Blackbaud Payment Service
-
To help you comply with the
Payment Card Industry Data Security Standards (PCI DSS),
The Raiser’s Edge now uses the Blackbaud
Payment Service to securely store your recurring credit
card and merchant account information. In your database,
The Raiser’s Edge stores reference tokens
generated by the Blackbaud Payment Service to
identify your credit card numbers.
-
The Raiser’s
Edge requires Internet
access to connect to the Blackbaud Payment Service
for the secure storage of credit card or
merchant account information.
-
In the Credit Card No. field,
The Raiser’s Edge displays a masked credit
card number, with only the last four digits visible. For
one-time credit card transactions only, the
program stores only the last four digits and sends no
information to the Blackbaud Payment Service.
-
If a credit card number has been sent to the
Blackbaud Payment Service and can be used to
process transactions, the number displays asterisks (*)
for the masked digits. If a credit card number cannot be
used to process transactions, question marks (?) appears
for the masked digits.
-
If your organization
chooses not to use the Blackbaud Payment Service,
you cannot store credit card or merchant account
information in The Raiser’s Edge.
For information about other steps your organization can
take to comply with PCI DSS, see the Payment
Application Data Security Standards Implementation Guide.
Password Options
-
To help you comply with the PCI DSS,
The Raiser’s Edge now requires strong and complex passwords.
Passwords are case-sensitive and require both alphabetic and numeric
characters. Passwords can be up to 50 characters in length, but must
have a minimum of eight characters.
-
For additional security, in Configuration, you can
now set business rules to require users to change their passwords on a routine basis such as every 90 days.
New passwords created by users cannot match one of the
last four passwords used by the user.
-
For more
information about password requirements and expiration, see the
Configuration and Security Guide.
User Account Lockout
-
To help protect your database,
The Raiser’s Edge can now automatically
lock out a user account for a period of time after a number of failed login
attempts. In Configuration, you can now set
business rules to specify the number
of failed attempts to allow before the program locks the
account and the duration the account remains locked.
-
In earlier versions of The Raiser's Edge, passwords were not case-sensitive and saved as all capital letters. To avoid locked user accounts, we recommend users press CAPS LOCK on their keyboards to ensure they enter passwords in all capital letters when they first log into The Raiser's Edge 7.91.5056.
-
To help protect your database, The Raiser's Edge now
automatically logs out a user when a session is idle for 15
minutes. To activate the workstation, the user must enter the
password again. You can select whether to enable this inactivity
timeout for all users or only Supervisor users, which
are users who log in as the default Supervisor login,
have Supervisor rights, or belong to a user group with
Admin/Security access.
-
For more
information about user account lockout, see the
Configuration and Security Guide.
SQL Server Compatibility
-
The Raiser’s Edge 7.91.5056 is now
compatible with Service
Pack 3 or higher for Microsoft SQL Server 2005
Standard, Workgroup, or Enterprise.
-
The Raiser’s Edge
7.91.5056 is now compatible with Microsoft SQL
Server 2008
and SQL Server 2008
Service Pack 1.
Microsoft Windows Compatibility
Constituents
-
On the Bio 2 or Org 2
tab of a constituent record,
The Raiser’s Edge
no longer displays unmasked credit card numbers. In the
credit card grid, the Credit Card No. column now
displays masked credit card numbers, with only the last
four digits visible. The credit card grid also now
includes a Cardholder Name column. The Blackbaud
Payment Service requires the card holder name
when it receives new or edited valid credit card information
from The Raiser’s Edge.
-
When you save a constituent
record that contains new or edited credit card
information, The Raiser’s Edge
automatically sends the information to the Blackbaud Payment Service for secure storage. For more
information, see the Constituents Data Entry Guide.
Gifts
-
On the gift record,
The Raiser’s Edge
no longer displays unmasked credit card numbers. The
Card no. field now displays masked credit card
numbers, with only the last four digits visible. The Blackbaud
Payment Service requires the card holder name
when it receives new or edited credit card information
from The Raiser’s Edge.
-
When you save a gift
record for a pledge or recurring gift that contains new or edited
valid credit card
information, The Raiser’s Edge
automatically sends the information to the Blackbaud Payment Service for secure storage. For more
information, see the Gift Records Guide.
