Green Team

1
Final Presentation

• Green Team
• December 13, 2006
• Product Customizable Credit Card Protection (C3P)

2
Organization Chart
3
Presentation Outline

• Problem/Solution Introduction
• Process Description
• Solution Characteristics
• Market Analysis
• Return On Investment
• Milestones, Deliverables, Budgets
• Risk Assessment
• Conclusion

4
Our Project

• Our project is
• Customizable Credit Card Protection,
• which is a project addressing a common and
  growing problem in managing corporate credit
  cards.

5
Your Business

• You own a business, for example, an Engineering
  company
• Employees need to make purchases
• Company credit account
• Manual receipt tracking to validate purchases

6
Responsibility of Credit

• Businesses are ultimately responsible for debts
  on corporate credit cards
• Personal credit reports do not include corporate
  cards
• Credit card companies do not provide protection
  from fraud committed by authorized card holders

Visa.com
7
Problem Statement
Organizations and private businesses have
inadequate protection and controls over
unauthorized use by authorized cardholders, which
results in a loss of funds. Current methods of
addressing unauthorized use are expensive and
subjective.
8
Overall Scenario

• Your employee needs to purchase items for the
  company e.g. computer components, etc.
• The following slides will illustrate 4 scenarios
  outlining fundamental flaws in the current system
  of use corporate credit cards

9
Scenario A Limiting by Type of Vendor

• Situation
• Your employee needs to purchase these items at a
  particular store

10
Scenario A Limiting by Vendor

• Problem
• You cannot limit your credit card as to which
  stores these items can be purchased
• Solution
• Restrict purchases by Merchant Commercial Code
  (M.C.C.)
• Fact
• Surveyed company stated spending of 250,000 per
  year in efforts to prevent credit card misuse

Admiral Julius Caesar, Senior VP of SAIC
11
Scenario B Limiting by Product

• Situation
• Your employee can purchase whatever item they
  want within that store

12
Scenario B Limiting by Product

• Problem
• You cannot limit your credit card as to which
  individual items can be purchased
• Solution
• Restrict purchases by Universal Product Code
  (U.P.C.)
• Facts
• Immense company loss due to legal fees and other
  efforts to recover the fraudulent spending

13
Scenario C Controlling Spending Limits

• Situation
• Your employee may need a flexible credit limit as
  to the specific items that they need to purchase
• Due to travel
• If knowledgeable on which item would be better to
  purchase due to their area of expertise

14
Scenario C Limiting Spending Limits

• Problem
• You cannot dynamically set a per diem amount on
  the credit card specific to certain trips or
  purchases
• Solution
• Restrict purchases by modifying per diem limit
  dynamically
• Facts
• Out of 2.5 trillion government budget
• 14 billion was spent on private purchases by
  employees
• 2 billion was spent on unauthorized purchases by
  employees

Foiling credit card fraud by Jenny C. McCune
Bankrate.com http//www.gpoaccess.gov/usbudge
t/
15
Scenario D Data Management

• Situation
• Receipts can be misplaced or lost

16
Scenario D Data Management

• Problem
• The receipt tracking system is subjective and
  receipts can be misplaced
• Labour intensive
• Solution
• Online data mining makes tracking employee
  spending habits much easier
• Facts
• One company reviewed stated that employees
  produced only 20 of all transaction receipts

http//www.dallasnews.com
17
Solution - C3 Protection System
What solution solves all these problems?
18
Solution Concepts

• Regulate types of purchases
• Reduce receipt checking
• Improve accuracy
• Automatic prevention of prohibited purchases
• Organization saves money
• Keeps control of money in hands of employer

19
Solution Characteristics

• Customizable database
• Restrict Purchases by
• Universal Product Code (UPC)
• Only at participating locations in USA
• Merchant Commercial Code (MCC)
• Everywhere, including overseas
• Use contact RFID smart cards
• Fast Secure
• Programmable for transaction routing
• Modifiable sending of UPCs and MCCs
• User interface software
• Web-based GUI
• User access for modification of card holder
  account
• Reporting and Analysis tools
• Drives Database

20
Software - Reporting and Analysis

• Employee purchases
• Tracked and listed by employee
• Online Receipt Tracking
• List accepted and rejected purchases
• Grouped by purchaser, date, and MCC

