Please let me know if you gentlemen are able to discuss Heartlands recent request around PCI-DSS compliance. Based on a phone call with them earlier today, we need to email them proof via a QSA that we are certified. I am available after 3PM today, or between 8:30 and 10:30 AM.
Imagine the call with be brief, but let me know if just a quick call with Jacques or Carlos would suffice for today. Below is the summary, and take-away.
Thanks
Ty
Summary: Heartland is requiring that all merchants comply with PCI-DSS standards, and as part of this effort, have partnered with ControlScan to serve as both the ASV and QSA. Failure to comply with these standards, will lead to a penalty for those business owners not in compliance.
Where are we at? The IT Security Manager was informed by Heartland, and was informed that ControlScan, the ASV/QSA, would serve as the primary interface and represent Heartland for facilitating and managing the compliance around this effort. Subsequently, a call occurred with Heartland, where the IT Security Manager explained that Casino Arizona was already PCI-DSS compliant with its own QSA, and abased on this information, ControlScan informed him that a certificate (proof) would address this requirement. The certificate should sent with a Merchant ID, and emailed to support@controlscan.com. …show more content…
Merchant ID 1675 (Casino Arizona has several different MIDS; these IDs may need to be consolidated)
B. Heartland reached out to Casino Arizona CEO as part of merchant mandatory protection program
C. Informed PCI DSS is required; penalties are associated with non-compliance
D. Heartland has partnered with ControScan, as the ASV and QSA
E. Heartland forwarded ControlScan tools a link to begin scan (link embedded)
F. After compliance is achieved, Control Scan will provide proof to