Digital Dining has successfully achieved compliance with the Payment Application Best Practices (PABP) benchmark. Digital Dining's application review was deemed successful and a compliant report was submitted by leading third-party assessor, AmbironTrustWave (www.atwcorp.com) and validated by Visa USA (www.visa.com/cisp).   To view a complete list of Visa approved applications, please click here.  To see Digital Dining's Letter of Acceptance for PABP compliance, please click here.

This set of best practices helps merchants of all sizes and types to protect the consumer card holder data they store, process and transmit. This diligence in inherent in the PABP benchmark, and along the payment chain, means consumers are safeguarded from theft and fraud. The PABP covers a set of 13 requirements that every POS application developer should follow to maintain a high level of security within their applications. Visa USA's PABP standards:  

• Do not retain full magnetic stripe or CVV2 data

• Protect stored data

• Provide secure password features

• Log application activity

• Develop secure applications

• Protect wireless transmissions

• Test applications to address vulnerabilities

• Facilitate secure network implementation

• For Internet-based applications, store cardholder data in internal network only

• Facilitate secure remote software updates

• Facilitate secure remote access to application

• Encrypt sensitive traffic over public networks

• Encrypt internal administrative access

The CISP program is a cooperative effort between Visa and MasterCard that requires a merchant to secure credit card data primarily through hardware and software configuration.  If a merchant's credit card data is compromised, and an investigation reveals that the site is not compliant under CISP guidelines, the merchant will likely have a large fine levied against it.  We began addressing the CISP program within Digital Dining in 2004. Early in 2005, Menusoft began offering annual seminars on Credit Card security, and CISP compliance, to Digital Dining dealers at our national conference. In 2006 we completed our PABP Audit process with AmbironTrustWave and validated our application with VISA USA .  All versions that are at the version or above from those listed below are fully compliant to the PCI standards. 

Please remember that firewall protection of data, system IDs and passwords, anti-virus software, restriction of access to data, protection of wireless data transmission on your networks, and network security is out of the control of Digital Dining software.  All of these areas contribute to the security of your credit card data and need to be addressed when confirming that you meet the CISP requirements. To assist Digital Dining users in becoming compliant with the PCI Data Security Standard, Digital Dining has partnered with AmbironTrustWave, the leading third-party assessor that specializes in providing data security and compliance services to merchants.  AmbironTrustWave offers TrustKeeper – a web-based tool and support to help guide users through the process of validating their compliance with the Payment Card Industry (PCI) Data Security Standard. AmbironTrustWave is certified by the major payment card associations to perform this work. If interested in this service or have any questions whether or not your software meets the CISP requirements, please contact your Digital Dining Reseller. We have outlined the basic steps of the PCI Data Security Standard; if you wish to view them please click this link.

Related Digital Dining Products

Bar/Quick Service
Counter/Quick Service
Handheld POS
Delivery
Table Management
Table Service
Back Office
Frequent Dining
Inventory
Gift Certificate
Reservations
 

Digital Dining is a Trademark of
Menusoft Systems Corporation
www.DigitalDining.com