21
C3P Initialization

• Get credit cards from credit company
• Organization leader enters data into database
• Purchase restrictions
• Card holder information (includes credit number
  from credit card)
• Receive C3P Cards
• Use C3P

22
Major Functional Component Diagram
23
Getting C3P Cards
24
Setting Card Holder Purchase Restrictions
25
Current Process of Making a Purchase
26
New Process of Making a Purchase
27
Purchase Verification
28
Graphical User Interface - MCC
29
Vendor C3P Communication
30
Management Plan
31
Management Plan - Communications

• Group Meetings
• Sun. 800 PM, Wed. 800 AM, Fri. 900 AM
• Minutes Assignments sent via e-mail
• Team web page
• Discussion
• Minutes
• Research
• Frequent Communications
• E-mail
• Phone

32
Management Plan - Tools

• Old Dominion University
• Labs
• Meeting Rooms
• Microsoft Project 2003
• Used to manage project

33
Major Functional Software Components

• The software solution is made up of the following
  areas
• Networking package
• Database package
• Database structure
• Graphic user interface
• Credit card data security standards

34
Networking Package

• Transaction control daemon
• Listens for incoming transactions from vendor
  credit card machines
• Sends out accepted credit card information to the
  credit card company
• Queuing logic
• Ensures efficient processing of transactions
• Protects against data loss
• Mutual Exclusivity
• Protects data being changed by GUI from
  interrupting transactions
• Secures database from corruption
• Credit Card Data
• Format credit card data
• Initiate corporate credit card transaction process

35
Database Package

• Converts incoming transaction data
• MCC
• Place of purchase
• Purchase amount
• UPC
• Analysis engine
• MySQL Database stores customer information
• Compares the incoming data to the allowed
  purchases, places of purchase, and spending limit
• Translates the incoming C3P card number to the
  corporate credit card number from our database

36
Vendor C3P Communication
37
Database Structure

• Database will be contain these fields
• C3P Card ID number
• Card user name
• Company name of card user
• Approved list of MCCs
• Approved list of UPCs
• Employees corporate credit card number

38
Graphical User Interface

• Web-enabled GUI
• Allows dynamic modification from any computer
  connected to the internet
• Customizable online spending portfolio
• Update spending limitations for each card user
• Easily select types of vendors or specific
  products using check boxes
• Does not require knowledge of UPCs or MCCs
• Spending analysis tools
• Graphs and charts showing company spending as
  well as individual spending
• Also reports rejected purchases in order to keep
  company leaders abreast with
  attempted spending

39
Credit Card DataSecurity Standard

• Build and maintain a secure network
• Protect cardholder data
• Maintain a vulnerability management plan
• Implement strong access control measures
• Regularly monitor and test networks
• Maintain an information security policy

40
Evaluation Plan

• Phase 0 - Conception Phase
• Team Formation
• Initial Concept
• Feasibility of Project
• Milestone
• Cost analysis
• Budget analysis
• Project test cost factors
• SBIR Proposal
• Project Approval
• Website Development

• Phase 1 - Prototype Proof of Concept
• Software development
• Software and hardware testing
• Documentation

41
Evaluation Plan

• Phase 2 Product Development
• Documentation
• Software development
• Hardware development
• Marketing
• Funding
• Website
• Software testing

• Phase 3 - Production out years
•  
• Purchasing
• Staffing
• Determine production facility
• Production/Training

42
C3P Innovative Functionality
Uses existing card readers
Tracks purchases and patterns
Customizable database of MCC
Customizable purchase restrictions
Can set Spending Limits
Blacks-out MCC codes
Blacks out UPC codes
Prevents Duplication
For Government Use
For Personal Use
For Business Use
Cards
43
Marketing Plan Overview

• Primary target market Businesses that issue
  corporate credit cards
• Advanced target market Concerned parents
• Return on Investment
• Vendor alliance
• Advertising strategy
• Initial businesses for beta testing
• Overall Marketing strategy

44
Target Market

• Initial Phase Businesses that issue corporate
  credit cards
• Businesses report billions of dollars in losses
  through embezzlement each year
• Advanced Phase Concerned Parents who grant
  control of credit card to child
• Studies prove that parents are concerned with
  giving children control of a credit card

http//www.fbi.gov/publications/financial/fcs_re
port052005/fcs_report052005.htm http//www.bank
rate.com/fox/news/cc/20000508.asp
45
Benefits to the Customer

