Car Wash Forum
This is a sample guest message. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your own topics and posts, as well as connect with other members through your own private inbox!
Cryptopay mandate
- Thread starter JMMUSTANG
- Start date
soonermajic
Well-known member
not sure what you're talking about...
To be PCI Compliant.
Received this from Trustwave who who monitors my wash sites for PCI compliance.
At one of my washes I had a Dell XP computer that wasn’t compliant and would not have been able to accept credit cards by February.
I had Wash Gear send me a new PCI Compliant computer to replace the XP.
But my other SS wash has crypto pay and I’m not sure if it compliant.
I’ll copy and post the Trustwave notice.
Received this from Trustwave who who monitors my wash sites for PCI compliance.
At one of my washes I had a Dell XP computer that wasn’t compliant and would not have been able to accept credit cards by February.
I had Wash Gear send me a new PCI Compliant computer to replace the XP.
But my other SS wash has crypto pay and I’m not sure if it compliant.
I’ll copy and post the Trustwave notice.
In accordance with the latest PCI scanning standard, Trustwave will be implementing changes in External Vulnerability PCI scans. These changes, mandated by the Payment Card Industry Security Standards Council, went into effect on Jan. 31, 2018.
PCI scans that passed previously may begin to fail due to changes in the scan assessment requirements. Scans may fail if our scanner cannot reach the scan targets identified in your Scan Setup. This means that you asked Trustwave to scan a target IP address that our scanner was ultimately unable to detect, and therefore unable to make a determination on overall security of the environment.
STEPS YOU SHOULD TAKE NOW:
You can update your Scan Setup now to prepare for the changes. Some things you can do to ensure that scan targets can be reached during a scan:
Check that an IP Address or Domain Name is correct in the Scan Setup and has not changed since you originally set up your scan.
Prevent active security measures from blocking targets. Permitting TrustKeeper scan traffic should only be done on active security devices (i.e. IDS/IPS, WAF, DDoS etc.) within or in front of the environment being scanned. Note that creating a rule on a firewall, which permits traffic to pass through, could reduce security defenses and cause additional scanning problems.
If available for download, install the Endpoint Protection Solution, which will monitor IP changes and help ensure you are always scanning the current IP address. It may also shorten your SAQ assessment.
Check out our help document for more information and graphics to help you through these steps.
IF SCANS BEGIN FAILING AFTER JAN. 31, 2018 YOU SHOULD:
View scan results identified as undetected hosts.
Update the Scan Setup to correct or remove the undetected hosts.
Review the steps listed above.
Rescan.
If a rescan continues to yield Undetected Hosts, then your IP address may be hidden by design for business security reasons. In this situation, you may raise a dispute via the Trustwave Dispute process.
As always, our support team is here to help you out. If you have questions after reading the help document posted in the knowledge base, contact us at support@trustwave.com or +1-800-363-1621.
PCI scans that passed previously may begin to fail due to changes in the scan assessment requirements. Scans may fail if our scanner cannot reach the scan targets identified in your Scan Setup. This means that you asked Trustwave to scan a target IP address that our scanner was ultimately unable to detect, and therefore unable to make a determination on overall security of the environment.
STEPS YOU SHOULD TAKE NOW:
You can update your Scan Setup now to prepare for the changes. Some things you can do to ensure that scan targets can be reached during a scan:
Check that an IP Address or Domain Name is correct in the Scan Setup and has not changed since you originally set up your scan.
Prevent active security measures from blocking targets. Permitting TrustKeeper scan traffic should only be done on active security devices (i.e. IDS/IPS, WAF, DDoS etc.) within or in front of the environment being scanned. Note that creating a rule on a firewall, which permits traffic to pass through, could reduce security defenses and cause additional scanning problems.
If available for download, install the Endpoint Protection Solution, which will monitor IP changes and help ensure you are always scanning the current IP address. It may also shorten your SAQ assessment.
Check out our help document for more information and graphics to help you through these steps.
IF SCANS BEGIN FAILING AFTER JAN. 31, 2018 YOU SHOULD:
View scan results identified as undetected hosts.
Update the Scan Setup to correct or remove the undetected hosts.
Review the steps listed above.
Rescan.
If a rescan continues to yield Undetected Hosts, then your IP address may be hidden by design for business security reasons. In this situation, you may raise a dispute via the Trustwave Dispute process.
As always, our support team is here to help you out. If you have questions after reading the help document posted in the knowledge base, contact us at support@trustwave.com or +1-800-363-1621.
cherokee235
Member
I have been trying to get this problem solved for over a month now. I am not getting anywhere. 4 hours on the phone with At&T and Trustwave have yielded nothing but indigestion. Trustwave techs continually tell me that AT&T must whitelist Trustwave to scan. AT&T has told me through 4 different phone calls that they do not whitelist anyone, period. They did remove all my firewalls which they highly recommended against and my scans still fail. I continue to initiate the "dispute process" with Trustwave, but they continue to deny my dispute and and have told me after my compliance term ends April 6 will disable my account. I contacted Luke Barrett at ignite and am awaiting a response. Anyone figure out how to fix this problem?????
Cryptopay tells me that we should not be getting the PCI scans. I just spoke with them last week and they told me to contact Luke Barrett if you have first data at 805-418-1885 and he should be able to get this fixed. Apparently cryptopay is suppose to have an agreement with firstdata that they are exempt from these scans because they are encrypted at the swiper. I haven't had a chance to call him yet. Let us know what you find out.
soonermajic
Well-known member
well, there ya go Sparkey. Seems like that should solve everything...yes?
we had the same problem since the beginning of the year. Scans not being able to identify our device at the specified IP address. Could turn off my firewall and get a scan to pass everything with exception of not having a firewall. Opened a trouble ticket with Trustwave to "discuss" the "catch-22" of the situation. They told me to dispute the findings. They granted a variance a few hours afterwards. Hope they pass us next time they do a scheduled scan! What a PITA
So I finally got a chance to call about getting my PCI scans turned off as cryptopay instructed me to do and didn't get anywhere. Now they are telling me they may fail but I shouldn't see an additional charge on my bill for it. If I do I should give them a call to get it removed. I don't get a warm and fuzzy feeling about this. I don't have a static IP address so I cannot enter a current IP address for the PCI scan. If I do enter my current IP address it may change by the time my system is scanned.
