Elavon customer service: 0345 850 0195 Opayo product support: 0191 313 0299
For support in Ireland, click here
Elavon Customer Service: 0345 850 0195
Opayo Product Support: 0191 313 0299
We live in an age where criminals don’t need to be present to take advantage of your business. Complying with PCI standards is good evidence that you're complying with GDPR.
All businesses that take card payments have a responsibility to protect their customers' information and payments. Secured by Elavon helps keep your customers and your business safe.
Our flexible, scalable security solutions and services help mitigate risk and create safer payment systems. They will help you simplify your life and reduce scope for PCI Compliance.To help your business prepare and reduce the hassle and cost of the chargeback process, read our helpful guide.
The terminals listed below are used for the Secured P2PE solution.
Please ensure the terminals you use match the terminal models in the list – for further information on the terminal types please refer to sections 3.1 & 3.2 in the P2PE Instruction Manual (PIM).
Desk/5000 Desktop Terminal
Lane/3000 PIN Pad
Move/5000
ICT250 Desktop terminal
IPP350 PIN Pad
IWL25X Series
If you have any questions about this, please contact us.
Before you get your terminal(s) delivered, you will receive an email from our courier containing:
This may include Tamper Evident Envelops depending on the delivery method used (see SecureTerminal Delivery)
For full details please refer to section 5.2 in the P2PE Instruction Manual.
Delivery Type |
Process |
---|---|
Engineer On-site |
|
Engineer |
|
Courier |
|
Delivery Type
Process
Engineer On-site
Configuration and Installation
Engineer
Pre-Configured Installation
Courier
Pre-configured Delivery
For full information on delivery methods please refer to section 5.2 in the PIM.
When your devices are delivered, before they are installed and used, please check that there is no evidence of tamper:
If there are any signs of tamper or if the serial numbers of the devices and/or packaging does not match, please contact us immediately.
Delivery Type |
Process |
---|---|
Engineer On-site Configuration |
The engineer will install the devices following the security checks of device serial numbers and tamper |
Engineer Pre-Configured |
Devices are delivered to you pre-configured (in a secure PCI compliant location) |
Courier Delivery |
Devices pre-configured (in a secure PCI compliant location) and delivered to you by courier. |
Delivery Type
Process
Engineer On-site Configuration
The engineer will install the devices following the security checks of device serial numbers and tamper
Engineer Pre-Configured
Devices are delivered to you pre-configured (in a secure PCI compliant location)
Once all on-site checks have been completed, the engineer will set up the devices
Courier Delivery
Devices pre-configured (in a secure PCI compliant location) and delivered to you by courier.
Further information can be found in section 4.1 of the PIM.
An important part of PCI DSS compliance requirements for a P2PE solution, is to keep a full inventory for your Point of Interaction (POI) devices; this must include all devices (whether they are installed or awaiting deployment). Please refer to Section 3.3 of the PIM for full details.
Your inventory should include all terminals, including those that have not been deployed. Any changes to your POI estate must be updated in your inventory table by the end of the next working day. Full details of the POI inventory can be found in Section 3.3 in the PIM.
When you receive the PIM you will also receive a Sample Inventory Table which you may want to use. If you wish to create your own inventory table, please refer to the PIM for more information.
Once a year you must complete a full check of all payment devices, ensuring there is no evidence of tampering, and they are all present and authorised. Any issues identified in the annual POI inspection must be reported to us immediately.
For full details please refer to Section 3.3 in the PIM.
Reporting Issues and Technical Troubleshooting.
For any issues with Secured P2PE, please contact the appropriate helpdesk where one of our technical support team members will help you.
When you receive the PIM you will also receive a Sample Inventory Table which you may want to use. If you wish to create your own inventory table, please refer to the PIM for more information.
The Payment Card Industry Security Standard Council (PCI SSC) has provided best practice steps for becoming and remaining PCI complaint. These are listed below and can be found on the PCI Council’s website: www.pcisecuritystandards.org
Both of the above documents are also linked to in the PIM
Yes, any customer using a P2PE solution must be issued with a P2PE Instruction Manual(PIM) as part of the PCI DSS regulations. You must follow the details of Elavon’s PIM to be compliant with P2PE requirements.
You must contact Elavon’s helpdesk immediately if you notice any evidence of tampering. We will work with you to isolate the rogue device(s) and issue replacements where required.
Although P2PE solutions offer the highest level of PCI security, you must still complete the necessary steps required to become fully PCI Compliant. As well as following the PIM, you work with your chosen Qualified Security Assessor (QSA) or complete the necessary Self-Assessment Questionnaire (SAQ).
If you have any technical issues or notice any issues that you think may jeopardise your P2PE solution please contact the technical helpdesk.
Region |
Number |
---|---|
United Kingdom |
0345 850 0195 (Option 1) |
Ireland |
1 818 20 21 20 (Option 1) |
Poland |
22 306 03 16 (Option 1) |
Region
Number
United Kingdom
0345 850 0195 (Option 1)
Ireland
1 818 20 21 20 (Option 1)
Poland
22 306 03 16 (Option 1)
(Sole trader, or partnership with 3 or less partners)
(All other customers)
(Multi-national customers)
(Opayo gateway only)