International Operators Seminar...Training St t the cl s before the cl s d end the cl s ˙ter the cl...
Transcript of International Operators Seminar...Training St t the cl s before the cl s d end the cl s ˙ter the cl...
Bem-vindo! Bienvenidos!
Bonjour!
Croeso! Foon ying!
Hujambo!
Velkomen! Welkom!
Welcome!
International OperatorsSeminar
Introductions
Hiring & Training
Rates
Payment Cards
Technology Tools
GDS Affiliation
Q & A
Networking Reception
Hiring & Training
Jim Davis & Tom Sabol
We don’t hire to fire
We train and retain
Hiring and Training
Before we can train our employees, we need to hire the right people.
Always review your legal responsibilities prior to proceeding with the hiring process
Here are some “Best Practices” for hiring.
Hiring
� Applicants
� The Job
� The Interview
� Review and Select
Best Practices
How do you gather applicants?
� Referrals
� Media
� Internet
� Schools
� Temp services
Applicants
� Step 1: Analyze the job
� Step 2: What are the job functions
� Step 3: Describe the job
� Step 4: The job is not limited to the description
� Step 5: Finalize the job description
The Job
� Plan ahead
� Set the applicant at ease
� Ask all the same questions
� Avoid “Yes” or “No” questions
� Take notes throughout
� Observe body language
The Interview
� Review legal responsibilities
� Use Evaluation Form
� Transfer rankings from interview
� Compare applicants
� Make selection
� Offer the Job
Review & Select
Me? Train?
But I’m not a trainer…………
Training
Always offer “Core” training� New Hire
� Product Knowledge
� Sales
� Customer Service
Training
Needs Analysis� Make sure training is the solution.
� What is the desired outcome? What does success look like?
� How will you measure results?
� What tools and reports do you need to determine need and measure results?
Training
Six Keys to Successful Training:1. Knowledge “bites”
2. Stick to One Idea
3. Make training part of continuous improvement
4. The 90-20-8 rule
5. Plant training seeds
6. Start the class before the class and end the class after the class
Training
Knowledge “bites”
� Short “knowledge bites” are easier to digest than long form seminars.
� Conduct frequent, short training sessions rather than longer sessions.
Training
Stick to One Idea
� No more than three takeaways.
� Most of us can’t implement the 123 new strategies that we picked up in the last training session.
� Too may tasks or goals mean employees won’t focus on any of them.
Training
Make training part of continuous improvement
� Treat training like a workout regimen
� Training must reflect your culture
� Check for potential conflict between work groups
Training
The 90-20-8 rule
� Adults pay attention for 90-minutes.
� Adults only learn for 20-minutes out of the 90.
� Involve them every 8-minutes in discussion, activities and planning to keep the learning relevant and to keep them engaged.
Training
Plant training seeds
� “I learn more in the break room than I do in training”
� Plant seeds for conversation after the training class
� Create discussion opportunities to foster idea exchange
Training
Training
Start the class before the class and end the class after the class
� Use technology to communicate and discuss training topics before class starts (Twitter, instant messaging).
� Challenge the audience as they arrive to undertake activities or dialog with other members. Get the audience buzzing before you start.
Training
� Mix and mingle with the classroom audience as they arrive. Let them get to know the trainer/facilitator as early as possible. Identify any issues/questions they may have.
� Follow up with technology, contests and incentives to communicate and discuss what was covered.
Contact InformationTom Sabol
813.300.7621
Jim Davis
630.258.1167
Rate Management & Pricing for Profit
Michael DeLorenzoVice President and General Manager
March 2011
Rate Management & Pricing for Profit
A Very Common Pricing Strategy:
“I’ll just set my prices
$1 less than my competitor.”
Rate Management & Pricing for Profit
Leads to A Very Common Pricing Result:
“I’m just not making any money”
Understand your Cost Structure
Components of Vehicle Fixed Cost
Per Vehicle Per Month
1- Depreciation Amount - $360.
2- Interest $ 85.
3- Insurance $ 75.
4- Franchise / Other Cost $ 40.
Monthly Cost
Per Vehicle $560
Choose a Gross Profit Objective
Monthly Cost Per Vehicle $560.
Objective 100% Mark Up $560
$1120.Average Revenue Per Vehicle Per Month Required to Achieve Objective
Historical Utilization
Full Size Car Utilization for March 2010 was 78%.
multiply 31 Days by 78% = 24.18
You will average 24.18 days on rent if you achieve your desired utilization.
