Differences

This shows you the differences between two versions of the page.

--- pci_update_info [2017/05/16 13:38 (7 years ago)] – mrobosa
+++ pci_update_info [2021/05/17 11:52 (3 years ago)] (current) – tanya
@@ Line 1: / Line 1: @@
-====== PCI Upgrade Information  ======
+====== PCI Compliance Check  ======
+https://support.windwardsoftware.com/a/solutions/articles/66000488289
+===== What is PCI Compliance? =====
+Payment Card Industry (PCI) has developed security standards for handling cardholder information in a published standard called the [[https://www.pcisecuritystandards.org/pci_security/|PCI Data Security Standard (DSS]]). The security requirements defined in the DSS apply to all members, merchants, and service providers that store, process or transmit cardholder data. PCI Standard is developed and managed by the [[https://www.pcisecuritystandards.org/|PCI Standards Organization]] \\
-**What is PCI Compliance?**\\
+The PCI DSS requirements apply to all system components within the payment application environment which is defined as any network device, host, or application included in or connected to, a network segment where cardholder data is stored, processed or transmitted
-[[https://www.pcisecuritystandards.org/|PCI Standards Organization]]
-\\
-\\
-\\
-**__What does PCI have to do with System Five?__**\\
-\\
-All businesses in North America that process, store, or key credit/debit card information into their business software were asked to be PCI compliant by July 1, 2010. This is a PCI Security Standards Council requirement and deadline. You likely received notification from your credit card processing company about PCI compliance. If your Windward System Five software has not been upgraded to the PCI compliant version you need to upgrade the software to make it compliant given the deadline has already passed.  //Please contact your credit/debit card processing company for details on any possible consequences for not being PCI compliant.//\\
-\\
+==== What does PCI have to do with System Five? ====
+All businesses in North America that process, store, or key credit/debit card information into their business software was asked to be PCI compliant by July 1, 2010. This is a PCI Security Standards Council requirement and deadline. You likely received notification from your credit card processing company about PCI compliance. If your Windward System Five software has not been upgraded to the PCI compliant version you need to upgrade the software to make it compliant given the deadline has already passed.  //Please contact your credit/debit card processing company for details on any possible consequences for not being PCI compliant.//\\
@@ Line 19: / Line 16: @@
 \\
-**__How to check if you are PCI compliant__** \\ \\
+==== How to check if you are PCI compliant ====
-I am currently using **System Five Version 6.0** \\
+  * You are using **System Five program version 6.2.2.x or 6.2.4.x** (From the Help menu, choose About)
-I am currently using **Pervasive Version 10** \\
+  * You are using **Pervasive version 12** ([[verifying_your_pervasive_version|Check your Pervasive version]])
-To verify your Pervasive version, [[http://wiki.wws5.com/doku.php?id=verifying_your_pervasive_version|click here]]
+  * You are using **Datacap version 5.06** ([[verifying_your_datacap_version|Check your Datacap version]])
+  * You are using **compliant PIN pad devices** ([[https://datacapsystems.com/compatible-devices|Check compatible PIN pads]])
-I am currently using a compliant Pinpad device (if using a pinpad device)
-If you meet the conditions above, **System Five is PCI Compliant**. You need to make sure that your entire computer system and network complies with all the other system requirements. \\
+If you meet the conditions above, **[[https://www.pcisecuritystandards.org/assessors_and_solutions/payment_applications?agree=true|System Five is PCI Compliant]]**. You need to make sure that your entire computer system and network complies with all the other system requirements. \\
 --------------------------------------------------------------------------------------------------------------------
@@ Line 34: / Line 29: @@
   * Please note the version of Pervasive you are running
   * Verify if you are using integrated credit card processing. \\
-  * Verify that your **Pinpad** is compliant. To verify this, see the [[http://wiki.wws5.com/lib/exe/fetch.php?id=windward_supported_hardware_list&cache=cache&media=faq:supported_equipment_list-revised.pdf|System Five Supported Hardware List]]
+  * Verify that your **PIN pad** is compliant. Check on the [[https://datacapsystems.com/compatible-devices|PIN pads that are supported]].
-If you are using integrated credit card processing, you **MUST** have **Pervasive 10** and **System Five Version 6.0** and a compliant Pinpad.
