Encryption is the strongest protection for card data when it is in transit. From the moment the cardholder swipes or inserts the payment card at a terminal with hardware-based and tamper resistant security module features, encryption protects the card data from fraudsters as it travels across various systems and networks until it is decrypted at Elavon’s secure data center.
You can use XML API integration and encrypting devices to process encrypted card transactions. You can submit card transactions with encrypted track data using a supported MagneSafeTM secure card authenticator to maximize data protection. The card authenticator delivers the encryption inside the read head closest to the magnetic stripe, which adds a layer of protection to the HTTPS POST request.
The supported encrypting devices are as follows:
|Ingenico Devices Using Generic TDES DUKPT Encryption|
|Combines Track 1 and Track into a single cipher text block|
Examples: iSC250, iCMP (iCM122) Mobile PIN Pad or ROAM devices
Supports swiped, chip-read and contactless transactions
To enable the card reader to communicate with your integrated application, you must download the appropriate SDK for each device type.
- SDKs for encrypytion devices are available on Ingenico’s Developer Portalopen_in_newLink opens new window. You need to be a registered user to gain access to the SDKs.
The Card Data parameters that you need to pass in the transaction request are as follows:
The Encrypting Device parameters that you need to pass in the transaction request are as follows:
- `ssl_vm_mobile_device_source` (Mobile Device Type) - `ssl_mobile_id` (Mobile Device ID) - `ssl_ksn` (Key Serial Number) - `ssl_vendor_id` (Vendor ID)
The transactions that support encrypted transactions are as follows:
|Credit Card||Gift Card||EMV Card|
Chip Auth Only
Swipe Auth Only
Refer to the Credit Card Transactions sections for more information on the applicable Card Data and Encrypting Device parameters for each transaction.