The credit card industry has enacted new rules and regulations to secure both merchant systems and customer data from fraud. All merchants accepting credit cards must comply with the new regulations or face fines, penalties and loss of the ability to process credit cards as part of their payment methods. These regulations (referred to as PA-DSS compliance) are broken down into three distinct sections.
The point of sale application being used (The General Store) must be certified by an approved certification authority as complying with the PA-DSS rules.
The General Store is certified as PA-DSS compliant in Version 8 and later. Earlier versions of the software are no longer supported.
The processing application (the actual application a merchant uses to process credit card)s must be certified as being PA-DSS compliant.
The following credit card processing applications are certified as PA-DSS compliant and can be integrated with The General Store:
Open Edge (PPI)
Vantiv (Mercury Processing) DSI Client
Net ePay
World Pay
Assure by Signature Processing
Pay Guardian
.
Each individual merchant must be certified by an approved certification authority as operating in a secure environment.
Merchants must be independently certified by a certified testing authority as to the security of their point of sale application, their credit card processing application, and the individual security of their network.
Merchants processing credit cards must adhere to the following:
Only the necessary folders can be shared (you may no longer share the root of the C drive) (show me more)
Merchants must be using a valid firewall product (show me more). For specific router/firewall information see this page.
Merchants must have an active anti-virus product installed, running, and updated. Click here for specific anti-virus information.
No PAN data (credit card data) can be found on the local hard drives (show me more)