That's the example scenario I'm working on. We are public internet to our itsp. There are call center agents on our network taking CC info on the phone. They are claiming that for pci 1 they can't use a service like ours. Geoff Mina CTO/Co-Founder Connect First Inc. 720.335.5924 888.410.3071 gmina at ConnectFirst.com Sent from my iPhone On Oct 19, 2011, at 5:35 PM, Justin B Newman <justin at ejtown.org> wrote:
11.1 If the payment application sends, or> facilitates sending, cardholder data over public> networks, the payment application must support On Wed, Oct 19, 2011 at 6:26 PM, Hiers, David <David_Hiers at adp.com> wrote: This PCI requirement covers the entire Internet, regardless of protocol:
It covers the Internet when _payment applications_ are facilitating sending cardholder data. While I can identify ways this would apply, I wouldn't see this applying (as an example) to VoIP lines running to a call center, where the operators key in cardholder data to a payment applications.
-jbn