3

4/27/2007
Green Team
2

• Problem/Solution Introduction
• Process Description
• Solution Characteristics
• Prototype Characteristics
• Prototype Demonstration
– Simulated POST
– Business Leader GUI
– Purchase Verification Software
– Database Control
Green Team
4/27/2007 3

Our project is
Customizable Credit Card Protection (C 3 P), which is a project addressing a common and growing problem in managing corporate credit cards.
Green Team
4/27/2007 4

• You own a business, for example, an
Engineering company
– Employees need to make purchases
• Company credit account
• Manual receipt tracking to validate purchases
Green Team
4/27/2007 5

• Businesses are ultimately responsible for debts on corporate credit cards
• Personal credit reports do not include corporate cards
• Credit card companies do not provide protection from fraud committed by authorized card holders*
4/27/2007
* Visa.com
Green Team
6

4/27/2007
Green Team
7

• Your employee needs to purchase items for the company e.g. computer components, etc.
• The following slides will illustrate 4 scenarios outlining fundamental flaws in the current system of use for corporate credit cards
Green Team
4/27/2007 8

– Your employee needs to purchase these items at a particular store
4/27/2007
Green Team
9

– You cannot limit your credit card as to which stores these items can be purchased
– Restrict purchases by Merchant Commercial Code
(M.C.C.)
– Surveyed company stated spending of $250,000 per year in efforts to prevent credit card misuse*
4/27/2007
* Admiral Julius Caesar, Senior VP
Green Team of SAIC
10

– Your employee can purchase whatever item they want within that store
4/27/2007
Green Team
11

– You cannot limit your credit card as to which individual items can be purchased
– Restrict purchases by Universal Product Code (U.P.C.)
– Immense company loss due to legal fees and other efforts to recover the fraudulent spending
Green Team
4/27/2007 12

– Your employee may need a flexible credit limit as to the specific items that they need to purchase
• Due to travel
• If knowledgeable on which item would be better to purchase due to their area of expertise
Green Team
4/27/2007 13

– You cannot dynamically set a per diem amount on the credit card specific to certain trips or purchases
– Restrict purchases by modifying per diem limit dynamically
4/27/2007
– Out of $2.5 trillion government budget*
• $14 billion was spent on private purchases by employees
• $2 billion was spent on unauthorized purchases by employees**
* http://www.gpoaccess.gov/usbudget/
** Foiling credit card fraud by Jenny C. McCune • Bankrate.com
Green Team
14

– Receipts can be misplaced or lost
4/27/2007
Green Team
15

– The receipt tracking system is subjective and receipts can be misplaced
– Labour intensive
– Online data mining makes tracking employee spending habits much easier
– One company reviewed stated that employees produced only 20% of all transaction receipts*
* http://www.dallasnews.com
4/27/2007
Green Team
16

4/27/2007
Green Team
17

• Regulate types of purchases
• Reduce receipt checking
• Improve accuracy
– Automatic prevention of prohibited purchases
• Organization saves money
– Keeps control of money in hands of employer
Green Team
4/27/2007 18

• Customizable database
– Restrict Purchases by
• Universal Product Code (UPC)
– Only at participating locations in USA
• Merchant Commercial Code (MCC)
– Everywhere, including overseas
• Use contact RFID smart cards
– Fast & Secure
– Programmable for transaction routing
• Modifiable sending of UPCs and MCCs
• User interface software
– Web-based GUI
• User access for modification of card holder account
• Reporting and Analysis tools
• Drives Database
Green Team
4/27/2007 19

4/27/2007
Green Team
20

t y i l i o b a b
P r
81-100%
61 - 80%
41 - 60%
21-40%
1-20%
4/27/2007
5
4
1
2, 3
1 2 3 4
Impact: 1(Low) - 5(high)
Green Team
5
1
No corporate buy-in
(access to UPC database)
2
Access to credit card info
3
Hardware malfunction
4 Software malfunction
5
Insulting to employee
21

