The Payment Cardholder Industry (or PCI) standard was created by Visa, MasterCard, American Express, Discover and others to protect cardholder information and reduce data theft. The PCI Data Security Standard (PCI DSS) is an evolving set of requirements intended to ensure that all companies that process, store or transmit credit card information maintain a secure environment.
Separately, the Payment Application Data Security Standard (PA-DSS) provides guidance to software vendors on any software sold, distributed or licensed to third parties that stores, processes or transmits credit card data.
Version 2.0 of PCI DSS and PA-DSS requirements became effective January 1, 2011. Both PCI DSS and PA-DSS are independently run by the PCI Security Standards Council (www.pcisecuritystandards.org) and is enforced by the payment brands, not the PCI SSC.
Within the scope of RockSolid software, RockSolid’s PA-DSS compliance is only part of the effort required for a merchant to achieve PCI compliance. Elements outside of RockSolid software will also require assessment for PCI-DSS compliance. Using RockSolid POS version 5.7.13 or later is one step towards achieving PCI compliance. However, each merchant is responsible for assessing and ensuring that its organizational processes, networks and hardware devices comply with the applicable PCI DSS standards. All merchants should review the standards provided by the Security Council and evaluate their PCI requirements.
* For a subset of the PCI-DSS requirements applicable to merchants, the PA-DSS provides guidance for software vendors on requirements noted in the list above. These standards are maintained by the PCI SSC. The complete list of requirements should be reviewed on the PCI SSC’s Website: https://www.pcisecuritystandards.org/security_standards/pa_dss.shtml
Statements regarding RockSolid POS software’s compliance with the PCI standard are based on our internal software review as of the updated date noted above and have been independently verified by a third party. However, use of RockSolid POS software does not guarantee that a user’s business or operations are PCI compliant and should not be relied upon for such purpose. Certification should be obtained from an approved Qualified Security Assessor.
ECi supports the entrepreneurial spirit of independent businesses...and you win!
Feel free to drop us a line — we'd love to hear from you!
Contact support: we're here to help!