|
|
What is PCI Compliance?
Basically, all of the major card brands got together and created a common standard for credit card data security, known as the Payment Card Industry (PCI) Data Security Standard (DSS). Your compliance to the PCI DSS is now mandatory if you accept credit cards in your business. The PCI DSS can be viewed and downloaded from the following website: http://www.pcisecuritystandards.org
What is the Payment Application Data Security Standard (PA-DSS)?
The PA-DSS is the list of requirements that we, as software developers of a credit card payment processing application, are required to implement so that you can achieve PCI Compliance. They are essentially specific rules and methodologies for developing secure programs in such a way that credit card data is less susceptible to compromise.
What you need to do:
- Start by reviewing our VersiTouch PA-DSS Implementation Guide. There’s a lot of information about the PCI DSS and specific recommendations for how to achieve PCI Compliance.
- If you're setting up your POS network, you should consult our VersiTouch Firewall Guide for specific recommendations on hardware and segmentation.
- Follow up with the user guides for the individual software products that make up the VersiTouch Point-of-Sale suite:
VersiTouch POS Users Guide
VersiTouch Credit Users Guide
VersiTouch Credit Access Users Guide
- Follow the instructions to activate VersiTouch Credit Access.
- Use VersiTouch Credit Access to check access logs.
- Use VersiTouch Credit Access to permanently remove sensitive credit card data from POS storage files after you’ve verified that the deposit has made it to your bank account.
- Always make sure that you are running the most recent versions of VersiTouch POS, VersiTouch Office, VersiTouch Credit, and VersiTouch Credit Access (check http://www.versitouch.com for updates).
How to update VersiTouch software:
VersiTouch follows a very simple update procedure: overwrite old files with new files. This may not be the most elegant way of updating software but it is simple and effective. It also means that, under most circumstances, you can revert to a previous version simply by overwriting the new files with copies of the old.
VersiTouch POS can be overwritten on the fileserver while the stations are actively running. This is because each station makes a temporary copy of VersiTouch POS that runs on the local machine. After you overwrite the VersiPOS.exe file, you’ll need to restart each of the stations in order for the update to complete.
Unfortunately, that’s not the case for VersiTouch Office and VersiTouch Credit. Neither of those programs can be actively running on a computer when you update them. You’ll have to exit the programs, overwrite the files, then restart them. We typically recommend rebooting the fileserver both before and after updating.
The following instructions will give you a smooth update:
- Shutdown the stations.
- Shutdown any back office PCs that connect to the fileserver.
- Reboot the fileserver.
- Make sure that VersiTouch Office is not running.
- Exit VersiTouch Credit by right-clicking on the blue and yellow “flag” icon, located in the system tray next to the time, then selecting “Exit VersiCredit Server”.
- Download the current software versions from our website at http://www.versitouch.com.
- Unzip the update files from the VersiTouch website into the /RCS folder on the fileserver, overwriting the existing files.
- Reboot the fileserver.
- Verify that the version number of VersiTouch Credit is the same one you downloaded by double clicking the blue and yellow “flag” icon, located in the system tray next to the time. The version is identified at the top of the window.
- Restart the stations.
- Verify that the version number of VersiTouch POS is the same one you downloaded by selecting MANAGER from the Main Screen, then touching System Info.
|
|
|
