TOLL-FREE:  888-434-0844               Website:  www.cpuser.org               EMAIL:  Gordon@cpuser.org
Printer-friendly copy Email this topic to a friend
Top CUG's Counterpoint® V7 Forum topic #6585
View in linear mode

Subject: "pci compliance counter point 7 " Previous topic | Next topic
jriversThu Mar-30-17 10:00 AM
Member since Mar 30th 2017
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#6585, "pci compliance counter point 7 "


          

Does anyone know if counter point 7.5.20 is pci compliant with use of cp gateway?

  

Alert | IP Printer-friendly copy | Reply | Reply with quote | Top

Replies to this topic

Extascy2Thu Mar-30-17 03:53 PM
Member since Mar 07th 2013
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#6586, "RE: pci compliance counter point 7 "
In response to Reply # 0


          

It is likely compliant today but will not be compliant beyond 2017 as PCI requirements are updated.

NCR will not be providing any future updates for V7.

  

Alert | IP Printer-friendly copy | Reply | Reply with quote | Top

    
operationsTue Apr-04-17 05:40 PM
Member since Jan 19th 2004
Click to send email to this author Click to send private message to this authorClick to view this author's profileClick to add this author to your buddy list
#6590, "RE: pci compliance counter point 7 "
In response to Reply # 1
Tue Apr-04-17 05:44 PM by Webmaster

          

Yes... and no.

It's supposed to be. Synchronics certainly paid through the nose for the certification. The encryption routines do a good job of securing card data prior to writing it to history files. But the CC data isn't encrypted between the credit card terminal and the register. So a "wedge device" could be installed to scrape off track data. You can actually swipe a credit card's track data into NotePad.

Even worse, I know - for a fact - that card data entered into "Customer cards" isn't encrypted at all ! I just tested it on 7.5.20. I keyed a test credit card's number and expiration date into the customer cards window then used Pervasive Control Center to view the unencrypted card information. You could also access the data by exporting the file. (I'm not revealing which file for obvious reasons.)

  

Alert | IP Printer-friendly copy | Reply | Reply with quote | Top

Top CUG's Counterpoint® V7 Forum topic #6585 Previous topic | Next topic
Powered by DCForum+ Version 1.24
Copyright 1997-2003 DCScripts.com
Counterpoint Users Forum