PCI compliance changes

Top  Previous  Next

 

As of July 1st, new PCI compliance rules came into effect that impose stronger security restrictions than the previous PCI compliance standards.  Campground Master is a bit behind on meeting this compliance, but we're currently undergoing the necessary development and compliance certification.  Briefly, here is what this means to you:

 

If you store any credit card information in Campground Master, even if just storing card numbers whether you process the cards through Campground Master or not (e.g. for Guarantees), then your credit card company will require you to use a version that's PCI compliant.

 

Some of the new rules include:

 

- Complete audit trail for all access and modification of data, kept for 1 year.

- Stronger passwords, with a mix of letters and numbers, which must be changed every 90 days.  Passwords must be encrypted and not viewable by anyone, including administrators.

- Automatic inactivity time-out of logins, of no more than 15 minutes.

- Card swipe data cannot be written to disk unencrypted, even temporarily, and cannot be stored in the software.

 

That last item will especially affect you if you currently process cards in Campground Master.  Depending on your interface method, you will need to make the following change (all of which require the new version of Campground Master currently in beta testing):

 

X-Charge users -- you will need to switch to the new "XpressLink" method of interfacing, which does not involve files.  This requires X-Charge 7.0 or later, which must be installed on each computer rather than just the master.

 

IC Verify users -- you will need to upgrade to ICVerify v4.0.4 (their PCI compliant version), and use the "ICVerify Encrypted" processing software selection in Campground Master.

 

Merchant Warehouse users -- you will need to use the MerchantWARE web services interface instead of the eMagic software.

 

 


Page URL http://CampgroundMaster.com/help/pcicompliancechanges.html

Campground Master Home