• Limit the scope of the initial project!
• What is taken out?
– The physical aspect of RFID reader/writer and RFID cards
– The interaction between Credit Card Company and
C 3 P servers
– A formatted data mining receipt tracking system
• What is new?
– The Simulated Point of Sale Terminal
• What remains?
– The Purchase Verification Software
– The Business Leader Graphical User Interface
– The Database of Users, MCCs, and UPCs
Green Team
4/27/2007 22

4/27/2007
Green Team
23

Risk#
1
2
Risk Description
No corporate buy-in (access to
UPC database)
Access to Credit Card Info
4 Software Malfunction
Mitigation via Prototype
UPC can be retrieved from online databases
Future implementation of encryption and current ability of restricted access to info via basic authentication
Software demonstrated during
Prototype Demonstration
4/27/2007
Green Team
24

4/27/2007
Green Team
25

• Equipment Drivers
– Nigel Tierney/Justin Brunelle/Aaron Fowler
• Product and Prototype Description Presenter
– Jeremy Archey
• Database Description Presenter
– Jason Benson
• Business Leader GUI Presenters
– Jason Benson
• Purchase Verification Software Presenter
– Jason Benson
• Simulated POST Presenter
4/27/2007
– Lisa Ortiz
Green Team
26

• Consists of the following tables:
– Employee
– Business Leader
– MCCs
– UPCs
• Created using MySQL
• Located on ODU server
Green Team
4/27/2007 27

Employee Table Part 1
UID Name acctNum apMCC apUPC totpurchase
Identification number for each employee
Employee's name totpurchase
Total amount of this day's purchases spendingLimi t
Total daily spending limit
Employee's corporate spending account number
List of
Approve d MCCs
Employee Table Part 2
List of Approved
UPCs addr phone employeeNum
Total amount of this day's purchases company
Employee
Address
Employee
Phone
Number
Employee
Corporation
Number
Employee
Company
SSN
Employee
Social
Security
Number
4/27/2007
Green Team
28

refNum
Reference number for the
UPC (primary key)
UPC
UPC
UPC Table pName
Product Name cost
Cost of product per unit in cents categorization
Categorization of products (lumber, clothing, food, hardware, automotive, business supplies)
MCC Table refNum MCC sType leaderID
Business Leader's ID
4/27/2007
Reference number for the
MCC (primary key)
MCC Type of Vendor pwd
Business Leader's password
Business Leader Table employees company
Employees that work for this business leader
Company that this business leader works for
Green Team name
Business leader's name
29

• This software package is an interface for the business leader to be able to:
Add employees to the database
- Delete employees from the database
- Modify the database of allowed UPCs, MCCs, and spending limits for employees
• Created using HTML, PHP and Javascript
• Hosted on the ODU webserver
Green Team
4/27/2007 30

4/27/2007
Green Team
31

• This software was coded to validate purchases by C 3 P card holders
• It takes a transaction string that simulates an actual credit card transaction string, decodes it, and checks the validity of the purchase.
• Was written entirely in PHP and is used by the POS terminal to validate purchases.
• Located on ODU server
Green Team
4/27/2007 32

4/27/2007
Green Team
33

• Consists of:
– Text fields: MCC and Employee ID (Required)
– Drag-and-drop feature (From Products to
Shopping Cart)
– Clear Cart feature, Delete (item) feature
– Purchase button
• Created using PHP, MySQL, and JavaScript*
• Works in conjunction with Purchase Verification
Software
• Located on ODU server
*Scriptaculous.com
4/27/2007
Green Team
34

4/27/2007
Green Team
35

4/27/2007
Green Team
36

Green Team
4/27/2007 37

Phase
Phase 2
Phase 3
Start
5-3-07
Finish Length
10-31-07 151 days
10/31/07 Out Years Out Years
5/07 8/07 11/07 2/08+
Green Team
4/27/2007 38