Calculate the Average Rate Required
Objective:
Average Monthly Revenue
Per Vehicle ------------------$1120.
Less 15% Optional Item Sales $168.
Net Required Revenue $952.
Divided By -------------------- 24.18
Average Rate Required ----- $39.37to Achieve Objective per day
Average Rate Required
Average Rate Required$39.37to Achieve Objective per day
3 Day Weekend minimum
$39.37 * 3 days * 78% utilization = $93.10
7 Day Weekly minimum
$39.37 * 7 days * 78% utilization = $214.96
Questions ?
Comments ?
Contact InformationMichael DeLorenzoVice PresidentMike @ rentawreck.com(240) 417-1399
Payment Card Industry Data Security Standards,
Chip & PIN / EMV
Roy Blicker, COO
March 2011
Payment Card Industry Data Security Standard
(PCI DSS)
� PCI DSS is a set of comprehensive
requirements* designed for enhancing payment
account data security and protecting customer
account data
� PCI DSS was developed by the founding
payment brands of the PCI Security Standards
Council for the major credit cards.
PCI DSS Overview
ALL MERCHANTS MUST BE PCI DSS COMPLIANT
* Multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures
PCI DSS Requirements
Build & maintain a secure
network
1. Install and maintain a firewall configuration to protect cardholder data.
2. Do not use vendor-supplied defaults for system passwords and other
security parameters.
Protect cardholder data3. Protect stored cardholder data.
4. Encrypt transmission of cardholder data across open, public networks.
Maintain a vulnerability
management program
5. Use and regularly update anti-virus software or programs.
6. Develop and maintain secure systems and applications.
Implement strong access control
measures
7. Restrict access to cardholder data by business need-to-know.
8. Assign a unique ID to each person with computer access.
9. Restrict physical access to cardholder data.
Regularly monitor and test
networks
10. Track and monitor all access to network resources and cardholder data.
11. Regularly test security systems and processes.
Maintain an information
security policy
12. Maintain a policy that addresses information security for employees and
contractors.
PCI DSS Requirements
� The payment industry adopted two data security standards
1. PCI DSS - designed for payment processors, merchants and SaaS ISVs
2. PA-DSS - intended for distributed software applications that process, store, or transmit credit card data
� Independent Software Vendors (ISVs) must
ensure that their integrated payment processing
solutions are compliant with the rigorous
standards of PCI DSS/PA-DSS
PCI DSS and PA-DSS
� ISVs have two major options regarding PCI
Compliance:
1. Obtain PCI DSS/PA-DSS compliance validation through a Qualified Security Assessor (QSA), or;
2. Shift the responsibility of storing, transmitting and processing cardholder data to a PCI DSS compliant payment processor
� ISVs that select option 2 (above) remove the
need for PCI DSS/PA-DSS compliance and
greatly simplify PCI DSS compliance for their customers (merchants).
PCI DSS and PA-DSS
�
The Relationship Between PCI DSS & PA-DSS
PCI DSS requires merchants to list the software application they are running as well as the version number. If an application is not compliant, the merchant is automatically disqualified from meeting PCI DSS requirements. It is critical that Software Providers are PCI DSS/PA-DSS compliant or are out of scope in order for their customers to comply.
PCI DSS
PCI DSS Segment Merchants and Associated Requirements to the Following Four Categories:
Level Merchant Criteria Validation Requirements
1
Merchants processing over 6 million Visa
transactions annually (all channels) or Global
merchants identified as Level 1 by any Visa region.
• Annual Report on Compliance (ROC) by Qualified Security Assessor (QSA)
• Quarterly network scan by Approved Scan Vendor (ASV)
• Attestation of Compliance Form
2Merchants processing 1 million to 6 million Visa
transactions annually (all channels)
• Annual Self-Assessment Questionnaire (SAQ)
• Quarterly network scan by Approved Scan Vendor (ASV)
• Attestation of Compliance Form
3Merchants processing 20,000 to 1 million Visa e-
commerce transactions annually
• Annual Self-Assessment Questionnaire (SAQ)
• Quarterly network scan by Approved Scan Vendor (ASV)
• Attestation of Compliance Form
4
Merchants processing less than 20,000 Visa
e-commerce transactions annually and all
other merchants processing up to 1 million
Visa transactions annually
• Annual Self-Assessment Questionnaire (SAQ)
• Quarterly network scan by Approved Scan Vendor (ASV)
• Compliance validation requirements set by acquirer.
