How to be PCI Compliant

The DFA recently discovered that no Domino’s Pizza Franchisee is PCI compliant unless they have taken specific steps to comply. If you upgraded to PULSE EVO, this alone does not make you PCI compliant. 
 
 
We have worked with Domino’s Pizza LLC, as well as an independent consultant, to instruct Franchisees on how to become compliant to protect yourselves and your businesses. While we do not feel there is exposure using the Domino’s Pizza developed PULSE POS, we do feel there is a need to finalize the PCI compliance process. 
 

What is PCI?

The Payment Card Industry Data Security Standard is a set of requirements designed to ensure that ALL companies that process, store or transmit credit card information maintain a secure environment. Essentially any merchant that has a Merchant ID. 
 
 
The Payment Card Industry Security Standards Council was launched on September 7, 2006 to manage the ongoing evolution of the Payment Card Industry (PCI) security standards with focus on improving payment account security throughout the transaction process. The PCI DSS is administered and managed by the PCI SSC, an independent body that was created by the major payment card brands (Visa, MasterCard, American Express, Discover and JCB.). 
 
(source: www.pcicomplianceguide.com) 
 

Before you start:

The following instructions assume you do not have any added hardware (for example: video cameras, wifi or remote access) on the standard PULSE EVO system. If you do, you need to contact the PULSE team for additional assistance.  
 
 
It is recommended that you incorporate a separate IP address in your store to support any additional hardware to the standard PULSE installation. Not only will this provide better protection for you, it will also keep the additional equipment from slowing down your PULSE system.  
 
 
Also, we have been informed that you can safely use Ports 1, 2, or 3 on the back of your Cisco router and still be PCI compliant. It could possibly slow down your PULSE system, so proceed with caution. Port 0 on the back of your Cisco Router is for PULSE hardware only! If you have any specific questions regarding PULSE set-up, please contact the PULSE team. 
 

What you need to do:

1. You must be on the secure network.  
        a. Use a store system or a remote VPN, then log into a store. 
 
 
2. Navigate to ... 
        a. Select Utilities and then Windows 
        b. Select Start (bottom left corner of screen), then Programs, then Internet Explorer. 
 
 
3. You should now be on the DOL Login Screen. 
 
 
4. Log onto www.dominosonline.com/pci. 
  
 
5. VERY IMPORTANT ... Because you cannot search for PCI Compliance, you will need to type https://www.dominosonline.com/pci in the address bar at the top of the page. 
 
 
6. You should now be viewing the Instruction page and being asked to take the assessment. 
 
 
7. Take the assessment.  
          a. Most of the 33-page assessment has been populated for you by Domino’s Pizza with the assumption that you do not have  
             added hardware to your Cisco router. If you do have added hardware, you will have additional responsibilities to fulfill your  
             assessment. 
 
 
8. Complete the assessment and then print a copy for your files. (If you have more than one store, this assessment assumes that all your stores have identical systems.) You should also print a copy of the Pass/Fail report to keep on file.   
 
 
After you have completed the assessment, you should now confirm that you have the following in your organization: 
 
1. Company policies for: 
          a. Collection of credit card slips and/or numbers from customers. Domino’s does not recommend imprinting of credit cards  
             at customers' door. We rarely win charge-back disputes, so you should not expose yourself to potential for stolen card  
             numbers. 
          b. Securely storing and properly disposing of charge slips when no longer needed. 
          c. Insuring that passwords are not shared among team members. In addition, your manager(s) should not know anyone  
             else's passwords as well. 
          d. Changing passwords on a regular basis and to set up PULSE to require unique passwords. 
 
 
2. Request AVS scans on your POS system from Domino's Pizza and save them for your files.  
 
 
3. Complete Attestation of Compliance in its entirety. 
         a. This form is part of the PCI Assessment you printed earlier. 
 
 
4. Complete Domino’s Franchisee PCI Scope Attestation. 
 
 

� Copyright 2010 Domino's Franchisee Association


Creator of Quantum Web Engine Site Powered by Quantum Web Engine Web Articles