Storage of cardholder data

Yahoo Archive
1

Jay – a few years ago I had a client who was using ESDM and needed to store CC numbers. It was done through a customization by Epicor CSG, where a UD field was linked to the token that ties to the encrypted card info in ESDM. Let me know if you want more details and we can connect offline.

 

Regards,

 

Jeff

 

 

From: vantage@yahoogroups.com [mailto:vantage@yahoogroups.com]
Sent: Tuesday, December 8, 2015 6:10 PM
To: vantage@yahoogroups.com
Subject: [Vantage] Re: Storage of cardholder data

 

 

Bump....

2

Any opinions about how to store credit card information? We are on Epicor 10 and use ESDM for our credit card processing. We have certain customers that make recurring payments on their account and have asked us not to continually call them to get credit card info.


My understanding is that there is no way in Epicor to save credit card information on a customer record for recurring payments, so I wanted to see what everyone else is doing.


Is there some other solution that will allow us to store credit card info (even if it means storing it in some separate system that is used as a "lookup" when the info is needed) and remain PCI compliant?


Jay

3

Are you PC compliant now? If you’re not storing them now and never had a reason to PCI before, compliance is not just in how the data is stored but how the data is transmitted as well. It requires specific switches and infrastructure for security, I believe there are also physical access requirements as well when you have card info in house.

 

Joshua Giese
Technology Solutions : CTO

Direct Phone:    920.593.8299
Office Phone:    920.437.6400 x342

http://wcibags.com/email/emailFooter4.jpg

http://68c6d48672d1935cd6dd-141aaade86a30aeaf83cb6aee3728aaa.r82.cf1.rackcdn.com/images/global/Holiday-Schedule-2015.jpg

From: vantage@yahoogroups.com [mailto:vantage@yahoogroups.com]
Sent: Friday, December 4, 2015 1:40 PM
To: vantage@yahoogroups.com
Subject: [Vantage] Storage of cardholder data

 

 

Any opinions about how to store credit card information? We are on Epicor 10 and use ESDM for our credit card processing. We have certain customers that make recurring payments on their account and have asked us not to continually call them to get credit card info.

 

My understanding is that there is no way in Epicor to save credit card information on a customer record for recurring payments, so I wanted to see what everyone else is doing.

 

Is there some other solution that will allow us to store credit card info (even if it means storing it in some separate system that is used as a "lookup" when the info is needed) and remain PCI compliant?

 

Jay