Our team works diligently to help keep our merchants’ data safe. For merchant processors, this means we need to ensure all our customers are following the PCI-DSS Regulations.
PCI compliance security standards are technical and operational requirements set by the PCI Security Standards Council (PCI SSC) to protect cardholder data. The standards apply to all entities that store, process or transmit cardholder data – with guidance for software developers and manufacturers of applications and devices used in those transactions. The Council is responsible for managing the security standards, while compliance with the PCI set of standards is enforced by the founding members of the Council, American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc.
This means that if you are using anything outside of an EMV-enabled credit card terminal, you need to ensure your work station, internet connection, and server are up-to-date with the PCI security standards.
On June 30th 2018, TSL 1.0, SSL V3 will no longer be a PCI approved method of running transactions. To maintain PCI compliance, payment processors and gateway providers are removing security certificates, which will disable legacy software using this legacy encryption method. This, not only means processing this way will be considered PCI compliant, but all transactions will stop working eventually.
All integrations APS has developed are ready to handle the new PCI compliance security standard, TLS 1.2.
TLS 1.2 enforces a methodology that utilizes strong encryption to keep data safe. Our integration takes advantage of your operating systems’ highest available encryption method. If someone is running, say, MAS 90 4.4, and running Microsoft Server 2003, they will not have the ability to run the higher encryption methods of TLS 1.2. Both the client, and the server must have operating systems that can process TLS 1.2 methodology.
Several of these new methodologies APS is rolling out are in conjunction with the standards of cryptography and virtual currencies (cryptocurrencies) utilized, to ensure all data is being transmitted with the highest levels of security.
What does this mean for you?
If you are still running an old server (i.e. Microsoft Windows Server 2003), or running older versions of Windows (Windows XP) on your work stations, please contact APS to ensure you are prepared for the upcoming changes.
Our team works hard to better prepare our clients and future clients in data security, fully integrated solutions, and lower merchant fees. If you have not made the switch to APS yet, contact us to see how we can help!
APS enables you to cut costs and offers the following streamlined credit card processing features:
- Convenient 24 hour access to payment processing and reporting
- Automated recurring billing
- Improved cash flow
- Fraud detection and prevention (volume thresholds, risk parameters)
- Reduce invoicing costs
- No additional licensing fees
- Virtual Terminals (no integration needed, no software to install, simply use your web browser to securely log in to process transactions)
- Credit card tokenization for secure access to future customer transactions
- Real-time Payment Gateway
- Level 3 supported gateway for US accounts, (significant savings for business to government or business to business transactions)
- Batch processing when real time approvals are not required
- 100% PCI-DSS compliant at no additional cost
- Some of the lowest American Express fees in the entire industry!
- Next Day Funding including American Express making reconciliation process easier