Artisan POS 3.5 Provides PA-DSS Credit Card Security

CerTek Software Designs (https://www.certek.com/) helps their customers take the next step in credit card security with the release of version 3.5 of their Artisan POS (Point of Sale) Software and its completely-rewritten, PA-DSS compliant Secure Payment Processing module.

According to Kurt Gollhardt, Vice President of Software Development, “In these days of credit card fraud and identity theft, CerTek stands by the small business user, helping them protect & secure their credit card information. From the beginning, Artisan has used techniques like encryption of card data and password access controls. However, due to an increasing number of major breaches, which have been in the news (none involving Artisan), MasterCard, Visa, American Express, and the Payment Card Industry (PCI) association have developed a set of Data Security Standards (PCI DSS) that describe specific techniques and policies for ensuring secure handling of credit cards.

“Our new Secure Payment Processing module is fully compliant with the new PA-DSS 1.2 standards. It ensures a high level of protection for cardholders by not storing any sensitive card data. Even credit card numbers are stored with all but the first 6 and last 4 digits removed.”

The Secure Payment Processing module works with a number of PA-DSS validated payment processing engines, including Payment Processing, Inc.’s PayMover gateway (https://www.paypros.com/productServices.asp) and Brdigepay’s PayLink “No-Touch” interface (http://www.bridgepaynetwork.com/paylink.html)

Artisan POS 3.5 comes in Lite & Plus Editions, with a number of add-ons, including the Deluxe Feature Pack, Multi-Store Feature Pack, Frame Shop Feature Pack, and Internet Store Interface; and is now available for sale. For more information, see https://certek.com/artisan.html

Existing customers with active support plans are entitled to a free upgrade to version 3.5, and may be eligible for a discount on the new Secure Payment Processing module. Contact sales@certek.com for a password & license key.

Artisan POS 3.5 includes the following new features & and improvements:

PA-DSS Compliant Credit Card Security:
(Requires new Secure Payment Processing License.) See the “Guide to Credit Card Processing in Artisan POS 3.5” for details.

    • Previous Artisan versions treated credit cards securely, encrypting card numbers & other sensitive data in the database, for example, but now Artisan uses Industry-Standard methods.
    • Full credit card numbers now are NEVER stored in any file.
    • Displayed or printed card #s are ALWAYS “masked” (most digits as ‘*’).
    • Configuration options to store or show full #s have been REMOVED.
    • In some places it is ILLEGAL to put unmasked card # on customer rcpt.
    • The UNMASK button & its task authorization level have been REMOVED.
    • Sensitive Card Data (raw swipes, CVV, etc.) NEVER stored in any file.
    • Secure communication w/Payment Processing Programs & Gateways via SSL instead of older unencrypted “file-drop” method.
    • Internet Store order import no longer accepts sensitive card data. (Any charges must be processed on the Internet Store web site.)
    • Older, less secure Payment Processing Programs no longer supported: SEIterminal, Authorizer, older versions of PCCharge NOT supported.
    • Support for PA-DSS Certified Payment Processing Programs & Gateways: PPI PayMover & Bridgepay PayLink.
    • Supports MagneSafe(tm) encrypted swipe readers w/selected Gateways.
    • Dropped “Use Default Processor” configuration option to reduce confusion.
    • All payment processing transactions, including voids, are logged.
    • This log is maintained by Artisan independently of other programs.

Other Credit Card & Payment Processing Enhancements:

      • Level II Commercial Card Processing.
      • Voids & Voice Authorizations are now processed directly in Artisan.
      • No more switching to PCCharge screen to handle these.
      • Once charges are processed they’re “locked” except for explicit voids.
      • Processing status and card “source” now visible in Tender Info.
      • New setting for whether to use credit card name for customer prompt.
      • Added support for EBT cards, both SNAP (Food Stamps) & Cash Benefits.
      • Support for Cash Back on Debit Cards & EBT Cash Benefits.
      • Card On File list can now be managed explicitly. (Card On File requires new Advanced Billing License.) (Card On File only supported by certain Payment Processing Gateways.)
      • Manually add or remove credit cards from list at any time.
      • Use Cards On File for Automatic Billing or select for any sale.
      • All sensitive card data stored only on secure servers, not locally.
      • New Expiring Credit Card Report for Cards On File.
      • New Security Task Level controls who can use Cards On File.
      • Support for Tips (Gratuities) using Cash or Credit Cards. (Tip support requires new Advanced Billing License.)
      • Prompts for additional details when card not present, for best rates.
      • Option to check AVS & CVV *before* processing actual sale transaction.
      • Option to prompt for & verify last 4 digits of swiped card number.
      • Option to prompt for SSN (Social Security #) for Check tenders.
      • Viewing card info no longer “opens” recalled sale w/o any changes.
      • User now notified if selecting customer in Payments changes Total Due.
      • Payment Types can be restricted to certain types of merchandise.
      • Set list of Categories & Taxability in Payment Type More Info.
      • Can be used for EBT SNAP Benefits (formerly known as Food Stamps).
      • Customer Payment Activity now shows Check #, etc, not just Credit/GC #.