Module
Business
Leader
GUI
Data
Mining
POST
Purchase
Verification
Software
Database
Start
7-1-07
7-1-07
7-1-07
7-1-07
7-1-07
Finish
7-31-07
7-31-07
7-31-07
7-31-07
Length
30 days
30 days
30 days
30 days
7-31-07 30 days
5/07 6/07 7/07 8/07
Green Team
4/27/2007 39

Module Start Finish Length
Business
Leader
GUI
Data
Mining
POST
7-31-07 9-11-07 43 days
7-31-07 9-11-07 43 days
7-31-07 9-11-07 43 days
Purchase
Verification
Software
Database
7-31-07 9-11-07 43 days
7-31-07 9-11-07 43 days
7/07 8/07 9/07 10/07
Green Team
4/27/2007 40

Module Start Finish Length
Business
Leader
GUI
Data
Mining
POST
9-11-07 10-31-07 50 days
9-11-07 10-31-07 50 days
9-11-07 10-31-07 50 days
Purchase
Verification
Software
9-11-07 10-31-07 50 days
8/07 9/07 10/07 11/07
Green Team
4/27/2007 41

• Out Years
• System Maintenance
– Updates
– Repairs
• Customer Support
• Advertising
Green Team
4/27/2007 42

4/27/2007
Green Team
43

• National Science Foundation (NSF)
– Phase 2: Funding award up to $750k or two years (whichever is reached first)
• Phase 2 Total Budget: $278,789
Green Team
4/27/2007 44

Hard Resources
Product
RFID Cards
Card Programmer
Card Printer
Domain Name Registrations
TOTAL
Personnel Resources
Resource
Project Manager
Database Maintenance Team
Database Administrator
Technical Director
POS Terminal Programmers
Programmer III
Software Maintenance &
Installation Team
Web Developer
GUI Programmer
Programmer II
Risk Management Director
Documentation Specialist
Finance Director
TOTAL
# Units Cost/Unit Total
10000 $0.52
$5,200 http://www.maxking.com/shopcart/product.php?productid=16375$cat=249&page=1
10
5
1
$64 $640 http://www.maxking.com/shopcart/product.php?productid=16213
$2,000 $10,000 http://www.maxking.com/shopcart/product.php?productid=16282$cat=304&page=1
$15 $15 InternetSolutions.com
$15,855
#
1
3
1
3
3
2
7
1
1
Salary*
75,616
$73,252
$56,926
$57,397
Overhead Hourly Hours Total
105,862
$102,553
$79,696
$80,356
$55
$53
$42
$42
403
121
295
53
$22,220
$19,442
$12,245
$6,654
$52,920 $74,088 $39 578 $66,872
$46,282 $64,795 $34 803 $54,164
$45,368
$68,141
$35,751
$63,515
$95,397
$50,051
$33
$50
$26
216
95
606
$50,018
$4,720
$15,797
1 $108,901 $152,461 $79 136 $10,799
$262,934
$278,789 TOTAL Resources
*Salary.com
4/27/2007
Green Team
45

• C3P regulates how funds are spent
– Saves money and time
• Prototype has proven feasibility and accuracy of product
• C3P will revolutionize the credit system world wide
Green Team
4/27/2007 46

4/27/2007
Green Team
47

4/27/2007
• Foiling credit card fraud by Jenny C. McCune
• Bankrate.com
• http://www.gpoaccess.gov/usbudget/
• http://www.dallasnews.com
• http://www.fbi.gov/publications/financial/fcs_ report052005/fcs_report052005.htm
• http://www.bankrate.com/fox/news/cc/20000508.asp
• http://www.bankrate.com/fox/news/cc/20000508.asp
• http://www.salary.com
• http://www.mastercard.com
• James Brunelle, Edo Corp.
• Admiral Julius Caesar, SAIC
Green Team
48