Feasibility Presentation

spotlessstareΑσφάλεια

29 Νοε 2013 (πριν από 3 χρόνια και 4 μήνες)

60 εμφανίσεις

Green Team


October 16, 2006


Product: Customizable Credit
Card Protection (C
3

P)

October 18, 2006

Green Team

2

Organization Chart

October 18, 2006

Green Team

3

This family received food
stamps

www.co.kern.ca.us/dhs/images/0987.jpg

October 18, 2006

Green Team

4

This family received money from
FEMA

www.katrinapictures.blogspot.com/

October 18, 2006

Green Team

5

This family received both

http://www.spasearch.org/admin/images/fld_ma
in_photo/fld_main_photo_38.jpg

October 18, 2006

Green Team

6

What do these families have in
common?


All these families received Government
money


The first two used the money as intended


The third is guilty of spending government
money on things other than the intended
purpose

October 18, 2006

Green Team

7

FEMA Fraud


Hurricane Katrina
victims


900,000 of 2.5
Million aid applicants
were fraudulent
*

* http://www.msnbc.msn.com/id/11326973/

Obtained
funds
through
fraud
Obtained
funds
legally
October 18, 2006

Green Team

8

Problem Statement

Government organizations and private
businesses have inadequate protection
against unauthorized purchases by
authorized cardholders, which results in a
loss of funds.

October 18, 2006

Green Team

9

Problem Analysis



Out of a $2.5 trillion government budget
**



$14 billion was spent on private
purchases by employees


$2 billion was spent on unauthorized
purchases by employees
*


* Foiling credit card fraud by Jenny C. McCune • Bankrate.com

** http://www.gpoaccess.gov/usbudget/

October 18, 2006

Green Team

10

Problem Characteristics



Tracking physical receipts


Archaic


Inaccurate


Unreliable


Easy to lose


Employees produced 20% of all transaction
receipts
*


Cards can be stolen


Organization loses money


Money spent unwisely by an authorized user of
the card is not covered under fraud protection

* http://www.dallasnews.com

October 18, 2006

Green Team

11

Solution Characteristics


Prevention of lost corporate funds


Reduces personal, unwarranted spending


Biometrics


Prevents unauthorized use


Uses customizable database


Allows different business to have different
options

October 18, 2006

Green Team

12

C
3

Protection Card


So what is C
3
P?


Customizable Credit Card Protection



October 18, 2006

Green Team

13

Objectives


Develop a customizable credit card
system to prevent unauthorized purchases
by employees


Customizable database to hold prohibited
purchases


GUI to allow customization of database


Uses Merchant Commercial Codes (MCCs)


Use Universal Product Codes (UPCs)




Implement latest security technology for card
protection

October 18, 2006

Green Team

14

Features


Secure Credit card


128
-
bit DES encryption


Biometrics


Fingerprint


Photo ID


Allows customizable control over card’s use


Controlled by a user interface to each business’
personal database

October 18, 2006

Green Team

15

Customers


Hard Customers

-
Visa

-
MasterCard

-
Discover

-
American Express


Soft Customers

-
Every business that holds a business credit card

-
Caring and concerned parents who issue credit cards to
their children

October 18, 2006

Green Team

16

Customer Characteristics


Credit Card Companies

-
Spend millions each year on securing their credit cards*

-
Minors are Credit Card Company’s new target consumer
**


Credit Card Company’s Consumers

-
Small businesses report billions of dollars in losses through
embezzlement each year***

-
Parents are concerned with giving children control of a credit
card yet are even more concerned about giving a child real cash
**


* http://news.com.com/Retailers+feel+security+heat/2100
-
7349_3
-
5680788.html

** http://www.bankrate.com/fox/news/cc/20000508.asp

*** http://www.fbi.gov/publications/financial/fcs_report052005/fcs_report052005.htm

October 18, 2006

Green Team

17

Why does the customer need this?


Soft customer


Secure and efficient control of company funds


Reduced costs to prevent and lesson the effects of fraud


Parental control of children's spending


Hard Customer


Offer safer card services to credit users


Larger customer base


Increase of large, reliable customers

October 18, 2006

Green Team

18

Major Functional Component
Diagram

October 18, 2006

Green Team

19

RFID Card Specifications



An embedded antenna that is
attached to the chip is used to
transfer information stored in the
chip's memory



The range of operation is 2.5" to
3.9“



Information can be written to the
card the same way it is read.



