Escalate steps up e-commerce compliance
June 8, 2009
HP 3000 shops which accept credit cards face a July 2010 deadline for compliance with new credit card security. These PCI regulations got addressed at the recent Escalate Retail users conference, the meeting of what the 3000 community once called Ecometry sites.
MB Foster Associates has prepared a PDF briefing document on the e-commerce/retail meeting, held during May in San Diego. Escalate said that Ecometry installations — there are now more than 400 — make up about a third of the Escalate revenues. The software has been available on Windows and HP-UX since 2005. Officials added that 25 HP 3000 sites migrated to other Ecometry versions during 2008. A backlog of more than 25 sites are "pending go-live" onto other platforms from the 3000.
There are also 75 Ecometry 3000 sites, out of 2002's high-water mark of 325, who haven't planned a migration, or engaged with Escalate to migrate.
PCI compliance has been driving some HP 3000 migrations. Escalate is not deploying technology for the MPE/iX Ecometry version that can meet the 2010 standards. At the conference, MasterCard representative Mike Green outlined the details of PCI compliance, including the PCI Security Standards Web site for a self-assessment of required security practices.
The MB Foster briefing said that
The MB Foster briefing also mentioned an Escalate Migration Service, which the app vendor said "is like a new install," that costs between $96,000 and $413,000, depending on complexity. "The surround code is over and above that," said Birket Foster. "Surround code includes reports, extracts, interfaces to other systems, and any customizations or applications written to interface with the Ecometry system."
The 75 non-migrating Ecometry sites have recently gained an option for PCI compliance in a new software solution for MPE/iX, however. Encryption technology has emerged from a veteran developer that's aimed at making credit card vendors who use 3000s meet PCI compliance. Ecometry won't be issuing any PCI certification for its MPE/iX software, which leaves these sites no option but to follow an independent path, with non-Escalate support for their application in the future.