• Secure and efficient control of company funds
• Reduces corporate credit card fraud
• Unscrupulous purchases protected against
• Reduced costs to prevent and lessen the effects
  of fraud
• Legal Fees/Court costs
• Manual Audits
• Corporate money is spent according to company
  policy
• Advanced Phase Parental control of children's
  spending

46
Vendor Alliance

• UPC database exchanged for updating of POS
  terminals
• Benefits to the vendor
• Targeted vendors receive
• business from C3P
• cardholders
• Advertising on the C3P website

47
Advertising Strategy

• Distribution
• Initial Roll-Out Get initial business on board
• Advertising Mediums (Once on board)
• National Newspapers
• Technology and business sections
• MarketPro Technology Shows
• TV/Internet
• Business and Technology Magazines

48
Initial businesses for beta test

• Initiate beta testing on local business
• EDO SAIC
• Expressed interest and acknowledged
  innovativeness
• These companies reflect financial losses due to
  credit card misuse

49
Overall Marketing Strategy

• Meet with individual business leaders who have
  large employee use of corporate credit cards
• Prove successful with single beta project
• Pursue a greater region of businesses
• Begin advertising campaign
• Receive vendor buy-in
• - Companies such as Target, Wal-Mart, Home
  Depot, etc.
• Take on full scale nationwide implementation
• Initiate add campaign through all advertising
  mediums

50
Milestones and Deliverables
Phase 1 (CS411) Software Requirements
Document Design Document Application Code Data
Management Code Formatting Code Demonstration
Prototype Completed Prototype Testing Test Plan
Document SBIR document NSF SBIR Proposal Phase 2

• Phase 0 (CS410)
• Feasibility Presentation
• Team Website
• Presentation
• Milestone Presentation
• Presentation
• Final Presentation
• Product Website
• Presentation
• SBIR document
• NSF SBIR Proposal Phase 1

51
Milestones and Deliverables
Phase 2 Critical Design Hardware Hardware
Requirements Document Database Setup Software Req
uirements Document Design Document Database
Application Code POS Application Code Data
Management Code Test Plan
Phase 3 Production Out Years Production Card
Company Contract Vendor Contract Financing Ventur
e Capital/Investment Distribution Distribution
Contract Marketing Advertising Campaign Launch
52
Project Flow - Outline
53
Phase 0 Organization Chart
54
Project Flow Phase 0 (CS 410)
55
Phase 1 Organization Chart
56
Project Flow Phase 1 (CS411)
57
Phase 2 Organization Chart
58
Project Flow Phase 2
59
Phase 3 Organization Chart
60
Project Flow Phase 3
61
Phase 1 Budget
62
Phase 2 Budget
63
Phase 3 Budget
64
Funding By Phase
65
Funding Plan

• National Science Foundation (NSF)
• Phase 1 Funding award up to 100k
• Proposal Deadline December 4, 2006
• Topic Information Technology
• Phase 1 Total Budget 120,045
• CIT Commercial Giving Program Commercial Finance
  Group
• Additional funds needed above the 100k
• No deadline
• Phase 1 20,045

66
Funding Plan

• National Science Foundation (NSF)
• Phase 2 Funding award up to 750k or two years
  (whichever is reached first)
• Phase 2 Total Budget 375,844

67
Funding Plan

• Phase 3 funding obtained through venture capital
  from outside investors
• Phase 3 Total Budget 128,544
• Total Budget (All phases) 624,434

68
Cost Per Customer
69
Cost Per Customer

• Leasing Per Year 35,500
• Authentication code
• User manual
• Software Package
• Access to customizable database
• Purchase checking capability
• GUI
• Programmed RFID cards
• Rental Fee (Server Database space)
• Service Fee

70
Break-Even Analysis
71
Risk Management Plan

• Identify Risk
• Categorize risk based on severity and probability
• Reduce risks
• Avoidance
• Acceptance
• Transference
• Mitigation
• Re-evaluate risk level

72
Risk Probability/Impact Matrix
73
Risks
74
What this product does not do

• Provide point-of-sale RFID readers
• Protect against blocking of authorized purchases
• Will mostly be a result of human error
• Will decrease in occurrence as more businesses
  use product
• Provide credit for businesses

