I have cryptopay with first data. They use a PCI service called trustkeeper that does a vulnerability scan on your system on a monthly basis. The issue is I don't have a static IP address so it can't do a vulnerability scan unless I go on the trustkeeper website and enter the new IP address every time. I do have a dyndns account that tracks my IP address for my cameras, but the trustkeeper website doesn't allow domain names only physical IP addresses. Is anyone else running into this? I don't have time to log on to their website each time and change the IP address. I only use the crptopay reader in my petwash and its to the point I am about to get rid of cryptopay so I don't have to deal with it.
Cryptopay and PCI compliance
- Thread starter sparkey
- Start date
Jeff_L
Well-known member
I use WashGear, and for my scans I have to run an agent on the PC at the wash. Thus, no need for a static IP. With CryptoPay, there is no PC, right? Just a router from what I've researched. So is it able to scan that? Could you even set a static IP on it?
You are correct. There is no computer with cryptopay. You can set a static IP address on your router, but the ISP IP address is what changes that causes the problem. Basically you have to check what our current IP address is and enter it into the trustwave website each month before the scheduled scan so the scan works or you will get charged an extra fee for being non-compliant. They fail to tell you this when you ask if it will work without a static IP address and they gladly say yes it will.
Earl Weiss
Well-known member
- Joined
- Aug 31, 2007
- Messages
- 6,214
- Reaction score
- 792
- Points
- 113
So what is the answer. How tom avoid PCI non compliance when using a provider like Comcast or pay comcast $20.00 / month extra for static IP or pay the non compliance fee?
The only answer I can come up with is either get a static IP address, or log your current IP address into their website the night before the scan is suppose to happen and hope it doesn't change before they do the scan.
Jeff_L
Well-known member
Since CryptoPay doesn't provide a way to install the trustkeeper agent, does it allow you to hard code an IP address on it? If so, it appears your only option is to continue doing what you're doing (yuck), or pay for a static IP.
MEP001
Well-known member
From what I've read about the system, it doesn't keep the card data, it sends it with the pre-approval and finalizes the data with an encrypted code, so it should be completely PCI compliant.
I explained this to them. They said it is a first data requirement. If you are using first data as a merchant you must do the scans.
Well I spoke with cryptopay today and they are telling me they have an agreement with first data that cryptopay terminals do not have to do the vulnerability scan over the internet since the data is encrypted. They also say their terminals are PCI compliant. We are actively working to get my system removed from the Trustkeeper vulnerability scans. Hopefully this works.
Because it cost 3 times as much and nothing else I have needs a static IP address.
Car_Wash_Guy
Well-known member
I just checked on this a couple month ago. Seems to me it was around $70 a month for 1 static address, after they get done with all the government fees.
DiamondWash
Well-known member
So is Genesys or Cryptopay PCI compliant? because I can't find either on the Official PCI Security Standards website.
Jeff_L
Well-known member
Whoever has the cc data in the clear has to be pic compliant. CryptoPay encrypts at the swipe and transmits the data to their servers encrypted. There, I assume, it is decrypted for processing. Therefore it is them who have to be compliant ate their server site. Talk to Dave at CryptoPay, he's well versed in this.
JustClean
Active member
...or go with Nayax.com
