Subscribe to Syndicate

CVV2 requirement and possible effect on post dated payments

We recently received information that credit card companies will mandate use of CVV2 number (on the back of a credit card), making it a requirement for processing cards in almost all situations.
Since the vast majority of credit card transactions are real time with a CVV2, most venues will see limited effect for 99% of credit card authorizations:

It will affect:

  • situations where the credit card provider is down or unreachable - a rare occurrence which does happen
  • authorizing existing post dated payments and recurring donations
It may affect:
  • Mail order - and we cannot fully comment on that yet as the documents say that mail order can be taken in batch without CVV2.

Authorize.net is updating their IP addresses

Authorize.net indicated they are updating the IP addresses for their credit card authorization as per the tech-note on their web site.

Microsoft Update KB4338818 affects TM Server on Win 7 and 2008R2

on July 10th, Microsoft released patch KB438818 that applies to windows 2008R2 and Windows 7.

Community: the Theatre Manager Discussion Forum

We are excited to announce Community; a forum for Theatre Manager users to meet and share questions, tips, tricks and news with each other. A number of categories have been set up to explore. You will also find past issues of Three Thought Thursday and some lunch and learn videos created by Proctors. Community is searchable; if you don't see what you are looking for, type something in the search box and see what pops up.

 

This extends existing support forums so that you have:
  • Community: a forum for Theatre Manager users to share business practices and cool solutions amongst each other.
  • Emailing the Artsman support team at support at artsman . com to create a support ticket in our incident reporting system
  • The TM User Conferences which are designed to bring people face to face for in-depth and informative discussions on current topics of interest.
  • help.theatremanager.com which describes how various parts of the system work and what fields mean.
  • Three Thought Thursday - a weekly email containing a cool picture and 3 short tips on features available in Theatre Manager. We try to make these topical to the annual business cycle and/or to introduce new features. Contact sales at artsman . com if you are not receiving these and wish to get them - they are very popular

Please join us and check out Community!

Theatre Manager and High Sierra/Mojave Compatibility

We have tested Theatre Manager with High Sierra in our test lab for a number of months and at some selected client sites. There are no known issues that we are aware of

Those wishing to update to High Sierra should do so. We will be testing Mojave as it gets closer to release date.

 

Third National Theatre Manager User Conference

Third National Theatre Manager User Conference

Save the Date for a Proctors/Arts Management Collaboration
REGISTER NOW for early bird pricing

Mon, April 30 - Thurs, May 4, 2018
at Proctors Theatre
Schenectady, New York.

 

Offsite Backups are a key way to thwart recent Ransomware viruses

While travelling home from the excellent TM2 conference (thank you all that attended), I saw an article in USA Today indicating bad guys had unleashed a ransomware virus for windows based on some leaked NSA tools. It hit places in Europe first and then some in North America.

In the vein of better be safe than sorry, we always suggest that venues make an offsite backup of their database on a daily basis. It is better if this backup is:

  • on a different network than the main database and/or
  • on an external drive that is physically disconnected from the server after the backup is done and/or
  • sent to an FTP site or machine external to the server and/or
  • sent to some cloud backup

The important concept is that if you do get hit by ransomware or malicious software, then you have a backup that is ‘airgapped’ on another machine that is not connected to this machine. It is also why recommend that the database sever never be on a domain - making it harder for a virus to propagate from a download.

Today, we are suggesting that everybody make a backup onto another device, especially if you have windows servers — and make it standard practice going forward. Copying todays backup to a USB key today and removing it is probably a good first step.

 

If you want to read about the virus.

There is some good news — apparently the makers of the virus software put a kill switch in it — and a particularly astute individual diagnosed this and helped mitigate the attack.

https://www.theguardian.com/technology/2017/may/13/accidental-hero-finds...

 

Those who are:
  1. using linux or OSX database servers are not affected.
  2. running their servers on our Cloud are not affected.
  3. using our cloud backup storage for offsite backups - have an offsite backup from last night at minimum

Regardless, making a backup just in case and copying to another machine is wise.

We apologize in advance if this might sound urgent (it is) .. and, like any cold prevention - better to stop it before you catch it. if you have any questions or need assistance, please let us know on the support email.

Orbital Mandating Use of TLS1.2 by End of May, 2017

We have received information that affects all merchants using any Chase Paymentech credit card authorization products.

In Theatre Manager (version 10.07.10 and later), all venues using Orbital will automatically be converted to the new URL's per Chase Paymentech's note. They informed us that, as of end of May 2017, all merchants authorizing credit cards with Orbital must be using TLS 1.2 for security and the new URL's only accept this high level of encryption.

 

If you use Orbital and have any issues authorizing credit cards, let us know and/or try the following.

Until mid May, 2017, you can revert the URL's by going into your merchant account setup for orbital and changing:

  • Primary URL: change orbital1.chasepaymentech.com back to orbital1.paymentech.net
  • Secondary URL: change orbital2.chasepaymentech.com back to orbital2.paymentech.net

OR address the issue permanently by:

NOTE: anybody using version 10.06.xx or earlier and Orbital for merchant services, will need to upgrade ASAP - otherwise Orbital's servers will stop accepting your payments.

Second National Theatre Manager User Conference

Second National Theatre Manager User Conference

Save the Date for a Proctors/Arts Management Collaboration
REGISTER NOW for early bird pricing

Mon, May 8 - Thurs, May 11, 2017
at Proctors Theatre
Schenectady, New York.

authorize.net advisory (for march 21, 2016) does not affect Theatre Manager

Venues using authorize.net may have received an 'important Security Notice' indicating that authorize.net processing network had a security problem during their upgrade on the evening of March 21,2016 between 4:13 PM and 11:49 PM Pacific time. In the advisory, authorize.net says they inadvertently sent back the full 'unmasked card number' during an authorization request. The advisory also says is is subject to their confidentiality agreement and cannot be distributed.

This does not affect Theatre Manager users

We know the first thing our venues will want to know is if they are at any risk. So we are posting the answer, in advance, that TM does not store the full response string from authorize.net - it only tracks the authorization code and CVV2 response code. From what we've read in the security advisory, you may disregard it completely.

Pages

Subscribe to Arts Management Systems RSS