Skip to main content

Has anyone been through PCI Compliance Testing with IFS, particularly the credit card module?   Was there anything they had to do to become compliant?  Do you store credit card info?  And if so how do you maintain compliance if holding the credit card info?

Thanks

Hi, 

The credit card solution / CCI (credit card interface) was designed to be PCI compliant / allow PCI compliance). If we choose to store credit card numbers, that data is encrypted such that a user would not have access to the stored value.  The credit card number is presented as XXXX456.  The CCI also offers the ability to use tokens, where the credit card number is not  within IFS.  If holding of a credit card number as encrypted data is a concern, the option to use tokens is certainly available.  

Best regards, 

Thomas

 


Thanks Tom!

What needs to be done as far as using tokens?

Your comment - If holding of a credit card number as encrypted data is a concern, the option to use tokens is certainly available.  

 


Hi, 

This “token” option was added to the newer versions of the CCI, I need to confirm what we need to do to utilize that.  I saw it and tested. “long ago”.   The person I need to contact is out of the office. I sent an email. 

Best regards, 

Thomas


Thanks Tom

 


Hi, 

Received email -  It’s just a check box in basic data. No configuration, it’s available App10 and higher.

 

Best regards,

Thomas


Thanks for your help with this topic Tom!

Lisa