CounterPoint PA-DSS Compliance

When your customer pays you with a credit card-in-store, online, or by phone-you collect cardholder information. You need to protect that information. The card brands including Visa, MasterCard, American Express and others enforce strict guidelines based on the Payment Card Industry Data Security Standards (PCI-DSS) for any system that processes, stores or transmits credit card data. This is just one component of the 12 requirements that PCI administers to ensure that cardholder information is secure and protected against theft.

As a merchant who accepts credit cards, you are responsible for adequately securing your customers' cardholder information wherever it resides-on your computers, in a drawer, or in a filing cabinet. If you fail to do so, Visa, the other card brands and your bank-under the terms of your Merchant Processing Agreement-can hold you accountable for fines, and for any losses they suffer from the fraudulent use of cardholder data obtained from your business.

Although it is just one part of the overall PCI requirements, if your system is not PA-DSS validated, your business is at extreme financial risk. Get, and keep, your CounterPoint system PA-DSS compliant with the CounterPoint Subscription Service..

PCI-Compliant Software and Services

In today's world of heightened security concerns, Radiant is committed to providing you with solutions that protect your customers' information. All of our latest software versions go through an extensive audit process to ensure that they are validated with the Payment Application Data Security Standards (PA-DSS).

CounterPoint V7 and CounterPoint SQL are approved by Visa as PA-DSS Validated Payment Applications. In addition, CPGateway and CPOnline are approved by the PCI Security Standards Council (PCI-SSC) as PCI-Compliant Service Providers. As PA-DSS-Validated Payment Applications, CounterPoint V7 and CounterPoint SQL adhere to all PA-DSS requirements through the security features below:

• Password security settings support PCI-compliant password policies.
• All passwords and credit card numbers are encrypted.
• Full credit card numbers are not displayed or printed; all card numbers are masked to display only the first 6 and the last 4 digits.
• Magnetic stripe track data is not retained in the CounterPoint database.
• CVV2/CVC2/CID data (i.e., verification numbers printed on each card) is not retained.
• Retention of full credit card numbers in history is optional; full card numbers retained in history are encrypted.

Keeping Your Software Compliant

PA-DSS requirements will continue to change. To meet the PCI-SSC’s current and future PA-DSS requirements, you must keep your CounterPoint software up to date. CounterPoint Subscription Service (CSS) will keep your CounterPoint system compliant with the PCI-SSC’s ever-changing requirements. With CSS, you automatically receive new CounterPoint features and enhancements as they are added to the software.

If your CSS is expired, you can renew online today.

Learn More

Additional information can be found on the following websites:

• Payment Application Data Security Standard
• PCI Security Standards
• Visa (Risk Management)

If you have additional questions about CounterPoint’s PA-DSS validated applications, contact your CounterPoint Business Partner or give us a call at (800) 932-1058. We'll be happy to assist you