Whitelisting
Simplify will use a Whitelisting process to determine which accounts can be exempted from encryption of PCI-sensitive data and returned to the POS unencrypted.
-
Data for accounts in the whitelist will not be sent to the host, but returned to the POS unencrypted for use as determined by the merchant (whitelist response).
- Exception: Sensitive data for PCI-protected accounts (i.e. for accounts in the blacklist) will never be sent to the POS unencrypted, even if the PAN is included in the whitelist.
-
PCI-sensitive data fields for non PCI-protected accounts not in the whitelist (i.e. for accounts not in the whitelist or blacklist) will normally be encrypted.
- Exception: If there is an encryption failure (not caused by system failure), sensitive data for these accounts can be sent unencrypted.
-
To trigger a whitelist response, the POS sends a financial request. Please see sample transaction with Whitelist Response under Modifications to Messaging .
If you want to use a whitelist, please contact your Elavon representative for whitelist configuration.