| ACK Home | ACKnowledge - Card processing news from ACK |
 | Important Reminder - Critical Update We recently advised users of the ACK EFT application that important card scheme updates needed to be applied to avoid problems later this year. |
|
For more information contact us on:
T: 0118 948 2588
ACK News Sharing pinPAD's Roving PinPAD, many to few A new feature added to the ACK product range allowing a single pinPAD to be shared between many tills or a single till being accessed by many pinPAD's. Great for use in applications where the transaction numbers are low but the sale value high or perhaps the reverse scenario in hospitality sites where a single till could support a number of pinPAD’s distributed around table waiting staff for example. -----------------------------------------
Don't touch, contactless is on its way >More
ACK work with The Works >More
-----------------------------------------
IFSF standard now supported for simple integration in fuel forecourt
market >More ----------------------------------------- Windows CE support announced for ACKTerm >More ----------------------------------------- Musgrave Group switch to ACK >More ----------------------------------------- IP Connectivity, the ACK view Increasing numbers of Merchants are now looking to take advantage of their investment in broadband technology. Adding EFT to this investment can pay dividends in speed and running costs. >More ----------------------------------------- ACKnowledge Our regular newsletter with updates on ACK and industry information. >More -----------------------------------------
ACK are a part of the DataCash Group PLC |
In this months edition......
ACK gains PABP compliance It’s taken a long time and considerable effort, but we have now gained our compliance to the Visa International Payment Application Best Practice (PABP) standard. This is a major step forward in support of our integrators and Merchants with their quest to meet the requirements of PCI DSS. The need to meet PCI DSS has been around for a number of years, but it has not received much focus from a large part of the Merchant community until this year. There have been many reasons for this, confusion in some quarters over the deadlines for compliance from the banks, confusion over which level of assessment is required, mis-information from other payment application providers for commercial gain and most importantly, it’s a very costly exercise for all concerned. So how will ACK’s compliance to the PABP standard help? The essence of PCI DSS is to ensure that card holder data remains secure whilst within the Merchants environment. Clearly, such data can be held in many places, but it all starts at the Point of Sale, in essence with ACK, it can also stay here as well. In fact, over recent years many EPoS integrators have been reviewing their applications and removing any stored card data apart from that within the EFT function. So in many cases, the first and only place that card information can be found is within our payment application. By going through the PABP accreditation, we have been able to assure our Qualified Payment Application Security Professional (QASP), from NCC Group, that our methods of design, development, testing, implementation, documentation and encryption techniques meet the very high standards of security required, and this helps all Merchants, large or small. For those that come under the self assessment category, they can be secure in the knowledge that all the required security at the PoS level is in place when using our PABP compliant application. For large Merchants requiring an independent audit from a QSA, providing they are using the PABP certificated ACK product version, they will able to acknowledge its compliance and this should help speed up the process as they will not need to look in depth at our code, simply ensure that our recommended procedures for maintaining a secure payment application are being adhered to. Of course, PCI DSS covers more areas than just the EFT application and data storage, but a PABP compliant payment application is a big step towards it. Furthermore, our PABP compliance will be transitioned to PA DSS once PCIco assume full responsibility for payment application security by the end of this year. A significant ramification of this change is that it is likely emphasis will change from being a voluntary best practice to be a mandatory requirement for all payment applications. PCIco web site link >Here Visa link >Here The NCC link >Here The ten myths of PCI compliance This is a very interesting link to help clear up some of the confusion around PCI compliance. >Here The DataCash connection Being PABP compliant complements the full PCI DSS compliance of the DataCash service. Again, this combination helps Merchants in gaining that all important compliance. As defined already, PABP is one step, but using a PCI DSS compliant managed service provider gives more benefits. The ACK ATS application now supports ‘instant submission’ into DataCash. Once an authorisation has been returned, we immediately send the submission back into the DataCash service. Learning from the failures of others, we have put checks in place to ensure that if this submission fails - often by a comms failure - it gets sent at the next possible opportunity. For further assurance, we do a third check, as only through a successful submission does a Merchant receive payments. In this way, we minimise the card data held at the store. Even though it’s secured through our encryption methods, it’s better to have the minimum amount of data stored. Once within the DataCash system all these transactions are secured. Through the comprehensive reporting facilities available Merchants can also access a host of information for reconciliation, managing chargeback, refunds, etc. Being part of DataCash We are now into our third month as part of the DataCash Group. When two companies come together it always throws up some concerns for employees, suppliers and customers alike. Fortunately, there are no horror stories to tell with this takeover. It’s been business as usual, with a controlled removal of the inevitable duplicated processes. We are now looking at how our customers will be able to benefit from such things as extended hours support - a part of the current DataCash service, but not something previously available from ACK. DataCash, being a managed service provider, is not just focused on the acceptance of debit and credit cards. There are many other opportunities we can work on together to provide an all encompassing service. Such things as fuel card and eTopUp support through the managed service are now being considered. DataCash are also moving into overseas markets which should allow multi-national retailers to make use of one payment service provider in time. Traditionally it’s been very difficult for payment applications to break into these areas but as can be seen from the recent acquisition of easyDebit in Germany this is recognised within DataCash and will provide benefits to Merchants as well as opening these markets to us at ACK. Lots of opportunities for both companies and exciting times ahead (we’ve even had a party together!). New member joins the ACK team. ACK have recruited a new member to the card-holder present team: Kate Davies joins ACK as Project Manager from Torex Petroleum and Convenience – a long-standing ACK customer who specialise in EPOS systems for fuel retailers and convenience stores including the likes of Pace and Somerfield within their client base. Kate brings a wealth of knowledge and experience in both project management and EFT testing which have been put to immediate good use at ACK where we have been under-resourced in these areas for some time. Kate’s is highly organised and professional and is a great asset to the ACK team and we wish her well. -------------------------------------------------------------------------------------
To unsubscribe from receiving regular updates from ACK please enter your e-mail address here |