Enhanced Password Security:

      • Configurable password strength requirements.
      • Require Strong passwords for some or all users (or none).
      • Strong passwords must be at least 7 characters w/letters & numbers.
      • Choose between 3 different requirement levels for other users.
      • Password Aging (for Strong-password users only).
      • Passwords expire after a set number of days.
      • New passwords must be different from the user’s last 4 passwords.
      • On next login, user is prompted to change password.
      • Added “Tools => Change My Password” shortcut to pull-down menus.
      • Lock out user after 6 consecutive failed password attempts.
      • Unlocked after 30 minutes or by administrator via User Record.
      • Reduced Login Requirements:
      • Authorizing a task in the Register & logging in sets Cashier, too.
      • Cashier Clearing Mode at Start of Sale leaves user logged in.
      • Perform simple lookups in Register without losing your login.
      • Finalizing a sale still requires you to choose clerk & re-login.
      • Two “Surcharge” Pricing Options:
      • Percentage-of-Sale Priced Item.
      • Create special Item Codes that add a percentage of entire sale.
      • Configured as a new Item Pricing Model.
      • Per-Category Automatic Item Surcharges for Bottle Deposits, etc.
      • Set surcharge amount in Category Record w/optional Item override.
      • (Custom Field 5 in the Item Record is used for the override.)
      • Category also specifies the Item Code to use for the surcharge.
      • Configured as a new Category Special Handling option.

Contract Pricing (sold separately):

Set price overrides per Customer, per Item.

      • Items w/o overrides (for a customer) use normal pricing for Customer Type.
      • View/Edit/Print list of overrides, or print full Contract Price List.
      • Applies to selected Price Levels / Customer Types only.
      • Direct Check Printing and Enhanced Check Pay-Out Tracking:
      • Renamed “Check Refund” payment type to “Check Pay-Out/Refund”. (Abbreviation: “CheckPaid”)
      • Now listed separately from Other Non-Sales in Day-End & Month-End.
      • Print checks for Check Pay-Outs.
      • Print using standard Voucher Checks or customize your own form.
      • Voucher Checks w/two stub copies available from intuit.com & others.
      • Printed checks are exported to QuickBooks, PeachTree, etc. as Checks.
      • “Check Pay-Out” External Account replaces setting in Payment Type.
      • Even unprinted Check Pay-Outs now exported as checks to be printed.
      • Configure separate Check Printer or share Report Printer.
      • Go => Device Configuration => Printers => Printer Assignments.
      • New Special Sale type: Buy from Customer. (Ctrl-F8 in Register.) (Requires Deluxe Feature Pack.)
      • Items ring up at Cost instead of Price, and *add* to stock.
      • Total amount is credited or paid out to customer.
      • Support serial (RS-232) scales & scanners, including Magellan 8000 series.
      • New Multi-Store Task Level to restrict viewing reports for other sites.
      • Smart Return sets customer to match original sale, if customer not already selected.
      • Added Non-Sales Activity to Inventory Activity options for Item Records.
      • Age Verification & other License Requirements now checked immediately.
      • Multi-line memo fields can be expanded by mouse click even if view-only.
      • Added “Include Out-Of-Stock Items” option to Item Costs & Prices.
      • Show longer Description or Name in Inventory Summary Report if > 80 cols.
      • Added [FULLNUM] AFD field for Sales Slips: Slip # prefixed by Sale Type.
      • Allow column #s in sales slip body fields, for multiple copies.
      • Show numbers that are too big for slips & printed forms as stars (‘*’).
      • Disallow unposting Day-Ends for other sites (since can’t post them).
      • Add option to Exclude Customers w/Missing Addresses from Customer Export.
      • More Search Options, and Default Search Option, for Vendor Invoices.
      • The name for Custom Field 1 can now be set per Category *or* globally.
      • Automatic update installation on additional stations after one installed.

Artisan and Artisan POS are trademarks of CerTek Software Designs, Inc.