Credit Card Security

If you accept credit cards for payment from your customers, you have probably heard of the PCI Data Security Standard. PCI-DSS is a set of security standards developed by the PCI Security Standards Council and adopted by the payment card processing companies. Please note that we are not enforcing these standards, but are providing tools for you to continue processing credit card payments in compliance with these standards. Your payment card processor could enforce these standards through fines, liability for data breaches, or suspension of your account.

If you collect credit card information from your customers, it is important for you to be aware of the liability associated with it. While we provide a safe, secure software product, it is your responsibility to use it in a safe, secure manner.

For all users of ABC Accounting:

PCI-DSS prohibits you from entering any credit card numbers, expiration dates, or CVV numbers in the payment screens, customer screen, invoice screen, or other locations in ABC Accounting. Any credit card data currently in the system should be deleted. You may request our utility to clear credit card numbers and expiration dates from the POS Payment file. Your merchant account provider may require you to complete a self-assessment questionnaire. If you do not process credit cards through ABC Accounting, the rest of this letter does not apply to you.

If you process credit cards through ABC Accounting:

Clients who are using ABC Accounting to process their credit card payments via PC Charge or Merchantware Pro need to be aware of the new requirements beginning July 1, 2010. One of the requirements for being PCI compliant is to use only PA-DSS certified software. Custom developed applications may be exempt from this requirement. ABC Software LLC is supporting two different PA-DSS certified payment applications, Merchantware Transport and Creditline. There is no license fee for the ABC update if you are using ABC Accounting version 13. With this update, the credit card will not be swiped into ABC, but directly into the payment application. The payment application opens automatically when you enter a credit card payment into ABC.

If your merchant account is supplied by Merchant Warehouse, our preferred account provider, you can use Merchantware Transport. This is a program that resides on each workstation and communicates with the Merchant Warehouse gateway via a secure link through the internet. This solution requires internet access at each workstation. No card information is stored on your local database, simplifying PCI compliance. Transport is free for the first four workstations, and $25 per additional workstation. Installation and configuration will incur the normal support time charges from your ABC Software dealer. Currently, Transport does not support more than one merchant account on a workstation. Windows XP Pro, Windows Vista Business or Ultimate, or Windows 7 Business or Ultimate is required.

The other solution we support is a product called Creditline by 911 Software. This software supports a number of the major credit and debit card processors. The license fee for 911 Software is $495 per merchant account for up to thirty workstations. You can go to www.911software.com and click on the Processors link to see if your current processor is supported.

We have utilities available to purge credit card information from the Credit Card Authorization file and the POS Payment file.

Where to get more information:

To make it easy to access links, read this letter at www.abcsoftware.us/pci.pdf

PCI Security Standards Council website: https://www.pcisecuritystandards.org/index.shtml

About the PCI Data Security Standard: https://www.pcisecuritystandards.org/security_standards/pci_dss.shtml

Merchantware Transport: http://merchantwaresolutions.com/products-transport.php

Creditline: http://www.911software.com/credit_card_software_CreditLine.htm

If you have any questions, please contact your ABC Software dealer.