Encryption is the strongest protection for card data when it is in transit. From the moment the cardholder swipes or inserts the payment card at a terminal with hardware-based and tamper resistant security module features, encryption protects the card data from fraudsters as it travels across various systems and networks until it is decrypted at Elavon's secure data center.
You can use XML API integration and encrypting devices to process encrypted card transactions. You can submit card transactions with encrypted track data using a supported MagneSafeTM secure card authenticator to maximize data protection. The card authenticator delivers the encryption inside the read head closest to the magnetic stripe, which adds a layer of protection to the HTTPS POST request.
The supported encrypting devices are as follows:
|MagTek Readers Using MagneSafe Encryption||Ingenico Devices Using Generic TDES DUKPT Encryption|
|Delivers Track 1 and Track 2 (separately)
Examples: BulleT, iDynamo, uDynamo, aDynamo and Dynamag
Only supports swiped transactions
|Combines Track 1 and Track into a single cipher text block
Examples: iSC250, iCMP (iCM122) Mobile PIN Pad or ROAM devices
Supports swiped, chip-read and contactless transactions
To enable the card reader to communicate with your integrated application, you must download the appropriate SDK for each device type.
The Card Data parameters that you need to pass in the transaction request are as follows:
The Encrypting Device parameters that you need to pass in the transaction request are as follows:
ssl_vm_mobile_device_source(Mobile Device Type)
ssl_mobile_id(Mobile Device ID)
ssl_ksn(Key Serial Number)
The transactions that support encrypted transactions are as follows:
|Credit Card||Gift Card||EMV Card||Loyalty Card|
Chip Auth Only
Swipe Auth Only
Refer to the Credit Card Transactions sections for more information on the applicable Card Data and Encrypting Device parameters for each transaction.