Hi Craig and Bud -
First, please note there are two pieces to this puzzle:
1) PCI DSS, which are a set of requirements that a merchant must comply with in order to use their system to process payment cards.
2) PA-DSS, which is a set of standards that a software vendor, such as Microsoft, must comply with.
In order for a merchant to be compliant with PCI, they must comply with several requirements including secure networking, password policies, etc. as Craig suggested. These are outside the scope of the software. However, in addition, merchants should use a product that has been PA-DSS validated.
Both Microsoft Dynamics RMS 2.0 SP2 and Microsoft Dynamics POS 2009 have been validated. You can point your payment processor to PCI's website which has a list of validated payment applications:
formatting link
However, as you both have found out, your payment processor may request additional validation to ensure that your are PCI compliant.
I hope this helps. Good luck.