RDPWin Version 3 Available - PCI Compliant
3/1/2014 - See: RDPWin
Version 4 now Available
5/27/2010 - Resort Data Processing (RDP) is pleased to announce the release of
RDPWin Version 3 (RDPWin3), which is available immediately
and it is fully PCI credit card compliant.
As
part of PCI compliance customers currently using any version of RDPWin must upgrade to RDPWin3 by 7/01/2010.
Legacy DOS customers have a choice of upgrading to RDPWin Version 3 OR
continuing to use DOS with the Credit Card features deactivated. To determine the steps required to
upgrade to RDPWin3 pleased
contact RDP.
The following Version 3 changes were required for PCI compliance
certification.
- RDPWin3 is fully PCI Compliant.
- Customers who wish to continue to use RDPDOS after 7/1/2010 can do so as
long as they turn off the credit card features.
Contact RDP for details.
-
Credit card number
encryption is required for credit cards and
login user data.
- Customers using the
RDP-Protobase Credit Card Interface from
Elavon/SDC
must have Protobase 6.01
installed.
- Customers using the Internet Reservation Module must install the IRM.Net
(Installation for
2003 server or
2008 server).
Classic IRM cannot be used with RDPWin3.
- Customers using RDPSerial must switch to
RDPActuator.
Contact RDP Support by entering a
support ticket to complete this
process.
- Customers using RDPGDS must switch to one of the approved
GDS 2-way Interfaces.
- Customers must
enter new passwords for all users when
they upgrade to RDPWin3.
- Passwords are required to have letters (lower and upper case) and numbers
and be from 7 to 15 characters long. Passwords expire every 90
days.
- The RDPWin3 login screen does not allow a user to select
their name from a drop down list. A user name and password must be entered.
See
User Maintenance for more details on access.
- Only Credit Card Administrators and Administrator User Types require
auto-logoff after 20 minutes of inactivity. Users without administrator
privileges may remain in the system.
- Unique user names are required. It is no longer
possible to have a generic login for multiple people, such as "Front" for
all front desk clerks. The initials of the individual user logged in is
stamped in RDP data records. The system can no longer prompt for the
user initials with Switch 421-09.
Important Version 3 Documents
Payment Card Industry (PCI) Compliance
In order to protect consumers from credit card
fraud, the credit card companies (Visa, MC, Amex, Discover, etc.) formed an
organization called Payment Card Industry Security Standards Council (PCISecurityStandards.org).
This organization has the task of setting the PCI specification and enforcing
it. Payment Card Industry (PCI) compliance assessment applies to any
business collecting credit card information.
Related issues:
- RDP software is required to follow PCI standards. RDP is not not
making or enforcing PCI standards.
- All older versions of RDP software, including RDPDOS, RDPWin2, RDPWin1,
and IRM Classic are NOT PCI compliant or certified. Customers should
contact RDP for
information on how to upgrade to RDPWin3 and IRM.Net Version 3
- There is more to your PCI compliance than RDP software. All customers should read the
Visa Compliance Validation.
- It is the responsibility of each
customer to assure full PCI compliance. RDP is NOT
LIABLE for damages or fines related to PCI compliance.
RDP offers no assistance, guarantees, or advice regarding PCI compliance and
cannot be held liable for any damages resulting from customer failure to
comply with full PCI compliance standards.
- Any customer collecting credit cards with or without
RDP software must be compliant by July 1, 2010.
Related Topics
|