PCI Tokenization and Encapsulation
| This article is part of the Payment Processing Software Library |
|
| Get it... | |
| Install it... | |
| Connect to it... | |
| Set it up... | |
| Learn to use it... | |
|
→ Manual & User Guide | |
| Fix it... | |
|
→ Errors & Troubleshooting | |
| Get Help... | |
| More Info ... | |
| See also... | |
CreditLine Payment Processing Software PA-DSS Exempt Options. This site can also be reached at http://docs.911software.com
→ Looking for better rates? Get a Free Credit Card Processing Cost Comparison!
Contents
PA-DSS Exempt Integration Options
With 911 Software CreditLine Payment Processing Software you have the option to make all or part of your application "PCI Exempt"*
Contrary to the popular opinion, offsite storage of payment processing data (e.g. Shift4, SDC) does not free the end-user from the liabilities of handling credit cards. The cards are still handled at the store and the credit card data is still being transmitted. The additional cost of gateway processing does not justify the benefits.
911 Software Crediline offers the best value in "PCI Friendly" technologies by offering both the ability to be "ISO Friendly" and processing through the clearing houses directly and the benefit of removing any and all secure payment information handling from the client's Point Of Sale source code.
- Important Notice: This program was called "PCI Exempt". We changed the name to reflect the new policies of the PCI Council. PCI Exempt used to be a convenient term that Point Of Sale developers use to refer to the practice of tokenization and external UI encapsulation. 911 Software does not have the authority to exempt any vendor from PCI requirements. Please, contact your independent PCI auditor for rules applicable to your situation.
Tokenization
CreditLine has secure tokens interface that allows you to securely store the credit card information for later processing (see relevant documentation in the CreditLine Integration Guides.
External Payment Info Entry Encapsulation
CreditLine offers a way for the client's code to receive the token without actually touching credit card information by externalizing all of the sensitive input processing to CreditLine.
By using both of the methods above, you will be able to answer NO to the "do you store and/or processes credit card info?" question. This will result in significant compliance development savings.
