PCI Compliance

Are TIMSS and Personify PCI compliant? That's not the right question. What you should be asking is if you, as a merchant, are PCI compliant.

Much of the Payment Card Industry Data Security Standard (PCI DSS) requirements focus on the security of your network, and having your customer's information protected from external and internal hacks.

Credit card numbers are stored encrypted in TIMSS and Personify, and future version may not even store credit card numbers. But if you have faxed in order forms laying around the office with credit card numbers on them, then you have a problem and no software can protect you.

Here are some links so you can find out more and what you need to do:
https://www.pcisecuritystandards.org/
http://www.pcicomplianceguide.org/
http://usa.visa.com/merchants/risk_management/cisp.html?ep=v_sym_cisp
http://www.owasp.org/

Applies to: TIMSS5, TIMSS6, & Personify