The PCI DSS compliance topic has for some time been set aside by many retailers because it falls into the too hard basket, or because retailers mistakenly believe they do not fall within the guidelines requiring them to be compliant.

As the deadlines for being complaint are fast approaching, we thought we would share the following useful resources with you to assist you in understanding just what is PCI DSS and why you need to be compliant.

Keep in mind that in order to be PCI DSS-compliant you need to operate a PA DSS-compliant application in a PCI DSS-compliant environment.  As both Retail Pro 8.6 and above and Retail Pro 9 .2 R2 and above series are PA DSS-compliant, your focus needs to be on ensuring that you operate Retail Pro in a PCI-DSS-complaint environment and manner.

Users of Retail Pro 8.5 or below will need to upgrade to 8.6 or later to become compliant.

The place to start is the page of the people that published the standards – the PCI Security Standards Council.

Other links that will be of use:

• PCI Compliance Guide – make sure you check out the the PCI FAQs, Merchants, and Important Links sections.  When reading the FAQs section, also be sure to review the PCI Myths section.
• About the PCI Data Security Standard (PCI DSS).
• The link above provides a list of the 12 PCI DSS requirements.  A more detailed description of the 12 requirements, along with an explanation of the intent of each requirement can be found in Navigating PCI DSS – Understanding the Intent of the Requirements.
• PCI Self Assessment Questionnaire – For retailers that process less than 20,000 transactions annually, the PCI Self Assessment Questionnaire should be enough.

From a Retail Pro specific perspective, Retail Pro Inc. has put together a document that explains how the use of Retail Pro® 8.60 and 9.20 (R2) helps retailers meet the Payment Card Industry (PCI) Data Security Standards.  If you are a Retail Pro user and would like a copy of this document, please contact us.