Protect Stored Card Holder Data; Protect Wireless Transmissions - VeriFone Vx520 Implementation Manual
Payment core
Hide thumbs
Also See for Vx520:
- Reference manual (190 pages) ,
- Installation manual (64 pages) ,
- User manual (37 pages)
Table of Contents
Advertisement
No specific setup of your Point Vx PCI PA-DSS compliant terminal is required. PAN is stored either
truncated or encrypted. Full magnetic stripe data is deleted immediately after authorization and
never stored.
However, if you need to enter PAN and expiration date manually or do a voice referral you should
never write down or otherwise store PAN, expiration date or CVV2. Collect this type of data only
when absolutely necessary to perform manual entry or voice referral.
Note: Using the PCI PA-DSS compliant Point Vx terminal you will never be prompted to enter CVV2.
No any sensitive cardholder's data are retrieving by Point VxPC application (even when needed to
solve a specific problem) in production terminals. In case when sensitive cardholder's data need to
be present in the logs for troubleshooting is only done at Point lab/test environment using test ter-
minals.
Note: Removal of sensitive authentication data is absolutely necessary for PCI DSS compliance.
3.2. Protect stored card holder data
PAN and expiration date are encrypted and stored in your Point Vx for offline transactions. For this
encryption a unique key per transaction is used. Once your Point Vx goes online any stored transac-
tions are sent to the processor and securely deleted from the Point Vx memory.
To comply with the PCI DSS requirements all cryptographic material must be rendered irretrievable.
This is handled within the Point Vx and you do not need to take any action.
3.3. Protect wireless transmissions
© 2015 VeriFone. All rights reserved. VeriFone, the VeriFone logo, Vx, Mx, VeriCentre, VeriShield, Verix V, Verix and PAYware are either
trademarks or registered trademarks of VeriFone in the United States and/or other countries. All other trademarks or brand names are the
properties of their respective holders. All features and specifications are subject to change without notice.
The information contained in this document is confidential and property of VeriFone, Inc. This material may not be copied or published, or
divulged in part or in totality without written permission form VeriFone, Inc.
Author
Jevgenijs Smirnovs
E-mail
jevgenijs.smirnovs@verifone.com
Phone
+371 67844726
Document name
Verifone Payment Core
Point VxPC F02.01.xxx
Implementation Guide
Date
12-Jun-2015
Page number
Version
23
1.0
Hide quick links:
Advertisement
Table of Contents
