PA-DSS requirement 11.1

Maitre’D itself never transmits any data over public networks. Maitre’D interfaces with 3rd party applications such as Datacap DSIClientX which takes care of encrypting the data with strong cryptography as well as sending it wherever it needs to go. As Maitre’D uses middlewares to proceed to the transactions, the middlewares verify that only trusted keys and/or certificates are accepted by establishing a secure TLS 1.1 or higher connection with the acquirer interface.

Also, middlewares are configured to prevent fallback to an insecure version or configuration as middleware use only TLS 1.1 or higher to transmit the cardholder data.

Please consult the documentation supplied by the software manufacturer of the application you are using to learn how cardholder data is secured when transmitted across the Internet, how to deploy a secure implementations of security protocols and configure the proper encryption strength for the encryption (TLS 1.1 or higher).

Review the PCI SSC website at www.pcisecuritystandards.org to ensure that the application you are using has been validated as PA-DSS compliant.