1 - for PCI DSS SIG ISA's only (Limited capacity - pre-booking required)|
|09:25||PayPal - Title TBC||Elavon - Title TBC||Difficult "Collection" Conversations - Neill Mackinnon, STA International|
|10:05||Visa - Title TBC||Securing VoIP Masterclass - David Jenkins, Managing Director, Foregenix||Data Discovery: PCI DSS and GDPR - Groundlabs||Business World and WPM – A complete solution, Esher Silver, Account Manager, Unit4|
|11:10||HSBC - Title TBC||PCI Compliance Journey Does Not Have to Be Painful and Expensive - Branimir Pacar, Head of Professional Services, Cognosec||Mitigating Data Loss Through Printing - Eric Crump, Director, Ringdale||ISA Round Table #2 - for PCI DSS SIG ISA's only (Limited capacity - pre-booking required)|
|11:45||WeChat and WeChat Pay: The complete Chinese digital ecosystem and forerunner in digital payments - Nick Corby, Director, Ksher Wikaas||Your Acquirer and PCI, SAQ's Reflecting your Payment Practices - Daniel Marsh, Payment Industry Consultant, Global Payments||OneTrust - Title TBC|
|13:45||Detective Constable, Cyber Crimes Unit - Title TBC||Oracle - Title TBC||GDPR Workshop - gdpr360 (Limited capacity - pre-booking required)||ISA Round Table #3 - for PCI DSS SIG ISA's only (Limited capacity - pre-booking required)|
|14:25||Managing Payments in Higher Education – transforming to remain relevant in an ever changing environment - John Lynch, Fexco. Followed by Maximise International Student Revenues and Services - Ian Green, Fexco||Practical 2FA's - Duo|
|15:15||Interchange Plus Plus – Separating the Wood from the Trees - Tim Wilding, Director, Finalysis||Update from the PCI Security Standards Council - Tom White, Standards Trainer, PCI Security Standards Council||GDPR and PCI in a Football Stadium - David Jenkins, Managing Director, Foregenix||GDPR Workshop - gdpr360 (Limited capacity - pre-booking required)||ISA Round Table #4 - for PCI DSS SIG ISA's only (Limited capacity - pre-booking required)|
|15:55||TransferWise - Title TBC||PED's Management and Best Practices- Matt Ball, Chairman, PCI DSS Special Interest Group||JISC and Cyber Security - Frances Burton, Security Services Group Manager, JISC|