The fingerprint scanner can be
added

October 18, 2006

Green Team

20

Software Features


Intuitive web
-
based GUI Interface


Able to customize MCCs and/or UPCs by
creating an ‘acceptance’ list


Able to analyze and graph employee
spending habits


Incoming UPCs and MCCS are compared
with an ‘acceptable’ database of allowed
codes


October 18, 2006

Green Team

21

Receipt Tracking


For each business, all employee
purchases are tracked and listed by
employee


Receipts will list accepted and rejected
purchases


Receipts can be grouped by purchaser,
date, and/or MCC

October 18, 2006

Green Team

22

Smart Card Setup


User account access information added to
smart card memory by C
3
P


1
st

user finger scan saves a three
-
dimensional electrical image of the
fingerprint's unique pattern using small
variations in finger surface capacitance.

October 18, 2006

Green Team

23

Authentication Process

Current Process

NEW Process

Vendor

must


take

the

credit


card

and

ID


from

customer

Then vendor must

authenticate the

customer by

judgment alone.

If the customer

matches the


identification, the

transaction is made.

Hold your thumb

over the fingerprint

scanner to prove

your identity.

If your fingerprint

matches, the Smart

Card & RFID chip

will be activated

Touch the card

to the card

reader and the

transaction will

be processed.

October 18, 2006

Green Team

24

Payment Process

Current Process

NEW Process

Vendor

swipes

your card at

the point
-
of
-
sale

register.

The data is sent


to a computer

to verify your

credit.

If you have

the funds, your

purchase is

allowed.

You

swipe your card at

the point
-
of
-
sale register.

Your data is sent to our

servers for verification.

Your data is then sent to

the credit servers to verify.

If your card is accepted

and your purchases are

valid, sale is complete.

October 18, 2006

Green Team

25

What’s In The Box


What’s in the Box?

Loading Station

What’s In The Box


What’s Not In The Box


IF
REQUESTED:


Authentication
code for website


Website URL
(holds database)


Requirements for
submission of
pictures and info

Credit card
customer
information

Computer with
Internet connection

Businesses

Credit Card Companies

October 18, 2006

Green Team

26

Flow of Information/Hardware

a. Request CC w/C
3
P

b1. Camera? How
many cards?

b2. Reply

e. Send camera (opt.)
& authentication code

f. Send photos

h. Send cards with CC
logo & photo ID

Business
accesses C
3
P
database online

c. Send notification of
request

d. Sell camera (opt.) &
authentication code

g. Sell cards with C
3
P
(RFID chip/C
3
P
logo/biometrics

C
3
P makes RFID
smart cards w/
biometrics

October 18, 2006

Green Team

27

What this product does not do


Provide point
-
of
-
sale RFID readers


Protect against blocking of authorized
purchases


Will mostly be a result of human error


Will decrease in occurrence as more
businesses use product


Provide credit for businesses


October 18, 2006

Green Team

28

Competition Matrix

MTU Purchasing

X

X

X

X

X

Government Credit

X

X

X

Food Stamps

X

X

X

X

X

X

Worldwide Purchasing

X

X

X

X

X

X

LeCarte Purchase

X

X

X

X

X

NASA SmartPay

X

X

X

Smart

X

C
3
P

X

X

X

X

X

X

X

X

X

X

X

X

Cards

October 18, 2006

Green Team

29

Cost (Soft Customer)

Components

Number Required

Price

Cost

Camera (optional)

1

$110.00

$110.00

Access to website

1

FREE

FREE

Authentication code (convenience
fee)

1

$10.00

$10.00

RFID smart card w/biometrics
*

1 per member

$20.00

$20.00/member

Total Cost (Max)

$120.00

+
$20.00/member

Total Cost (Min)

$10.00

+
$20.00/member

* http://www.processor.com/editorial/article.asp?article=articles/P2716/30p16.asp&guid=

October 18, 2006

Green Team

30

Cost (Hard Customer)

