PCI Compliance Testing - Specifically Credit Card Interface | IFS Community
Solved

PCI Compliance Testing - Specifically Credit Card Interface

  • 21 January 2022
  • 6 replies
  • 76 views

Userlevel 3
Badge +5

Has anyone been through PCI Compliance Testing with IFS, particularly the credit card module?   Was there anything they had to do to become compliant?  Do you store credit card info?  And if so how do you maintain compliance if holding the credit card info?

Thanks

icon

Best answer by Thomas Peterson 21 January 2022, 22:26

View original

6 replies

Userlevel 7
Badge +11

Hi, 

Received email -  It’s just a check box in basic data. No configuration, it’s available App10 and higher.

 

Best regards,

Thomas

Userlevel 7
Badge +11

Hi, 

The credit card solution / CCI (credit card interface) was designed to be PCI compliant / allow PCI compliance). If we choose to store credit card numbers, that data is encrypted such that a user would not have access to the stored value.  The credit card number is presented as XXXX456.  The CCI also offers the ability to use tokens, where the credit card number is not  within IFS.  If holding of a credit card number as encrypted data is a concern, the option to use tokens is certainly available.  

Best regards, 

Thomas

 

Userlevel 7
Badge +11

Hi, 

This “token” option was added to the newer versions of the CCI, I need to confirm what we need to do to utilize that.  I saw it and tested. “long ago”.   The person I need to contact is out of the office. I sent an email. 

Best regards, 

Thomas

Userlevel 3
Badge +5

Thanks for your help with this topic Tom!

Lisa

Userlevel 3
Badge +5

Thanks Tom!

What needs to be done as far as using tokens?

Your comment - If holding of a credit card number as encrypted data is a concern, the option to use tokens is certainly available.  

 

Userlevel 3
Badge +5

Thanks Tom

 

Reply