Execu/Tech Systems, Inc.
Knowledgebase
Search:
850-747-0581EmailWebsite
Contents
 
IndexBookmarkPrint This Article

Home > Payment Processing > Vantiv / Worldpay Credit Card Processing > Vantiv EMV Data Flow

Your Vantiv account must have "PASS" enabled. Be sure to let your Vantiv rep know this. This is what allows card tokenization, a critical part of your credit card data security.

To ensure that credit card tokens are maintained for an appropriate length of time, be sure that this line is added to the configuration file, MENUINI.FIL:

ELEMENT-PURGE-DAYS=30,270

The number of days can can be changed. This shows our recommended default of 30 days for Guest History and 270 days for everything else.  
If this isn't done then credit card tokens will not be saved and cards that have been tokenized will have to be swiped again when used.

This applies to the EMV PIN Pad method of processing credit cards.
  Execu/Tech Systems, Inc. software DOES NOT STORE CREDIT CARD NUMBERS. 

We only store a token that's returned by Vantiv. This is not a credit card number and does not contain the credit card number. Execu/Tech Systems, Inc. does not have access to the credit card numbers of your guests and can't provide to you.
If you need to see a credit card number, you must contact Vantiv for assistance. 

It's important to understand the flow of data between Execu/Tech Systems software and Worldpay. This understanding can help you determine if you are PCI compliant and can allow you to provide accurate information during a PCI audit.

Execu/Tech systems software never communicates with the EMV PIN Pad and sensitive cardholder data is never seen, passed through or stored by the software. If the proper procedures are used, there will never be any sensitive cardholder seen by or stored in Execu/Tech Systems software. To ensure that this is always true, you should never enter credit card data into comment, reference or note fields. 


   This is the flow of credit card data.


The data flow is very simple. 
  • All communication is encrypted using the latest TLS 1.2 protocol.

  • The EMV PIN Pad uses your internet connection to communicate with the TriPOS cloud service hosted by Worldpay on their servers.

  • The Execu/Tech Systems, INC. software also uses your internet connection to communicate with the TriPOS cloud service.

  • When a customer needs to pay with a credit card, we request the appropriate transaction type by sending a message to the TriPOS cloud service, which in turn tells the EMV PIN Pad to begin the transaction. 

  • The transaction is completed on the PIN Pad and all cardholder information is passed between the PIN Pad and the TriPOS service.

  • After the transaction is complete, the TriPOS cloud service tells us whether or not the transaction was a success and provides us with the appropriate data.

  • At no time will the Execu/Tech Systems, Inc. software see the credit card information, nor is it ever passed through the software.  Execu/Tech Systems, Inc. software doesn't communicate with the EMV PIN Pad at all, just the TriPOS cloud service. The only information identifying the customers credit card to our software will be a unique alpha numeric token provided by the TriPOS cloud service and the last 4 digits of the card number. This is an example of what a token might look like and as you can see it doesn't resemble a credit card number. BD211C96-F547-4163-7245-A6A8156143BC. This token can't be used by hackers or thieves to process a credit card if it's stolen. Hackers and thieves can't steal what doesn't exist.

Some transactions require user input on the PIN Pad and some do not. We provide two different progress windows to let you know what needs to happen.

If user input is required on the PIN Pad you'll see this.




If user input is not required, you'll see this.







Article ID
 vantiv_emv_data_flow
Views
 468
Last Modified
 9/11/2019 3:36 PM