Skip to main content

PCI Compliance for Users of Dockmaster/Point Of Sale Guide

2025 brings new guidelines and rules to meet PCI compliance. Dockmaster adheres to these rules set by the Payment Card Industry so credit card processing may continue.

Dockmaster Build 8.4.36.0 brings new guidelines for user credentials and management.

CLERKS for access to Dockmaster and Point Of Sale:

info

ℹ️ Clerks in Dockmaster are already managed by the employer since these are their employees.

PCI functions on Clerks will be off as a default on the data account so the company can choose when to enable this as they see fit. Dockmaster is not liable if you choose to ignore the PCI Compliance rules needed on your Clerks.

Enabling PCI Features can be done under System Administration-Configuration-DockMaster Parameters-Clerks

Image

Once enabled, the PCI Features will include the following items for Clerks:

  • Minimum Password Length – Minimum password length will be 7 characters. Passwords are Mandatory.
  • Password Complexity Requirements – Complexity requirements must include alphabetic, numeric, special character and a capital letter.

Image

  • Maximum Password Age – A Clerks password will be good for 90 days. After this time, they will be prompted on login to Dockmaster to update their password.
  • Password History – Clerks cannot reuse any of the last 4 passwords they used. A pop-up will tell them they cannot use a password they used before.

Image

  • Lockout Threshold – After 6 failed login attempts a Clerk will be locked out.

Image

  • Lockout Duration – Once a lockout threshold is met from failed login attempts, the Clerk will be locked out for 30mins. If a faster lockout release is needed a Clerk can contact their local manager to release the lock from Clerk Maintenance.

Image Image

  • Session Timeout – Dockmaster and Point Of Sale will lock after 15 minutes of inactivity warranting a relogin by the Clerk. If a different Clerk logs into Dockmaster/PointOfSale that was locked by a previous Clerk it will close all the work items and tabs from the previous Clerk. Point Of Sale will lock after 15min of inactivity on the PC as well.

Image

  • Password Storage and Encryption – Clerk passwords are encrypted on the front end like they are in the back end. Passwords can no longer be Shown within Dockmaster.

Image

  • Account Disablement – Clerks that do not have any activity will be made Inactive after 90 days. The Inactive Date will be automatically filled for the date it goes Inactive, in Clerk Maintenance. This Inactive date can be removed by the end user as they see fit.

Image Image

  • Authentication Logging and Monitoring – Clerk audit log created to track the following actions. DM.DM.CLERK.AUDIT report
    • Login
    • Logout
    • Failed Loging
    • Locked out (multiple failed logins)
    • Lock POS Register
    • Unlock POS Register
    • Access System Security configuration
    • Changed your own password.
    • Reset password for other clerk.
    • Access a customer record from Customer Maint.
    • Access customer payment options tab from Customer Maint.
    • Pull a credit report from a boat sales contract.
    • Process a CC payment
    • CC payment failure
    • Process a payment with a stored token
    • Stored token payment failure
    • Capture a pre auth payment
    • Void a CC or Token payment
    • Void CC or Token payment failure.
    • Unlock clerk

Image

SECURE LOGIN for access to Hosted:

info

ℹ️ Secure Logins are managed by Dockmaster Support.

PCI functions on Secure Login will be On as a default.

PCI Features will include the following items for Secure Login:

  • Minimum Password Length – Minimum password length will be 12 characters. Passwords are Mandatory.
  • Password Complexity Requirements – Complexity requirements must include alphabetic, numeric, special character and a capital letter.

Image

  • Maximum Password Age – A Secure Login user password will be good for 90 days. After this time, they will be prompted on login to Secure Login to update their password.
  • Password History – Secure Login user cannot reuse any of the last 4 passwords they used. A pop-up will tell them they cannot use a password they used before.

Image

  • Lockout Threshold – After 6 failed login attempts A Secure Login user will be locked out.

Image

  • Lockout Duration – Once a lockout threshold is met from failed login attempts, the Secure Login user will be locked out for 30mins. If a faster lockout release is needed a Secure Login user can contact Dockmaster Support to release the lock faster.

Image

  • Forced Password Change on New Secure Login - New Secure Login user setups will be forced to change their password on first log in.

Image

**If at any point you run into any issues, feel free to email [email protected] for assistance.**