PCI Need to Know

Page 2

What You NEED To Know About PCI Merchant Edition How do I know if I am PCI Compliant? (continued) If you perform any of the following, you are not PCI-compliant: • You store non-encrypted, electronic credit card data (common issue with credit card processing software purchased prior to 2006). • You use software that touches credit card data that has not been PA-DSS-validated. • You physically store imprints of credit cards in a non-secure location. • You allow unlimited employee access to paper and/or electronically stored credit card data.

What is the significance of July 1, 2010? July 1 has been a mandated date for several years, requiring: 1) That all merchants, if using payment application software, must be using PA-DSS Validated software. 2) That all merchants if using PINPad Debit, use Triple DES encrypted PINPads. An important note of clarification: t o : Ju Julyy 1 has as nothing ot g to do with t a merchant’s requirement to “be PCI Compliant”, this mandate has existed d for many years.

If you are currently using a PINpad that lookss like this P/N P003-160-02

Check the label for a part number. If the label reads P/N P003-160-02, your device needs to be replaced with part number P/N P003-18002.

You need to upgrade to a PCI-Compliant PIN entry device such as the VeriFone 1000SE P/N P003-180-02

If you are currently using any of these non-compliant legacy SigCap devices:

HHP-TT3101

HHP-TT8810

HHP-TT8500

You need to upgrade to a PCI-compliant PIN Entry device, such as the Verifone MX-850

Helpful Websites You Can Visit to Get More Information Helpfu The Data Security Standard can be found on the PCI Security Standards Council's Website: https://www.pcisecuritystandards.org/security_standards/pci_dss.shtml You can also get more information about risk management on VISA’s Website: http://usa.visa.com/merchants/risk_management/index.html To get information and downloads associated with the PCI DSS and MasterCard Site Data Protection Program, you can visit MasterCard’s resource site at http://www.mastercard.com/us/merchant/security/sdp_program.html Additional information is available to merchants, including links to the Self-Assessment Questionnaire (SAQ). For more information, please visit VISA’s Cardholder Information Security Program page at http://usa.visa.com/merchants/risk_management/cisp_merchants.html

Brought to you by

Developers of

Issuu converts static files into: digital portfolios, online yearbooks, online catalogs, digital photo albums and more. Sign up and create your flipbook.