Solved

PCI Compliance Testing - Specifically Credit Card Interface

  • 21 January 2022
  • 6 replies
  • 236 views

Userlevel 4
Badge +6

Has anyone been through PCI Compliance Testing with IFS, particularly the credit card module?   Was there anything they had to do to become compliant?  Do you store credit card info?  And if so how do you maintain compliance if holding the credit card info?

Thanks

icon

Best answer by Thomas Peterson 21 January 2022, 22:26

View original

This topic has been closed for comments

6 replies

Userlevel 7
Badge +18

Hi, 

The credit card solution / CCI (credit card interface) was designed to be PCI compliant / allow PCI compliance). If we choose to store credit card numbers, that data is encrypted such that a user would not have access to the stored value.  The credit card number is presented as XXXX456.  The CCI also offers the ability to use tokens, where the credit card number is not  within IFS.  If holding of a credit card number as encrypted data is a concern, the option to use tokens is certainly available.  

Best regards, 

Thomas

 

Userlevel 4
Badge +6

Thanks Tom!

What needs to be done as far as using tokens?

Your comment - If holding of a credit card number as encrypted data is a concern, the option to use tokens is certainly available.  

 

Userlevel 7
Badge +18

Hi, 

This “token” option was added to the newer versions of the CCI, I need to confirm what we need to do to utilize that.  I saw it and tested. “long ago”.   The person I need to contact is out of the office. I sent an email. 

Best regards, 

Thomas

Userlevel 4
Badge +6

Thanks Tom

 

Userlevel 7
Badge +18

Hi, 

Received email -  It’s just a check box in basic data. No configuration, it’s available App10 and higher.

 

Best regards,

Thomas

Userlevel 4
Badge +6

Thanks for your help with this topic Tom!

Lisa