Heartland Case Summary
Mikah/Jacques,
Please let me know if you gentlemen are able to discuss Heartlands recent request around PCI-DSS compliance. Based on a phone call with them earlier today, we need to email them proof via a QSA that we are certified. I am available after 3PM today, or between 8:30 and 10:30 AM.
Imagine the call with be brief, but let me know if just a quick call with Jacques or Carlos would suffice for today. Below is the summary, and take-away.
Thanks
Ty
Summary: Heartland is requiring that all merchants comply with PCI-DSS standards, and as part of this effort, have partnered with ControlScan to serve as both the ASV and QSA. Failure to comply with these standards, will lead to a penalty for those business owners not in compliance.
Where are we at? The IT Security Manager was informed by Heartland, and was informed that ControlScan, the ASV/QSA, would serve as the primary interface and represent Heartland for facilitating and managing the compliance around this effort. Subsequently, a call occurred with Heartland, where the IT Security Manager explained that Casino Arizona was already PCI-DSS compliant with its own QSA, and abased on this information, ControlScan informed him that a certificate (proof) would address this requirement. The certificate should sent with a Merchant ID, and emailed to support@controlscan.com. …show more content…
See outline below:
@ a Glance:
A.
Merchant ID 1675 (Casino Arizona has several different MIDS; these IDs may need to be consolidated)
B. Heartland reached out to Casino Arizona CEO as part of merchant mandatory protection program
C. Informed PCI DSS is required; penalties are associated with non-compliance
D. Heartland has partnered with ControScan, as the ASV and QSA
E. Heartland forwarded ControlScan tools a link to begin scan (link embedded)
F. After compliance is achieved, Control Scan will provide proof to
heartland
G. Control scan merchant support is 800 477 3590 option1
• If we already have compliance certificate, email to support@controlscan.com (PCI certificate-) P2Pe devices, then we do not need scanning
• ControlScan will send credentials to login...will view PCI status
• May need send one or more certificates over
1. Send one mid over for now
2. Forward over proof/certificate for PCI (requirement)
3. Heartland may be able to tie all mid accounts together
Please let me know if you gentlemen are able to discuss Heartlands recent request around PCI-DSS compliance. Based on a phone call with them earlier today, we need to email them proof via a QSA that we are certified. I am available after 3PM today, or between 8:30 and 10:30 AM.
Imagine the call with be brief, but let me know if just a quick call with Jacques or Carlos would suffice for today. Below is the summary, and take-away.
Thanks
Ty
Summary: Heartland is requiring that all merchants comply with PCI-DSS standards, and as part of this effort, have partnered with ControlScan to serve as both the ASV and QSA. Failure to comply with these standards, will lead to a penalty for those business owners not in compliance.
Where are we at? The IT Security Manager was informed by Heartland, and was informed that ControlScan, the ASV/QSA, would serve as the primary interface and represent Heartland for facilitating and managing the compliance around this effort. Subsequently, a call occurred with Heartland, where the IT Security Manager explained that Casino Arizona was already PCI-DSS compliant with its own QSA, and abased on this information, ControlScan informed him that a certificate (proof) would address this requirement. The certificate should sent with a Merchant ID, and emailed to support@controlscan.com. …show more content…
See outline below:
@ a Glance:
A.
Merchant ID 1675 (Casino Arizona has several different MIDS; these IDs may need to be consolidated)
B. Heartland reached out to Casino Arizona CEO as part of merchant mandatory protection program
C. Informed PCI DSS is required; penalties are associated with non-compliance
D. Heartland has partnered with ControScan, as the ASV and QSA
E. Heartland forwarded ControlScan tools a link to begin scan (link embedded)
F. After compliance is achieved, Control Scan will provide proof to
heartland
G. Control scan merchant support is 800 477 3590 option1
• If we already have compliance certificate, email to support@controlscan.com (PCI certificate-) P2Pe devices, then we do not need scanning
• ControlScan will send credentials to login...will view PCI status
• May need send one or more certificates over
1. Send one mid over for now
2. Forward over proof/certificate for PCI (requirement)
3. Heartland may be able to tie all mid accounts together