EasyManua.ls Logo

Optimum T4210 - Page 13

Optimum T4210
92 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Important information © Hypercom EMEA Ltd. 2011 13
Storing merchant receipts and reports
Please note that it is the responsibility of the merchant to ensure the Mer-
chant Copies of receipts and reports showing cardholder details are se-
curely stored for the period of time specified by your Acquirer. Also please
ensure they are disposed of in a secure manner. Failing to do so may re-
sult in charge-backs or fraudulent activity.
What does PA-DSS Compliance involve?
PA-DSS ensures that the payment software is compliant with specific re-
quirements (similar to PCI DSS). You should read though this section care-
fully, taking note of your responsibilities to protect cardholder data. The PA
-DSS requirements are:
1. Do not retain full magnetic stripe, card validation code or PIN block data
The payment application within the Hypercom Optimum T/M4200 fami-
ly terminal does not retain such data. You need take no further action
to ensure your PCI DSS compliant environment meet this specific re-
quirement.
2. Protect stored cardholder data
The payment application within the Hypercom Optimum T/M4200 fami-
ly terminal protects stored cardholder data in a secure manner.
You must ensure that you give the correct copy of the receipt to the
Cardholder (clearly marked CARDHOLDER COPY) and retain the mer-
chant receipts in a secure area with limited access to authorised staff.
The merchant receipts must be destroyed by incineration or by cross
shredding when they become obsolete. Your merchant bank will advise
on the period necessary for retention of receipts.
You should perform a settlement every day, and must settle at least
one a week to purge the payment application of cardholder data. Your
terminal may be configured to automatically settle every day; if you
are unsure how your terminal is configured, please contact helpdesk.
3. Provide secure authentication features
The payment application operates in the T/M4200 hardware environ-
ment and does not require username or password access. You need
take no further action to ensure your PCI DSS compliant environment
meet this specific requirement.
continued...

Table of Contents