Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Sales Data <strong>Exchange</strong> System Specification and Implementation Guide Sections 1–6: General Information<br />
Section 5.5 <strong>ATPCO</strong> Processing and Credit Card Data Security<br />
<strong>ATPCO</strong> processing is built to take account of the sensitivity of passenger credit card information that may<br />
appear on the processed sales record. In order to protect the credit card information, <strong>ATPCO</strong> processing<br />
performs the following steps:<br />
(1) All inbound files containing sales data are scanned for certain triggers which indicate that credit<br />
card information may be present in the transaction.<br />
(2) All inbound files are Secure Zipped and securely locked down.<br />
(3) Where credit card data is found, characters are encrypted based on the following methodology:<br />
a. If Form of Payment Type (FPTP) = CC, CH, CL, DF, DT, EF, PB, TC or VD, then encrypt<br />
the related FPAC bytes 7-19.<br />
b. If any Form of Payment Type (FPTP) = CC, CH, CL, DF, DT, EF, PB, TC, VD, or EX,<br />
then encrypt all instances of FPIN bytes 1-50.<br />
c. If any Form of Payment Type (FPTP) = CC, CH, CL, DF, DT, EF, PB, TC, VD, or EX,<br />
scan the Fare Calculation Area (FRCA) fields for recognizable credit card number<br />
patterns, and encrypt bytes 7-14 of the number found. Note that this generally occurs<br />
only for US-issued ATB1 ticket (or ATB1 E-ticket) stock.<br />
(4) The encryption key is securely stored and is accessible only to an administrator.<br />
(5) The original plain text file is deleted from <strong>ATPCO</strong> servers in the FTP job.<br />
The above steps mean that no credit card information is available to <strong>ATPCO</strong> employees at any time.<br />
For any <strong>ATPCO</strong> employee to view any sales data file (for example to analyze issues with customer data),<br />
a data masking utility must be run so that the credit card information is completely destroyed.<br />
The sales data is either decrypted during the outbound FTP process (and the original deleted), or (based<br />
on customer preference) the decrypted characters are each replaced with a letter X, otherwise known as<br />
masking, to completely destroy the credit card data references.<br />
<strong>ATPCO</strong> also encourages secure transmission of data, and authorizes the following methods for<br />
transmission of sales data into <strong>ATPCO</strong>:<br />
(1) Private circuit<br />
(2) Secure Socket Layer FTP (FTPS)<br />
(3) Secure Zip file transmission<br />
(4) Sender masks data before transmission<br />
The following methods are encouraged for secure receipt of sales data:<br />
(1) Private circuit<br />
(2) Secure Socket Layer FTP (FTPS)<br />
(3) Secure Zip file transmission (this data may also be pulled)<br />
(4) Customer chooses masked data output<br />
At time of publishing, <strong>ATPCO</strong> is working toward compliance with all twelve of the Payment Card Industry<br />
Data Security Standards (PCI DSS) in order to minimize the risk of data loss.<br />
22 November 2007