Consequences of Non-Compliance
� Damage to merchant’s brand/reputation
� Investigation and remediation costs
� Ongoing compliance audits
� Victim notification costs
� Charge-backs for fraudulent
transactions
� Denial of service to customers
� Possibility of business closure
Why is implementation of the PCI requirements
so important?
A. Protect Customer Card Data
B. Contractual Obligation
C. State Law
D. Business Best Practices – Protect Your Business
E. All of the above
PCI Overview – Question
� According to Visa, the U.S. achieved a
much higher PCI compliance stats as of
December 31, 2010
� For Level 1 chains in the U.S., for example:
Visa Reports that 96% are compliant
� Level 1 chains outside the U.S., according to Visa, is 76 percent.
PCI DSS High-Level Compliance Status– U.S. and Outside of the U.S.
Level 1 Merchants Are Defined As: Merchants processing over 6 million Visa transactions annually (all
channels) or Global merchants identified as Level 1 by any Visa region
Chip & PIN EMV
� EMV – Europay (now part of MasterCard) /
MasterCard / Visa
� EMV Cards – Credit and debit cards with
embedded microprocessors, memory, and
operating system capable of handling one or
more applications conforming to the EMV
standards (payments, gift, loyalty, etc.)
Overview & Definitions
Chip & PINSmart Cards
EMV Cards
� Data stored on EMV cards are encrypted and
the microprocessors are tamper resistant
� EMV cards can communicate with another
device equipped with EMV certified
microprocessors such as point-of-sale
terminals and ATMs
Overview & Definitions
Chip & PINSmart Cards
EMV Cards
� Information such as card number, expiration date, etc. is encoded on the magnetic stripe on the back of the card in clear text
�When swiping a magnetic stripe card through a machine equipped with a Magnetic Stripe Reader (MSR) such as a POS, the information encoded on the magnetic stripe can be read
� EMV (chip-and-PIN) Cards: The information is encoded and encrypted on the card Integrated Circuit
� Hybrid Cards – credit and debit cards with both a magnetic stripe and an EMV chip
Magnetic Stripe Cards Vs. EMV Cards
Benefits of EMV
*Source: Digital Transactions Magazine, October 2010
*Source: Digital Transactions Magazine, October 2010
Contact, dual-contact, or contactless:
The card and the terminal authenticate each
other through a PIN entered by the
cardholder; the result of this off-line, PIN-
based authentication process is included in
the transaction details
POS Operations
� Visa (Feb. 2011) rolled out a new security
program to push global use of EMV technology
(“chip and dynamic data authentication”)
� The program will allow retailers with at least 75%
of EMV transactions to avoid the annual PCI DSS
revalidation assessment
� This program is not being offered for U.S. retailers
because EMV usage is low
What’s the Latest Regarding Chip & PIN and How it May Impact Merchants?
This global program is called the
Technology Innovation Program
(TIP) and has the following
requirements:
• Terminals must be enabled for contact/dual contact and contactless interface chip acceptance
• All merchants outside of the United States are eligible and may begin qualifying for the new program from March 31, 2011
Visa’s New TIP Program
Ellen Richey, Chief Enterprise Risk Officer
at Visa Inc:• “Visa has repeatedly underscored the need for
authentication solutions to move to dynamic data technologies such as EMV chip.”
• “Although Visa’s global fraud rate remains at an all-time low of less than six pennies out of every $100 transacted, we believe the future of security lies in dynamic data.”
• “Our experience suggests that as markets move to chip they become less vulnerable to counterfeit fraud and, ultimately, to mass data compromise attacks.”
Visa’s New TIP Program
Retailers under the program would still be
required to validate PCI compliance before
entering the program and must still comply
with all PCI rules. And, the merchant cannot
have been involved in a breach of
cardholder data.
Visa’s New TIP Program
Signature Pads &
Handheld Devices
Angela Margolit, President
Technology Tools
� Legalization
� Storage Costs
� Ease of Access
� USB Port
� Paperless -> Go Green!
Signature Pads
Signature Pads
Handhelds
� Rapid Return
� Durability
� Integrated Camera
� Barcode Scanner
Handhelds
Evolution of Connectivity:
� Radio Frequency
� Spread Spectrum
� Wireless (300 feet)
� Cellular
Handhelds
How to Be Seen on the Global Distribution
Systems
Joe Knight
VP of Business Development
� Hiring & Training
� Rates
� Payment Cards
� Technology Tools
� GDS Affiliation
Questions?Questions?