Simplify will use a Whitelisting process to determine which accounts can be exempted from encryption of PCI-sensitive data and returned to the POS unencrypted.
Data for accounts in the whitelist will not be sent to the host, but returned to the POS unencrypted for use as determined by the merchant (whitelist response).
- Exception: Sensitive data for PCI-protected accounts (i.e. for accounts in the blacklist) will never be sent to the POS unencrypted, even if the PAN is included in the whitelist.
PCI-sensitive data fields for non PCI-protected accounts not in the whitelist (i.e. for accounts not in the whitelist or blacklist) will normally be encrypted.
- Exception: If there is an encryption failure (not caused by system failure), sensitive data for these accounts can be sent unencrypted.
To trigger a whitelist response, the POS sends a financial request. Please see sample transaction with Whitelist Response under Modifications to Messaging.
If you want to use a whitelist, please contact your Elavon representative for whitelist configuration.