Elavon, Global Acquiring Solutions Elavon

Skip to content

Verify Your Compliance

PCI DSS is a set of comprehensive requirements for enhancing payment account data security. It includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures intended to proactively protect customer account data.

Elavon has partnered with Trustwave to establish procedures to protect your business and your customers from theft, fraud, and other security risks from the compromise of card data. Helpful agents will work with you to identify the steps you need to take to validate compliance. You will find more information about how to get started once you have registered to certify on the Trustwave site.

The PCI DSS validation process varies depending on your processing volume and acceptance environment. All merchants are required to complete a Self-Assessment Questionnaire (SAQ). Additionally, if you are an e-commerce merchant, or you process transactions via an Internet connection, you will need to conduct a network scan by an Approved Scanning Vendor.

Take the next step and Get Certified.

Stop theft of card numbers from receipts

PAN (primary account number) truncation is a technology that prevents most of the digits in a credit card or debit card from appearing on printed receipts issued to customers. The intent is to prevent fraud or identity theft in case a printed receipt is lost or carelessly discarded. PAN truncation is used by point-of-sale terminals. Most credit card accounts are identified by a string of 16 numbers in four groups of four digits. When PAN truncation is used, usually only the last set of four digits appears on the printed receipt issued to the customer. Please note that the truncation of the customer copy is only mandatory. Please note that the truncation of the merchant copy is not mandatory.

The rules for Visa do not require the Expiry date to be truncated.

The rules for MasterCard do require the Expiry date to be truncated, and there is an exception to this rule that is in effect until the 31st of December 2010. There is a waiver for existing merchants where the card number is already truncated not to implement the truncation on the expiry date until the 31st of December 2010.

Take the next step and Get Certified.

Avoid Common Mistakes for Storing Cardholder Data

  1. Cardholder information should never be stored on any employee workstation. If it is, this data needs to be properly secured and must adhere to PCI standards for encryption software that protects sensitive data.
  2. Do not store paper receipts for more than 24 months. Never store paper receipts that have not been truncated without insuring that they are stored in a lock box or safe that cannot be removed from the premises.

If you have any question regarding how you store cardholder data, or concerns about your compliance, we strongly recommend that you contact TrustWave to assess your needs.

Take the next step and Get Certified.