Credit Card Security Compliance — All Hell is Breaking Loose

Share:

Credit Card Security Compliance — All Hell is Breaking Loose

After my post below, I got a missif from a manufacturer.  Here’s the gist of it:

There’s
even more to talk about. We are in the process of certifying our next software release and found that
they want to interview our distributors now. Meaning our certification my be
dependent on whether our distributors processes and procedures are compliant.
This has huge implications in my opinion. Think it through on what that means for
us (the manufacturers) and the distributors. We may be faced to have to go
direct to be engaged in the business as the distributors simply can’t afford to
comply! 

Here’s the deal as I, a lowly journalist, see it. The consulting firms are in bed with the credit card companies and are milking this for everything its worth. If they have to talk to distributors, they can charge more. I have been told that the major consultants approved by the CC companies to review the software, are former employees of the CC companies themselves. The cost and time involved is outrageous, and the killer is that it’s ongoing. They want you to sign up to have your software reviewed and approved annually. And, as I said before, a single change can cause a reaudit of the software.

(One Vendor told me that he asked the consulting firm that is doing his software audit what other business they were in, and he was told this was their only business….)

Some vendors are telling me that even if there is a change to the software completely unrelated to the credit card acceptance package, that the software may need to be reaudited.

Others tell me that their software V1 is approved. OK they say. Now they put out V2 with other features a customer wants, however since its not approved, they and their customer have a problem. It has to be approved if the customer wants CC security protection. WOW! 

Back in the days when I sold this stuff, I know that there was no software sold that was the same as any other. There were always tweaks that allowed the system to fit the individual needs of the customer. Sometimes these tweaks are to fix bugs on existing "approved" systems. Are those fixes enough to decertify a system?  Try to get an answer from  anyone in the business. Talk to five people, you get five different opinions.

Life in the parking business is becoming more and more complex, and expensive.

JVH

John Van Horn

John Van Horn

One Response

  1. This is a good argument for prepaid cards from the vendor’s standpoint, maybe everyone’s standpoint…

Leave a Reply

Your email address will not be published. Required fields are marked *

Only show results from:

Recent Posts

A Note from a Friend

I received this from John Clancy. Now retired, John worked in the technology side of the industry for decades. I don’t think this needs any

Read More »

Look out the Window

If there is any advice I can give it’s concerning the passing scene. “Look out the window.” Rather than listen to CNN or the New

Read More »

Archives

See all Blog Posts

Send message to



    We use cookies to monitor our website and support our customers. View our Privacy Policy