RDPWin Version 3 Available - PCI Compliant

3/1/2014 - See:  RDPWin Version 4 now Available

5/27/2010 - Resort Data Processing (RDP) is pleased to announce the release of RDPWin Version 3 (RDPWin3), which is available immediately and it is fully PCI credit card compliant.  As part of PCI compliance customers currently using any version of RDPWin must upgrade to RDPWin3 by 7/01/2010.  Legacy DOS customers have a choice of upgrading to RDPWin Version 3 OR continuing to use DOS with the Credit Card features deactivated.  To determine the steps required to upgrade to RDPWin3 pleased contact RDP.

The following Version 3 changes were required for PCI compliance certification.

• RDPWin3 is fully PCI Compliant.
• Customers who wish to continue to use RDPDOS after 7/1/2010 can do so as long as they turn off the credit card features. Contact RDP for details.
• Credit card number encryption is required for credit cards and login user data.
• Customers using the RDP-Protobase Credit Card Interface from Elavon/SDC must have Protobase 6.01 installed.
• Customers using the Internet Reservation Module must install the IRM.Net (Installation for 2003 server or 2008 server). 
    Classic IRM cannot be used with RDPWin3.
• Customers using RDPSerial must switch to RDPActuator. 
    Contact RDP Support by entering a support ticket to complete this process.
• Customers using RDPGDS must switch to one of the approved GDS 2-way Interfaces.
• Customers must enter new passwords for all users when they upgrade to RDPWin3. 
• Passwords are required to have letters (lower and upper case) and numbers and be from 7 to 15 characters long.  Passwords expire every 90 days.
• The RDPWin3 login screen does not allow a user to select their name from a drop down list.  A user name and password must be entered. 
    See User Maintenance for more details on access.
• Only Credit Card Administrators and Administrator User Types require auto-logoff after 20 minutes of inactivity. Users without administrator privileges may remain in the system.
• Unique user names are required.  It is no longer possible to have a generic login for multiple people, such as "Front" for all front desk clerks.  The initials of the individual user logged in is stamped in RDP data records.  The system can no longer prompt for the user initials with Switch 421-09.

Important Version 3 Documents

• Login Changes in Version 3
• Pre-installation Checklist
• Install/Upgrade Steps
• RDP-Protobase Credit Card Interface
• RDPWin 3 Differences

Payment Card Industry (PCI) Compliance

2/1/2010 - RDP software is fully PCI credit card compliant - see the PCI Security Standards Council list of Validates Payment Applications.

In order to protect consumers from credit card fraud, the credit card companies (Visa, MC, Amex, Discover, etc.) formed an organization called Payment Card Industry Security Standards Council (PCISecurityStandards.org).  This organization has the task of setting the PCI specification and enforcing it.  Payment Card Industry (PCI) compliance assessment applies to any business collecting credit card information.  Related issues:
 

• RDP software is required to follow PCI standards.  RDP is not not making or enforcing PCI standards. 
• All older versions of RDP software, including RDPDOS, RDPWin2, RDPWin1, and IRM Classic are NOT PCI compliant or certified.  Customers should contact RDP for information on how to upgrade to RDPWin3 and IRM.Net Version 3 
• There is more to your PCI compliance than RDP software.  All customers should read the Visa Compliance Validation.
• It is the responsibility of each customer to assure full PCI compliance.  RDP is NOT LIABLE for damages or fines related to PCI compliance.  RDP offers no assistance, guarantees, or advice regarding PCI compliance and cannot be held liable for any damages resulting from customer failure to comply with full PCI compliance standards. 
• Any customer collecting credit cards with or without RDP software must be compliant by July 1, 2010.

Related Topics

• RDP-Protobase Credit Card Interface
• RDPWin Technology Overview