Barron McCann - Delivering Service Excellence

The Payment Card Industry Data Security Standard (PCI-DSS) is designed to help businesses around the world handle card payments securely and reduce card fraud.

The DSS calls for tight controls on the storage, transmission and processing of cardholder data. An organisation which loses card data while out of compliance can incur substantial Card Schemes fines and may be liable for both the fraud losses incurred by the cardholders and the operational costs associated with replacing the accounts, aside from the risk of a damaged reputation.

Organisations can greatly reduce the overhead of achieving PCI DSS by implementing “Point to Point Encryption”, or P2PE. P2PE puts all systems between the PIN Entry Device (PED) and host payment application outside the scope of PCI DSS by encrypting data the moment the card is inserted into the PED, making PCI DSS compliance much easier.

Download our P2PE Capability Document.

To protect each PED’s encryption key, a formal regime of ownership, monitoring and documentation is required throughout the PEDs’ lifecycle. The weak link in the chain is often in the deployment and ongoing servicing of PEDs.

This is where Barron McCann assists organisations across multiple industries, working with those organisations’ QSAs (Qualified Security Assessors) to meet their requirements and provide compliant installation, servicing and P2PE logistics delivered through our own engineers to ensure services remain compliant. This is supported by a training regime to ensure all staff working on a specific client’s solution are fully trained and supported by site instruction manuals and technical support.

We maintain some 50,000 PEDs and have installed or upgraded some 85,000 units. We handle a wide range of PEDs, including market leaders VeriFone and Ingenico. We also manage upgrades for deployed PEDs that can be upgraded to P2PE (PTS v3.0 with required version of SRED).

BMC has been engaged in providing products and services to the security industry for decades, and holds ISO 27001 as well as ISO 9001. We also provide national and pan-European hardware deployment and maintenance services to retailers and finance organisations on a wide range of IT and EPOS equipment. Our P2PE Compliant PED Services build on our capability to securely deploy and maintain IT equipment across broad estates, our P2PE experience and our PCI DSS QIR accreditation.

Barron McCann has an impressive track record of installing and maintaining PED equipment into the retail and finance markets in the UK and across Europe. Our PED service customers include Primark, TK Maxx, Travis Perkins, Costcutter, WH Smiths, Sainsbury’s, Skipton Building Society and Shoe Zone.

Secure Storage

PED’s are stored in our centrally located UK warehouse, with dedicated caged areas, CCTV, Access Control and 24/7 security patrols. The site is ISO27001 compliant and, benefitting from the secure nature of other contracts, provides one of the safest storage environments in the UK.

This central storage capability is backed up by secure regional storage locations, housed in our 27 Forward Stock Locations. These sites are independently vetted and audited to ensure they maintain their security levels.

Secure Logistics

PEDs are shipped to customer sites either via our own engineers in locked caged vans, or via a separate independently audited logistics carrier. Whichever option is used, secure processes ensure we maintain a full Chain of Custody, with PED inspections carried out at all transit and handover points, through to delivery into the customer site.

Secure Deployment

Our security vetted, fully trained, employed engineers either deliver the PED or receive it from the logistics chain, perform a full packaging and item inspection, verified by the site contact. They then carry out power up tests and deploy the PED in accordance with the customer’s P2PE Instruction Manual (PIM).

All exceptions are immediately reported with items being quarantined

Barron McCann utilises the same strict security control in providing on site maintenance services to swap out and replace faulty PEDs.

Maintenance

Faulty items are returned to our central stores via secure logistics, where they are then managed back to the manufacturer for repair, before being logged back into active services and put into the customer’s maintenance stock loop.

Where required by the PIM, “stranded” data is removed from the PED prior to return to the manufacturer.

All Barron McCann’s services are independently verified by our clients’ QSAs, and all services are tailored to each customer’s PIM and fully approved by their QSA as part of the service onboarding process.

Our extensive experience utilising our own, trained engineers and backed by accreditations and highly secure premises, systems and processes ensures we are the optimal choice for P2PE services across the UK and Europe.

pci qir logo

Useful Links  http://www.theukcardsassociation.org.uk https://www.pcisecuritystandards.org/

Barron McCann has an impressive track record of installing and maintaining PED equipment into the retail and finance markets in the UK and across Europe. Our PED service customers include Primark, TK Maxx, Travis Perkins, Costcutter, WH Smiths, Sainsbury’s, Skipton Building Society and Shoe Zone.

So if you are a retailer, financial services organisation or hospitality group planning to upgrade your payment devices, get in touch with Barron McCann to find out how we can bring our secure professional services to help with your requirements

Losing card data while out of compliance can incur substantial Card Schemes fines

Why Barron McCann?

We strive for excellence in deployment and maintenance, we asked our customers what they thought

See their feedback

P2PE Improves Customer Security

"Barron McCann was very keen to support us and Skipton Building Society wanted to get it right, so the project and delivery teams worked very closely together to develop the right processes throughout the whole deployment of the new Chip and PINs."

   

Bob Fielding

Strategic Buyer, Skipton Building Society

IT Infrastructure and Technical Support services

Barron McCann has demonstrated across-the-board expertise that has played a crucial role - both through the provision and support of a first-rate IT infrastructure, and the Technical Help line to support the Field Managers.

GRAHAM EMMONS

UK’s Census DirectorLockheed Martin

Make an enquiry

x