PCI Compliance

Are TIMSS and Personify PCI compliant? That's not the right question. What you should be asking is if you, as a merchant, are PCI compliant.

Much of the Payment Card Industry Data Security Standard (PCI DSS) requirements focus on the security of your network, and having your customer's information protected from external and internal hacks.

Credit card numbers are stored encrypted in TIMSS and Personify, and future version may not even store credit card numbers. But if you have faxed in order forms laying around the office with credit card numbers on them, then you have a problem and no software can protect you.

Here are some links so you can find out more and what you need to do:
https://www.pcisecuritystandards.org/
http://www.pcicomplianceguide.org/
http://usa.visa.com/merchants/risk_management/cisp.html?ep=v_sym_cisp
http://www.owasp.org/

Applies to: TIMSS5, TIMSS6, & Personify

Personify: Debug Tracer

Any of you who have been using TIMSS for a long time will remember (and may still use) the router32.log file which captured all of the SQL statements that were executed by the TIMSS 4.x & 5.x applications. The purpose of this log was to capture what was happening when an error occurred. But the real value I found was learning what pieces of data were stored where by reviewing these SQL statements. It not only helped me understand what was going on, but also where data was stored when I needed to report on it.

So in Personify, one of the Debug tools is the Debug Tracer (under Tools, Debug, Debug Tracer). This opens a window that logs the commands and SQL statements that are executed by Personify. Very cool. Normally it's not running to improve performance, but you can turn it on to see whats happening on a particular screen.


Applies: to Personify