PCI Information

Keeping Your Software Compliant
PCI requirements will continue to change. To meet current and future PCI requirements, you must keep your CounterPoint software up to date.

CounterPoint Subscription Service (CSS) will keep your CounterPoint system compliant with these ever-changing requirements. With CSS, you automatically receive new CounterPoint features and enhancements as they are added to the software.

Your Responsibilities
As a merchant who accepts credit cards, you are responsible for adequately securing your customers' cardholder information wherever it resides-on your computers, in a drawer, or in a filing cabinet. If you fail to do so, the card companies and your bank-under the terms of your Merchant Processing Agreement-can hold you accountable for fines and for any losses they suffer from the fraudulent use of cardholder data obtained from your business.

CounterPoint software is only one part of your PCI-compliance obligations. The PCI DSS requires that you evaluate your business policies and incorporate security into your business practices. The documentation included with CounterPoint provides specific steps and recommendations for you to enable PCI compliance. More detailed guidelines describing the 12 basic system requirements are outlined in the PCI DSS located at www.pcisecuritystandards.org. PCI DSS requirements include, among other things, using current anti-virus software, issuing passwords to your employees, not retaining card magstripe data and using a firewall if your system is connected to the Internet.

PCI compliance is a very serious matter. Non-compliance can cost you money, time, and reputation. If your systems are not PCI-compliant, your business is at extreme financial risk. Contact your CounterPoint Business Partner for more information.

CounterPoint V7 and CounterPoint SQL have been validated against the Payment Card Industry (PCI) Payment Application Data Security Standard (PA DSS).

CPGateway and CPOnline have been validated against the PCI Data Security Standard (PCI DSS) for Service Providers.

As PA DSS-Validated Payment Applications, CounterPoint V7 and CounterPoint SQL adhere to all PA DSS guidelines. In addition, both versions of CounterPoint include numerous features that enable merchants to implement a PCI DSS-compliant system.

CounterPoint's security features include:

Password security settings support PCI DSS-compliant password policies.
All passwords and credit card numbers are encrypted.
Full credit card numbers are not displayed or printed; all card numbers are masked to display only the first 6 and the last 4 digits.
Magnetic stripe track data is not retained in the CounterPoint database.
CVV2/CVC2/CID data (i.e., verification numbers printed on each card) is not retained.
Retention of full credit card numbers in history is optional; full card numbers retained in history are encrypted.

Testimonials

Cafe Italia

January 2011:

We installed an Aloha point of sale into our cafe in the fall of 2010 and what a great asset it has turned out to be!

The sales , support and service are Nova Scotia based which is very important to us. We did not have to deal with time changes and long distance charges. our staff was very easily trained and comfortable in using the system from the very start. Programming training and after sale support were excellent.

Aloha POS has allowed me to track the sales every hour of the day, which led to a change in operating hours and thusly operational savings. My work day was also adjusted as the reports Aloha generated has allowed me quick references to the restaurants functionality. Not to mention the food and liquor controls!

I would certainly recommend East Coast POS and Aloha to anyone considering purchasing a system for their establishment.

Jeff Gillan

Cafe Italia

New Glasgow NS

News

pcAnywhere users are at great risk.

Symantec recommends disabling to prevent a malicious attack.

Symantec, maker of pcAnywhere, warns against malicious attacks that may occur due to a 2006 security breach in which the source code to the pcAnywhere product and other Symantec products was stolen by a hacker. Symantec recommends customers immediately disable the software to prevent malicious attacks. Removal of the software is the best course of action.