75
Pros

• Saves money
• Reduces the money spent on security measures and
  court costs
• Customizable
• Spending limits
• Tracks Items Bought
• Tracks Vendors Bought From
• Increased record-keeping efficiency
• Can produce receipts and spending reports for
  individual employees as well as the company as a
  whole
• Provides an electronic format for receipt
  tracking and auditing
• Web-enabled interface allow for on-the-fly
  spending reports
• Smart Card Technology
• As quick as current magnetic-strip technology
• An emerging technology that is the way of the
  future

76
Cons

• Vendors need RFID readers
• Requires New Technology
• Many vendors are getting scanners
• 7-11 is adding 5,600 RFID scanners this year
• Accidental blocking of necessary purchases
• Solved with training and research
• 24/7 Server/Website Maintenance
• POS Terminals need updates

mastercard.com
77
Conclusion

• Regulates how funds are spent
• Saves money and time
• Vendors and credit customers will benefit
• Vendors will get higher quantity and more
  efficient business
• Credit customers are protected and have less
  wait-time in line
• Vendors will gain revenue from businesses that
  use UPC blocking
• C3P will revolutionize the credit system world
  wide

78
Questions
At this time, we welcome any questions you may
have.
79
References

• Foiling credit card fraud by Jenny C. McCune
  Bankrate.com
• http//www.gpoaccess.gov/usbudget/
• http//www.dallasnews.com
• http//www.fbi.gov/publications/financial/fcs_
• report052005/fcs_report052005.htm
• http//www.bankrate.com/fox/news/cc/20000508.asp
• http//www.bankrate.com/fox/news/cc/20000508.asp
• salary.com
• mastercard.com
• James Brunelle, Edo Corp.
• Admiral Julius Caesar, SAIC

80
Appendix A

• Expert Testimony from Admiral Julius Caesar from
  SAIC

81
Expert Testimony Current Problems

• Navy sailors are given credit cards for travel
  because they do not have enough personal cash
• Spending money in Girly Bars
• Tabs in excess of 15,000
• Private Business
• Employee used company credit card to put 14,000
  down payment on a house
• Employee bought several 1,500 airline tickets,
  and canceled the flight to collect the cash
  refund, which he used to finance his private
  company
• Employee bought 1,500 in thongs at Victoria
  Secret

82
Expert Testimony - Current Solutions

• Only activating the credit card for the duration
  of the travel
• Background credit checks on employees to be
  entrusted with company funds

83
Expert Testimony Loose ends left by current
solution

• Cant regulate purchases
• Company liable for purchases
• Employees cant pay the company back
• Must be taken to court

84
Expert testimony Time and Money spent on problem

• 25,000 per division per year
• 20 Divisions
• 250,000 per year for this company
• Credit card companies dropped the Navy as a
  customer because of fraud problems

85
Expert Testimony - Data

• 2002 1.4 million Government Travel Cards in use
• 3.4 billion spent on purchases with these cards
• One man made 262,800 in charges on 13 Government
  Credit Cards

86
Expert Testimony On C3P

• Target high risk employees
• In the 18-25 year-old bracket
• Dont know how to use credit
• Employees with bad credit

87
Appendix B

• Merchant Commercial Code (MCC) A specialized
  code that categorizes a store based on what it
  sells (e.g. Target and Wal-Mart have the same
  MCC) example MCC 5598 Snowmobile Dealership
• Universal Product Code (UPC) A code that
  designates a specific product, different for
  every brand and variation of a product (Lays and
  Pringles potato chips still have different UPCs)
  Sample UPC 02248604 Orbit Gum

88
Security - RFID

• An embedded antenna that is attached to the chip
  is used to transfer information stored in the
  chip's memory
• The range of operation is 2.5" to 3.9
• Information can be written to the card the same
  way it is read

89
Authorized User Fraud Liability

• Liability Options
• With the Corporate Card, your company is always
  protected from fraudulent or unauthorized
  charges. You select the level of liability for
  your Cardmembers and establish accountability for
  payment of charges.
• Liability options include
• Expanded Liability Protection Your company is
  responsible for reimbursing the Cardmember for
  business expenses and is liable for payment of
  business charges but is not liable for penalties
  arising from Cardmembers' delinquency or personal
  charges. American Express contacts employees with
  past-due balances to encourage payment.
• Selective Liability Protection Your company and
  your Cardmembers are jointly liable for payment
  of all charges, and American Express requests
  payment from your company if the Cardmember does
  not pay the outstanding balance.

Visa.com