Components

Number
Required

Price

Cost

Initial Training

1 day per store

$3,000.00

$3,000.00 per day per
company

Server
*
(incl. add’l
features)

1 (for C
3
P use
only)

$8,162.00

$8,162

RFID smart card printer

1 (for C
3
P use
only)

$4,000.00

$4,000.00

RFID smart cards

1 per member
(for C
3
P
manufacturing)

$15.00

$15.00/card

Total Cost for C
3
P

$12,162.00

+ 3,000/day of training

+ $15.00/card

* http://configure.us.dell.com/dellstore/config.aspx?c=us&cs=04&kc=6W300&l=en&oc=pe1950
-
max&s=bsd

October 18, 2006

Green Team

31

Pros


Smart Card Technology


Quick


Uses Biometrics


Safe and Secure


Customizable


Spending limits


Tracks Items Bought


Tracks Vendors Bought From


More Efficient


Saves Time Spent On Accounting


Saves money


Keeps better records


Automatic record of exact item bought and vendor shopped at


Better information for routine audits

October 18, 2006

Green Team

32

Cons


Uses fingerprints


People are afraid of giving up such information


Solved with encryption and marketing


Vendors need RFID readers


Requires New Technology


Many vendors are getting scanners


7
-
11 is adding 5,600 RFID scanners this year
*


Accidental blocking of necessary purchases


Solved with training and research


24/7 Server/Website Maintenance

* mastercard.com

October 18, 2006

Green Team

33

Risk Probability/Impact Matrix

P

81
-
100%











r

o

61
-

80%











b

a

41
-

60%











b

i

21
-
40%

7



4

1, 2

l

i

1
-
20%




6


5



3

t

y



1

2

3

4

5

Impact: 1(Low)
-

5(high)

1

Access to credit card
info

2

Hardware malfunction

3

Cards are not delivered

4

Software Malfunction

5

Insulting to Employee

6

Employees won't give
up finger prints

7

UPC database is
unavailable

October 18, 2006

Green Team

34

Risks

Risk#

Risk Description

Mitigation Actions

1

Access to Personal Info from
Credit Card Companies

Encryption, policy of not
reading the information

2

Hardware Malfunction or Viruses

Out of our control

3

Cards are not delivered by
contracted company

Out of our control

4

Software Malfunction

Thorough testing and 24/7
support

October 18, 2006

Green Team

35

Risks

Risk#

Risk Description

Mitigation Actions

5

Insults Employee (can not be
trusted)

Marketing plan and training to
avoid insulting employees

6

Employees are reluctant to give
up fingerprints due to privacy
issues and fear of ‘Big Brother’

128
-
bit DES encryption, need of
access to the money by user

7

UPC Database is unavailable

Drop UPC solution from initial
launch and use only MCCs

October 18, 2006

Green Team

36

Return on Investment


Improves reputation of credit card company


Reduces loss of money due to unscrupulous
purchases


Saves time used to perform manual audits


Reduces fraud


Reduces the number of investigations required

October 18, 2006

Green Team

37

Conclusion



Regulates how funds are spent



Uses biometrics


Prevents the use or selling of stolen cards


Vendors, credit customers, and card companies will benefit


Vendors will get higher quantity and more efficient business


Credit customers are protected and have less wait
-
time in line


Card companies get to sell cards and RFID sensors to vendors
while increasing their number of users


C
3
P will revolutionize the credit system world wide

October 18, 2006

Green Team

38

Questions

At this time, we welcome any questions you
may have.

October 18, 2006

Green Team

39

References




DISD credit card oversight lax:


http://www.dallasnews.com



Picture 1:


www.co.kern.ca.us/dhs/images/0987.jpg



Picture 2:


www.katrinapictures.blogspot.com/



Picture 3:


http://www.spasearch.org/admin/images/fld_main_photo/fld_main_photo_38.jpg



FEMA Fraud, http://www.msnbc.msn.com/id/11326973/


IEEE Feasibility Study on biometric credit cards:

http://www.ee.ucla.edu/faculty/papers/ingridv_TransCE_nov04.pdf#search=%2

2Portable%20Biometrics%22


Smart Card technology with localized, portable biometrics:


http://www.biometricassociates.com/smartcard.php


Open source smart card technology, both software and hardware:



http://www.smartcardalliance.org/industry_news/industry_news_item.cfm?ite


mID=1596


October 18, 2006

Green Team

40

References


Food stamp fraud:
http://www.frac.org/html/federal_food_programs/programs/fsp_faq.html#4