Electronic Funds Transfer
-
If you use the optional
module Electronic Funds Transfer to generate
transmission files to process credit card payments
through IATS/Ticketmaster or ICVerify, The
Raiser’s Edge no longer includes unencrypted
credit card numbers in the transmission files. The
transmission files generated by The Raiser’s Edge
now contain the reference tokens generated by the
Blackbaud Payment Service to identify the credit
card numbers.
-
If you process credit card
transactions through IATS, The Raiser’s Edge
now sends the transmission file to the Blackbaud
Payment Service, which then securely replaces the
tokens with their corresponding credit card numbers and
sends the complete file to IATS for authorization and
processing.
-
If you process and authorize direct debit
transactions through IATS, The Raiser's Edge
now receives a response file with a rejection code from
IATS to indicate the reason a funds transfer fails, such
as an invalid account number.
-
If you process credit card
transactions through ICVerify, The Raiser’s Edge
securely retrieves the credit card numbers from the
Blackbaud Payment Service and immediately
encrypts the transmission file with the ICVerify
EcryptionManager utility. To help you comply with
PCI DSS, you can no longer obtain a copy of the
unencrypted credit card transmission file through
The Raiser’s Edge. For more information,
see the Electronic Funds Transfer (EFT) Guide.
Export
-
Under the Credit Cards
node, a new Card Token field exists.
Select this field to export the string of characters
used to identify the credit card number in the Blackbaud
Payment Service.
-
When you export an
existing credit card number, it automatically exports as a masked number,
such as a string of
asterisks that end with the last four digits of the
credit card number. You can no longer export unmasked
credit cards numbers.
-
In Export, you can
now select to export one or more specific attribute
descriptions. For example, for the Interests attribute
category, you can select to export the attribute
descriptions Biking, Fishing, and Tennis. This enhancement only applies to attributes
with a data type of table.
Mail
-
To help you comply with PCI
DSS, you can no longer create mailings that display
unencrypted credit card numbers. You can now output only
masked credit card numbers in mailings generated in
The Raiser’s Edge.
-
If you use the optional module
PostalSaver, you can now generate barcodes for
mailings that meet the
requirements of the US Postal Service Intelligent Mail®
barcode. For more information, see the
Mail Guide.
Mapping
Batch
-
When you enter or edit
credit card information in a constituent or gift batch,
The Raiser’s Edge automatically sends the
information to the Blackbaud Payment Service for
secure storage when you leave the row in the batch entry
grid.
-
If you select Tools,
Authorize Credit Card Transactions
from the menu bar to generate a request file to process
credit card payments in a gift batch, your batch must
now include the new Cardholder Name field.
The Raiser’s Edge
no longer includes unencrypted credit card numbers in
the request files. The request files generated by The Raiser’s Edge now contain the reference
tokens generated by the Blackbaud Payment Service
to identify the credit card numbers. If you process
credit card transactions through IATS, The
Raiser’s Edge now sends the request file to the
Blackbaud Payment Service, which then securely
replaces the tokens with their corresponding credit card
numbers and sends the complete files to IATS for
authorization and processing. If you process credit card
transactions through ICVerify, The Raiser’s Edge
securely retrieves the credit card numbers from the
Blackbaud Payment Service and immediately
encrypts the request file with the ICVerify EcryptionManager utility. To help you comply with
PCI DSS, you can no longer obtain a copy of the
unencrypted request file through The Raiser’s Edge.
For more
information, see the Batch Guide.
Administration
-
To help you comply with PCI
DSS, all credit card numbers appear masked throughout
The Raiser’s Edge, regardless of the personal
information security options set for users in Security. We recommend you continue to use the
Personal Information security options to mask Social
Security, bank account, and insurance policy numbers.
For more information, see the Configuration and
Security Guide.
