In our continuing effort to provide you with the latest information available, below is an update regarding PCI PA-DSS compliance for Petroleum Merchants. One important change to note is the Ruby stand alone EPOS system will be allowed to continue processing on First Data’s network until December 2010, with the latest 5.xx series software payment version. Any software other than the 5.xx series version is considered to be a “vulnerable payment application” and is not compliant according to PCI. We strongly encourage you to upgrade to the 6.xx series payment software version as soon as possible which requires the addition of a Sapphire system due to the memory constraints of the Ruby system.
Below is a list of the approved EPOS systems, the latest software version currently available and the EPOS EOL (End-Of-Life) dates. For more specific information about these requirements, please visit the VISA website at http:usa.vissa.com/merchants/risk_management/cisp_overview.html.
Additional information about PCI requirements can be found at https://www.pcisecuritystandards.org and www.checkmypci.com
| | EOL Dates | Latest Version Available |
| Gilbarco G-Site | | 6.04.03 |
| Gilbarco Passport | Long-Term Certified | 8.02 |
| VeriFone Ruby (Stand-Alone) | | 5.04.16 |
| VeriFone Ruby w/V950 | | 5.04.16 |
| VeriFone Ruby w/Sapphire | Long-Term Certified | 5.04.16 |
| VeriFone Topaz | Long-Term Certified | 5.04.16 |
| VeriFone Omni 3750 | | 5.03.02 |
Regarding TDES compliance at the dispenser, fines will not be automatically assessed for retailers using at least DUKPT on their dispensers as of July 1, 2010 . The fines maybe assessed after 2012.
In the event of a security compromise, the merchant is financially responsible for any and all associated fines and penalties. First Data will immediately debit the merchants account for such fees.
The July 1, 2010 PC requirement for replacing the Gilbarco G-Site system has not changed. However, transactions from G-Site systems will be accepted on First Data’s network after July 1, 2010 due to the industry wide delays and operational issues in receiving updated point-of-sale products from vendors by the compliance date. The G-Site must have the latest software version.
