Credit Cards

What is PCI Compliance?
Build and Maintain a Secure Network
- Install and maintain a firewall configuration to protect data
- Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data
- Protect stored data
- Encrypt transmission of cardholder data and sensitive information across public networks
Maintain a Vulnerability Management Program
- Use and regularly update anti-virus software
- Develop and maintain secure systems and applications
Implement Strong Access Control Measures
- Restrict access to data by business need-to-know
- Assign a unique ID to each person with computer access
- Restrict physical access to cardholder data
Regularly Monitor and Track Test Networks
- Track and monitor all access to network resources and cardholder data
- Regularly test security systems and processes
Maintain an Information Security Policy
- Maintain a policy that addresses information security
PCI Compliance on the Desktop
PCI Compliance on Paper

On the Handheld
Compliance on the Handheld
The primary component required to take credit cards in the field is a handheld computer. This is the basic hardware platform needed that allows the other components to do their job. Quite possibly, the handhelds you have today will do the job. There is one special component that will be required: the handheld must have real-time communication capability. Typically, Wi-Fi is not a good choice (unless you are using it around your plant, factory showroom or office where you can establish your own wireless network). Generally, this requires WAN access through a cellular network. This means that your handheld must have the hardware to connect to that network. Often times, this requires you have a SIM card in your handhelds that grants access to the ‘public’ network.
With the proper hardware, you will also need to connect to a live network. In most countries, this means having cellular network access. This is typically provided by a company such as T-Mobile, AT&T, O2, Verizon, or a dozen other companies depending on your location. Each device must have its own plan. It may require a SIM (Subscriber Information Module) chip or other verification of access.
You must also have a Data Plan (as opposed to voice service only) that will give you access to the Internet. This is required so that you can access a Gateway to the credit card processor (described in the next section). As long as you can connect to the Internet, it does not matter what service plan you choose. Often, there are variations based on minutes of use. If you are using the Internet exclusively to process credit card data, you will not be transferring very much data each month. If you are using it for RMLive, then it will be more.
Compatible Credit Card Companies
Advantage Route Systems wants to help you protect your customers. We have developed a program within Route Manager that will allow you to give your customers the reassurance that their credit card information is secure. We work with a variety of credit card companies that are PCI Compliant.
Click here for a list of companies