-
When you install or update
The Raiser’s Edge 7.91, you can select to
send existing credit card and merchant account
information in your database to the Blackbaud Payment
Service for secure storage. To view credit card data
that the Blackbaud Payment
Service cannot accept, such as invalid or
incomplete information, you can generate a Credit Card
Exception Report. With this static report, you can
identify credit card information to correct for
submittal and secure storage in the Blackbaud Payment
Service. When you generate the report, you can
select the record types and credit card types to
include. To generate the Credit Card Exception Report,
click Credit Card Exception Report on the
Administration page. For more information, see the Electronic Funds Transfer (EFT) Guide.
Import
-
If you attempt to import
unencrypted credit card information from a plain text
file, for security reasons, The Raiser’s Edge
stores your imported credit card information in the
Blackbaud Payment Service. We strongly recommend you
encrypt credit card information in compliance with PCI DSS.
The retention of credit card information in an
unencrypted file leaves you vulnerable to malicious
users.
-
Import files generated by
The Raiser’s Edge provide only masked credit card
numbers.
-
In a constituent import,
you can now include the new Cardholder Name
field. For more information, see the Import Guide.
Configuration
-
You can now manage your merchant accounts in Business Rules. If you use IATS/Ticketmaster to
process credit card transactions, you must set up a
merchant account. To add or edit a merchant account in
Configuration, click Business Rules and
select Merchant Accounts from the tree view. On the Business Rules
screen for merchant accounts, the grid displays all the
merchant accounts your organization uses with the
Blackbaud Payment Service. Since your
organization may use a merchant account with another
Blackbaud program, you can add or edit merchant accounts
that appear in the grid, but not delete them. When you save new or edited
merchant account information, The Raiser’s Edge
automatically sends the information to the Blackbaud Payment Service
for secure storage.
-
On the Business Rules page
for mail options, if you use the optional module PostalSaver, you can select whether to use the Intelligent Mail® barcode to sort and track mailings with the US Postal Service.
-
On the International page
in Configuration, to help further identify
countries, you can select country names according to
the International Organization for Standardization
(ISO).
For more
information, see the Configuration and Security Guide.
NetSolutions
-
To help you comply with PCI
DSS, NetSolutions no longer stores credit card
numbers locally or in the database. All numbers for
recurring gifts are
stored remotely in the Blackbaud Payment Service.
For one-time gifts,
The Raiser's Edge downloads and stores a
truncated credit card number.
In addition, retention of credit card information
associated with donor logins is no longer possible.
-
Merchant Accounts used in
NetSolutions are now created in Business Rules.
Once an account is in place, you can associate the
account with your entire NetSolutions site or a
specific NetSolutions page (NetDonors, NetEvents,
NetMembers) without re-entering the account’s
credentials.
-
For more information about
NetSolutions, see the NetSolutions Guide;
for more information about creating merchant accounts in
The Raiser’s Edge, see the Business Rules
section of the Configuration chapter in the
Configuration & Security Guide.
Blackbaud Sphere Integration
-
The Raiser’s Edge
is now compatible with Blackbaud Sphere. You can
now download online transactions and information from
Sphere to your database in The Raiser's Edge.
-
In Administration,
system administrators can assign Security rights to the
user roles that access the data downloaded from
Sphere. For information
about how to assign security rights, see the
Configuration and Security Guide.
Workplace Giving
-
On the Pledge Detail
tab of a Pledge Envelope, The Raiser’s Edge
no longer displays unmasked credit card numbers.
For pledge types of Credit
card, Direct bill, Corporate, or Other with a payment
method of credit card, the Card Number column now displays
masked credit card numbers, with only the last
four digits visible. The credit card grid also now
includes a Card Holder column. The Blackbaud
Payment Service requires the card holder name
when it receives new or edited credit card information
from The Raiser’s Edge.
-
When you save the pledge
envelope
record that contains new or edited credit card
information, The Raiser’s Edge
automatically sends the information to the Blackbaud Payment Service for secure storage. For more
information, see the Workplace Giving Guide.
Query
Nonprofit Central Web Service
-
You can now use the Nonprofit
Central web service to view and print
information about an
organization constituent from the Nonprofit Central
database
from within The Raiser's Edge. The
Nonprofit Central database is available to
community foundations who purchase an annual
subscription. For information about how to set up this
service in The Raiser's Edge, see the
Web Services Installation and Set Up Guide.
|