Hospitality & Retail Systems

HRS PCI Security FAQ

1. What is the PCI-DSS?
2. Who created the PCI-DSS?
3. Who does the PCI-DSS apply to?
4. Is the PCI-DSS a federal law?
5. Is PCI-DSS applicable to vendors or suppliers of information systems?
6. Is a software vendor or supplier responsible for merchant’s PCI-DSS compliance?
7. How do merchants determine whether they are required to do a full independent assessment or a self assessment?
8. We do not have an EFT interface in MICROS-Fidelio systems. Is PCI-DSS applicable to them?
9. What is a Payment Application?
10. All our applications are listed on the PCI SSC site as PA-DSS certified. Are we PCI-DSS compliant?
11. How can we determine that our MICROS-Fidelio systems are PA-DSS certified?
12. How can we ensure that our MICROS-Fidelio system is installed and configured in a PCI-compliant way?
13. We use an old version of MICROS-Fidelio system that is not PA-DSS certified. Does that mean that we cannot accept credit cards?
14. What are HRS’ plans regarding certification of interfaces between   CROS-Fidelio systems and Acquirers?
15. We correctly installed a PA-DSS certified version of MICROS-Fidelio system. Does it mean that PCI-DSS Requirement 6 is resolved forever?