All Frozen Yogurt POS Systems Are PCI Compliant

We understand the importance of secure payment data and secure payment transactions. That is why our Frozen Yogurt POS system is PCI compliant so you can process all transactions securely and reliably. Software and hardware data encryption, along with redundancy, are built into our POS Systems.

PCI Best Practice Guidelines

Systems that process payment transactions handle sensitive cardholder account information. The Payment Card Industry (PCI) has developed security standards for handling cardholder information in a published standard called the PCI Data Security Standard (DSS). The security requirements defined in the DSS apply to all members, merchants, and service providers that store, process or transmit cardholder data.

The PCI DSS requirements apply to all system components within the payment application environment which is defined as any network device, host, or application included in, or connected to, a network segment where cardholder data is stored, processed or transmitted.

NOTE: Most of the following security measures are easily bypassed if the user has the ability to boot from the CDROM or Floppy drive. To avoid this, remove the ability to boot from anything but the hard drive in the BIOS. If your BIOS has the ability to be password protected, employ that as well.

The following high level 12 Requirements comprise the core of the PCI DSS:

Build and Maintain a Secure Network

  1. Install and maintain a firewall configuration to protect data
  2. Do not use vendor-supplied defaults for system passwords and other security parameters

Protect Cardholder Data

  1. Protect Stored Data
  2. Encrypt transmission of cardholder data and sensitive information across public networks

Maintain a Vulnerability Management Program

  1. Use and regularly update anti-virus software
  2. Develop and maintain secure systems and applications

Implement Strong Access Control Measures

  1. Restrict access to data by business need-to-know
  2. Assign a unique ID to each person with computer access
  3. Restrict physical access to cardholder data

Regularly Monitor and Test Networks

  1. Track and monitor all access to network resources and cardholder data
  2. Regularly test security systems and processes

Maintain an Information Security Policy

  1. Maintain a policy that addresses information security