Offline Scenarios

Offline Data Processing

important

Requirement

Offline approval scenarios are applicable to certain markets only and must not be supported for attended POS in North America.

Stand-in processing

Description

Stand-in processing is used when the connection to the merchant system or host system is down or unavailable.

Merchants who opt to perform stand-in processing transactions must not store PIN block. When sending the data to the host, merchants can strip-off the PIN block and send the rest of the authorization data.

The cardholder verification method (CVM) that can be used in this scenario is offline PIN (online PIN cannot be validated when the host connectivity is down).

Other CVM options include:

  1. Merchants may use a selectable kernel configuration in the terminal, where the terminal requests Offline PIN to be entered. This method requires additional kernel certification before deploying the solution.

  2. Merchants may choose not to validate Offline PIN and process transactions with other risk management checks mentioned in the Processing Requirements section.

  3. Merchants may choose Signature as the cardholder verification method.

Processing requirements

Warning: Merchants are advised not to implement this feature without explicit permission from Elavon.

important

Requirement

  • Elavon requires merchant system to not perform stand-in processing for debit BINs.
  • There are no stand-in transaction limits defined by Elavon. Merchants assume liability in this case.
  • Elavon does not claim any preferred approach for deferred authorizations. Merchants intending to implement this functionality must work with their Elavon representative.
  • Merchant Systems must not process transactions as store and forward with online PIN. Signature or No CVM may be used as a cardholder verification method.

Best Practice

Elavon recommends stand-in transaction execution best practices and risk management to be performed by the merchants’ point of sale system.

  • The Terminal Verification Results must not indicate the following:
    • SDA failed, DDA failed or CDA failed
    • Card on exception file
    • PIN try-limit exceeded
    • Expired payment application
    • Cardholder Verification not successful
    • PIN entry required, PIN Pad present but PIN not entered (i.e. Cardholder PIN Bypass)
  • Transaction is domestic only. Standing-in for non-domestic transactions is very risky and prone to fraud.
  • Transaction is below merchant configured stand-in floor limit.
  • Stand-in is enabled at the merchant POS system.
  • Compare the TVR Mask to the transaction’s Terminal Verification Results (Tag 95) value. If any of the bits in the TVR match the corresponding bits in the TVR Mask, then it would indicate the transaction should not be approved via stand-in authorization. The recommended TVR Mask is ‘FD 7F FB 27 0F’. If a bitwise AND of the TVR and TVR Mask bits are all zero, the processing with stand-in shall continue. Otherwise, the transaction must be declined.
  • Compare the TSI Mask and the Transaction Status Indicator (Tag 9B) value. If any of the bits in the TSI are zero in the corresponding bits of the TSI Mask, then a required EMV transaction step was not performed. The recommended TSI Mask is ‘E8 00’. The transaction may continue if a bitwise AND of the TSI and TSI Mask equals the TSI Mask. Otherwise it must be declined.