+If you are using integrated credit card processing, you **MUST** have **Pervasive v12** and **System Five Version 6.2.2 or 6.2.4** and a compliant Pinpad.
-PCI Check Steps:
+===== PCI Check Steps =====
 **1. When your program is not PCI compliant, you will get this PCI check prompt below.**\\
-{{ :pci1.jpg |}}
+{{:pci1.jpg?600|}}
 You may also manually go to Setup Wizard>Payment Processing…and just follow the prompts.\\
-{{ :pci2.jpg |}}
+{{:pci2.jpg?600|}}
 **2. Click on Yes…**\\
-{{ :pc13.jpg |}}
+{{:pc13.jpg?600|}}
-**3. This window shows the number of days you would like to keep your card numbers. This is specifically used for customers who use the ‘Credit Card on File’ feature of System5. For most, it is recommended to just keep it at 0 day/s. Click Yes.** \\
+**3. This window shows the number of days you would like to keep your card numbers. This is specifically used for customers who use the ‘Credit Card on File’ feature of System Five. For most, it is recommended to just keep it at 0 day/s. Click Yes.** \\
-{{ :pci4.jpg |}}
+{{:pci4.jpg?600|}}
-**4. On this next step, it will list down System5 users who have not log in for more than 30 days, expired passwords or without password expiry dates. All these needs to be addressed. Please remember that a PCI compliant password should contain at least be seven (7) characters with letters, numbers and symbols ( !@#$%^&*() ).**\\
+**4. On this next step, it will list down System Five users who did not log in for more than 30 days, expired passwords or without password expiry dates. All these need to be addressed. Please remember that a PCI compliant password should contain at least be seven (7) characters with letters, numbers and symbols ( !@#$%^&*() ).**\\
-{{ :pci5.jpg |}}
+{{:pci5.jpg?600|}}
-**These users’ issues need to be resolved. Login to those users who have not login for more than 30 days, change the user password or set an expiry date by going to the Setup Wizard>Users and Security>Names and Passwords. Select and edit the user. See image below:** \\
+**5. These users’ issues need to be resolved. Login to those users who have not login for more than 30 days, change the user password, or set an expiry date by going to the Setup Wizard>Users and Security>Names and Passwords. Select and edit the user. See image below:** \\
-{{ :pci6.jpg |}}
+{{:user_password_expiry.jpg?600|}}
 **6. Once all users’ issues are resolved you will then be able to proceed and just click Yes on the next windows.**\\
-{{ :pci7.jpg |}}
+{{:pci7.jpg?600|}}
-{{ :pci8.jpg |}}
+{{:pci8.jpg?600|}}
-. Manually check the checkboxes below. If you are able to check all boxes, then you can proceed with the next step and finish the PCI check. However, there are instances when the boxes are greyed out.\\
+**7. Manually check the checkboxes below. If you are able to check all boxes, then you can proceed with the next step and finish the PCI check. However, there are instances when the boxes are greyed out.**\\
-{{ :pci9.jpg |}}
+{{:pci9.jpg?600|}}
 **The last 6 boxes are the ones that usually give users an issue to complete the check.** \\
-a. System Five is up to date with the latest release --- this means that you need to update/upgrade your System5. Follow this link: http://wiki.wws5.com/doku.php?id=system5_upgrade\\
+a. System Five is up to date with the latest release --- this means that you need to update/upgrade your System5. Follow this link: [[system5_upgrade]]\\
 b. Data Files are in a directory not accessible from users --- you have to share the whole Windward or System5 folder with read/write permissions for everyone. \\
 c. Data Files are securely Encrypted --- Click on the ‘Re-encrypt Cardholder data’ to fix this.\\
@@ Line 83: / Line 77: @@
 f. Key Encrypting keys have been regenerated --- Click on ‘Key Management’.\\
-{{ :pci10.jpg |}}
+{{:pci10.jpg?600|}}
 **
 This window will pop up. Click on Key Management and Rotate Keys.** \\
-{{ :pci11.jpg |}}
+{{:pci11.jpg?600|}}
 Wait until it is completed.
@@ Line 93: / Line 87: @@
 **8. All boxes can be manually checked now and click on Yes to proceed.**\\
-{{ :pci12.jpg |}}
+{{:pci12.jpg?600|}}
 **9. PCI check is complete. Click on OK.**\\
-{{ :pci13.jpg |}}
+{{:pci13.jpg?600|}}