Food stamp info: http://www.fns.usda.gov/fsp/faqs.htm#9


Data on food stamp fraud:

(http://www.eweek.com/article2/0,1895,1972079,00.asp)

(http://www.foodstampfraud.org/)

(http://www.cioinsight.com/article2/0,1540,1850300,00.asp)


FEMA Fraud data:

http://www.cnn.com/2006/US/09/13/katrina.fraud/index.html?section=cnn_topstories)

(http://www.msnbc.msn.com/id/11326973/)


Lockout codes

http://www.admin.mtu.edu/acct/dept/pur/purchcard/lockout.htm


Info on why this is a problem:

http://www.dallasnews.com/sharedcontent/dws/news/localnews/stories/070206dnmetp
cards.192c71f.html

http://financialplan.about.com/od/studentsandmoney/a/TeenCreditCards.htm


Info on current program in place:

http://arc.publicdebt.treas.gov/DWP/fs/fscredcard.htm#1


Data and why this is needed


EPA’s complaint paper on current system!!!

http://www.epa.gov/oig/reports/1995/bankrep.htm#CHAPTER%204


How credit cards work: http://money.howstuffworks.com/credit
-
card2.htm

October 18, 2006

Green Team

41

Appendix A

Expert Testimony from Admiral Julius
Caesar from SAIC

October 18, 2006

Green Team

42

Expert Testimony


Current
Problems


Navy sailors are given credit cards for travel
because they do not have enough personal cash


Spending money in “Girly Bars”


Tabs in excess of $15,000


Private Business



Employee used company credit card to put $14,000
down payment on a house


Employee bought several $1,500 airline tickets, and
canceled the flight to collect the cash refund, which
he used to finance his private company


Employee bought $1,500 in thongs at Victoria Secret

October 18, 2006

Green Team

43

Expert Testimony
-

Current
Solutions


Only activating the credit card for the
duration of the travel


Background credit checks on employees
to be entrusted with company funds

October 18, 2006

Green Team

44

Expert Testimony


Loose ends left
by current solution


Can’t regulate purchases


Company liable for purchases


Employees can’t pay the company back


Must be taken to court

October 18, 2006

Green Team

45

Expert testimony


Time and
Money spent on problem


~$25,000 per division per year


20 Divisions


~$250,000 per year for this company


Credit card companies dropped the Navy
as a customer because of fraud problems

October 18, 2006

Green Team

46

Expert Testimony
-

Data


2002: 1.4 million Government Travel
Cards in use


$ 3.4 billion spent on purchases with these
cards


One man made $262,800 in charges on
13 Government Credit Cards

October 18, 2006

Green Team

47

Expert Testimony


On C
3
P


Target “high risk” employees


In the 18
-
25 year
-
old bracket


Don’t know how to use credit


Employees with bad credit

October 18, 2006

Green Team

48

Authentication
Methods
Secure
Inexpensive
No Memorization Required
High degree of fraud protection
No Human Verification Required
Ease of use
Ease of Implementation
Fingerprint







Photo ID




PIN




Password




Retinal Scan



Signature




Authentication

October 18, 2006

Green Team

49

Fingerprints

Advantages:



Relatively Mature
Technology


Low Cost


Highly Portable
Technology

Distinctiveness

High

Permanence

High

Collectibility

Medium

Performance

High

Acceptability

Medium

Potential for
Circumvention

Low

October 18, 2006

Green Team

50

Biometric Fingerprints


Finger Print Characteristics


Genetic and environmental factors


Never the same


Biometric image cannot be
reproduced


Finger Print Scanner


Capacitive Scanner


Electric Current


October 18, 2006

Green Team

51

Appendix B

Merchant Commercial Code (MCC)


A
specialized code that categorizes a store
based on what it sells (e.g. Target and Wal
-
Mart have the same MCC)

Universal Product Code (UPC)


A code that
designates a specific product, different for
every brand and variation of a product (Lay’s
and Pringle’s potato chips still have different
UPCs)