Centralização dos Estacionamentos: Gestão Eficiente ao alcance de um Clique
Data security and availability are in increasing demand these days. The risks of cyber-attacks and other digital threats are growing every year, and managing those risks is becoming more and more of a priority for all of us. To protect yourself from threats as a parking operator, it is imperative that your parking management system is running the latest operating system security patches and the latest parking system application patches.
Q: What does PCI DSS mean?
A: It stands for “Payment Card Industry Data Security Standard” and was developed by the PCI Security Standards Council (PCI SCC) to curb fraud in credit card payments on the Internet. The PCI Security Standards Council was created by American Express, VISA, Discover, MasterCard and JCB in 2006. PCI SCC is responsible for developing and managing the Payment Card Industry Data Security Standard (PCI DSS). This security standard was developed to encourage and enhance cardholder data security and provide consistency in data security globally.
Q: Who has to be PCI compliant?
A: All companies that process cardholder data to enable payments for goods and/or services must comply with PCI DSS. They have to sign a ‘merchant contract’ with an acquiring bank. This agreement also includes an obligation to be PCI compliant. If a car park operator accepts credit card payments on site (this means, they are acting as a merchant), then they are required to be PCI DSS compliant.
The SKIDATA parking management system supports several credit card acceptance methods
- Real Time Authorization using Credit Card Authorization Server via magstripe (outdated)
- Real Time Authorization using External Terminal Hardware (EMV/PTS Chip&Pin Solutions)
- Real Time Authorization via External P2PE Terminal Solution (P2PE Chip&Pin Solutions)
The obligation to be PCI DSS compliant comes with several requirements. Operators have to
- build and maintain a secure network
- install and maintain a firewall configuration to protect card holder data
- refrain from using vendor-supplied defaults for system passwords and other security parameters
- protect stored cardholder data
- encrypt cardholder data when transmitted across open, public networks
Sounds complicated? But there is good news:
SKIDATA already has a long history with PCI since we are providing validated software versions for more than 15 years since the beginning of PCI. We have been validating more than 12 major versions of our parking management software in compliance with PCI PA DSS.
For you, it is important to know, that PCI SSC has now ceased the PA DSS program and replaced it with a new standard called "SSF Software Security Framework".
Even if SKIDATA is not doing official PCI SSF validations for the parking management software, we have processes and security measures in place for the development group and the whole organization to ensure top level quality and security for our parking management software and hardware.
SKIDATA strongly recommends migrating to P2PE solutions to achieve PCI site compliancy more easily and more cost-effectively - in addition, with less operational impacts. That’s why SKIDATA offers different P2PE validated solutions for its parking management systems.
SKIDATA is here to support you: To protect yourself from threats, it is imperative to have an up-to-date system with the latest operating system security patches and the latest parking system application patches. With SKIDATA’s DSD (Digital Software Delivery), a service to download and install software and patches online, like what Microsoft offers with automatic updates, we provide you with high-quality software from a trusted reliable source.