Encryption

Encryption is the strongest protection for card data when it is in transit. From the moment the cardholder swipes or inserts the payment card at a terminal with hardware-based and tamper resistant security module features, encryption protects the card data from fraudsters as it travels across various systems and networks until it is decrypted at Elavon's secure data center.

You can use XML API integration and encrypting devices to process encrypted card transactions. You can submit card transactions with encrypted track data using a supported MagneSafeTM secure card authenticator to maximize data protection. The card authenticator delivers the encryption inside the read head closest to the magnetic stripe, which adds a layer of protection to the HTTPS POST request.

The supported encrypting devices are as follows:

MagTek Readers Using MagneSafe Encryption Ingenico Devices Using Generic TDES DUKPT Encryption
Delivers Track 1 and Track 2 (separately)
Examples: BulleT, iDynamo, uDynamo, aDynamo and Dynamag
Only supports swiped transactions
Combines Track 1 and Track into a single cipher text block
Examples: iSC250, iCMP (iCM122) Mobile PIN Pad or ROAM devices
Supports swiped, chip-read and contactless transactions

error_outline
note

To enable the card reader to communicate with your integrated application, you must download the appropriate SDK for each device type.

The Card Data parameters that you need to pass in the transaction request are as follows:

MagTek Ingenico
ssl_encrypted_track1_data
ssl_encrypted_track2_data
ssl_encrypted_loyalty_track1_data
ssl_encrypted_loyalty_track2_data
ssl_enc_track_data
ssl_enc_loyalty_track_data
ssl_tlv_enc
 

The Encrypting Device parameters that you need to pass in the transaction request are as follows:

  • ssl_vm_mobile_device_source (Mobile Device Type)
  • ssl_mobile_id (Mobile Device ID)
  • ssl_ksn (Key Serial Number)
  • ssl_vendor_id (Vendor ID)

The transactions that support encrypted transactions are as follows:

Credit Card Gift Card EMV Card Loyalty Card
Sale
Auth Only
Force
Balance Inquiry
Generate Token
 
 
 
Activation
Sale
Balance Inquiry
Reload
Credit
Card Refund
Generate Token
 
Chip Sale
Chip Auth Only
Swipe Sale
Swipe Auth Only
 
 
 
 
Enrollment
Redemption
Return
Add Points
Balance Inquiry
Lead Inquiry
Member Inquiry
 

Refer to the Credit Card Transactions sections for more information on the applicable Card Data and Encrypting Device parameters for each transaction.