Yes, any customer using a P2PE solution must be issued with a P2PE Instruction Manual(PIM) as part of the PCI DSS regulations. You must follow the details of Elavon’s PIM to be compliant with P2PE requirements.
Customer Service
Elavon Customer Service: 0818 20 21 20
Opayo Product Support: 01 240 8731
Search our help centre
Secured by Elavon
GDPR with Elavon (2:20)
We live in an age where criminals don’t need to be present to take advantage of your business. Complying with PCI standards is good evidence that you're complying with GDPR.
Secured by Elavon – PCI explained (UK) (2:31)
All businesses that take card payments have a responsibility to protect their customers' information and payments. Secured by Elavon helps keep your customers and your business safe.
Data security
Our flexible, scalable security solutions and services help mitigate risk and create safer payment systems. They will help you simplify your life and reduce scope for PCI Compliance.To help your business prepare and reduce the hassle and cost of the chargeback process, read our helpful guide.
Secured P2PE - devices
The terminals listed below are used for the Secured P2PE solution.
Please ensure the terminals you use match the terminal models in the list – for further information on the terminal types please refer to sections 3.1 & 3.2 in the P2PE Instruction Manual (PIM).
Desk/5000 Desktop Terminal
- Supports IP connectivity
- Either with or without Lane/3000 PIN Pad
Lane/3000 PIN Pad
- Either Semi-integrated into POS or connected to the Desk/5000
Move/5000
- Supports Wi-Fi, Bluetooth & 3G
ICT250 Desktop terminal
- Supports IP & PSTN connectivity
- Either with or without IPP350 PIN Pad (see below)
IPP350 PIN Pad
- Either Semi-integrated into POS or connected to the ICT250 Desktop
IWL25X Series
- IWL252 Bluetooth
- IWL255 3G
- IWL258 Wi-Fi
If you have any questions about this, please contact us.
Delivery email
Before you get your terminal(s) delivered, you will receive an email from our courier containing:
- The serial numbers of your terminals
- The serial numbers of any terminal packaging
This may include Tamper Evident Envelops depending on the delivery method used (see SecureTerminal Delivery)
For full details please refer to section 5.2 in the P2PE Instruction Manual.
|
Delivery Type |
Process |
|---|---|
|
Engineer On-site |
|
|
Engineer |
|
|
Courier |
|
Delivery Type
Process
Engineer On-site
Configuration and Installation
- An Engineer will deliver your un-configured devices to your chosen location(s).
- You need to refer to the email you received with the terminal details and cross-check this against the terminals you receive. You should also check for any signs of tamper (see Check for Tamper- Delivery below).
- Once all checks are successfully completed, you can instruct the Engineer to configure the devices on your premises.
Engineer
Pre-Configured Installation
- An Engineer will pre-configure your devices prior to delivery.
- Devices will be sealed within a Tamper Evident Envelope and placed inside the original packaging.
- You need to use the email you received with the terminal details to cross-check against the terminals you receive. You should also check for any signs of tamper (see Check for Tamper-Delivery below)
- Once all checks are successfully completed, you can instruct the
- Engineer to proceed with the on-site installation.
Courier
Pre-configured Delivery
- Devices will be pre-configured, sealed within a Tamper Evident Envelope and placed inside the original packaging.
- When you receive the terminals, check they match the terminal details in the email that was sent to you. Also checking for any signs of tamper (see Check for Tamper below).
- Our helpdesk will contact you within 24 hours to help you set up your devices.
For full information on delivery methods please refer to section 5.2 in the PIM.
Check for tamper - delivery
When your devices are delivered, before they are installed and used, please check that there is no evidence of tamper:
- Match the serial numbers of the devices and the packaging to ensure these match the details received on the email.
- Ensure the packaging has not been damaged and that the tamper evident sticker is still in place – unless you have an Engineer Pre-configured or Courier pre-configured delivery then these stickers will be open in line with Section 5.2 in the PIM
- Ensure there are no rips or any other sign of damage that will jeopardise the integrity of your devices.
If there are any signs of tamper or if the serial numbers of the devices and/or packaging does not match, please contact us immediately.
|
Delivery Type |
Process |
|---|---|
|
Engineer On-site Configuration |
The engineer will install the devices following the security checks of device serial numbers and tamper |
|
Engineer Pre-Configured |
Devices are delivered to you pre-configured (in a secure PCI compliant location) |
|
Courier Delivery |
Devices pre-configured (in a secure PCI compliant location) and delivered to you by courier. |
Delivery Type
Process
Engineer On-site Configuration
The engineer will install the devices following the security checks of device serial numbers and tamper
Engineer Pre-Configured
Devices are delivered to you pre-configured (in a secure PCI compliant location)
Once all on-site checks have been completed, the engineer will set up the devices
Courier Delivery
Devices pre-configured (in a secure PCI compliant location) and delivered to you by courier.
Further information can be found in section 4.1 of the PIM.
POI inventory
An important part of PCI DSS compliance requirements for a P2PE solution, is to keep a full inventory for your Point of Interaction (POI) devices; this must include all devices (whether they are installed or awaiting deployment). Please refer to Section 3.3 of the PIM for full details.
Your inventory should include all terminals, including those that have not been deployed. Any changes to your POI estate must be updated in your inventory table by the end of the next working day. Full details of the POI inventory can be found in Section 3.3 in the PIM.
When you receive the PIM you will also receive a Sample Inventory Table which you may want to use. If you wish to create your own inventory table, please refer to the PIM for more information.
Annual POI inspection
Once a year you must complete a full check of all payment devices, ensuring there is no evidence of tampering, and they are all present and authorised. Any issues identified in the annual POI inspection must be reported to us immediately.
For full details please refer to Section 3.3 in the PIM.
Reporting Issues and Technical Troubleshooting.
For any issues with Secured P2PE, please contact the appropriate helpdesk where one of our technical support team members will help you.
When you receive the PIM you will also receive a Sample Inventory Table which you may want to use. If you wish to create your own inventory table, please refer to the PIM for more information.
PCI Best Practice
The Payment Card Industry Security Standard Council (PCI SSC) has provided best practice steps for becoming and remaining PCI complaint. These are listed below and can be found on the PCI Council’s website: www.pcisecuritystandards.org
- Best Practice Guide for Maintaining PCI Compliance – Go to the Documents Library section and search Best Practice, and select PCI DSS V3.0 Best Practices for Maintaining PCI Compliance
- Skimming Prevention: Best Practice for Merchants – Go to Documents Library section and search Anti-skimming, select Skimming Prevention: Best Practice for Merchants
Both of the above documents are also linked to in the PIM
- PCI DSS V3.0 Best Practices – Section 4.2
- Anti-Skimming – Section 6.1
You must contact Elavon’s helpdesk immediately if you notice any evidence of tampering. We will work with you to isolate the rogue device(s) and issue replacements where required.
Although P2PE solutions offer the highest level of PCI security, you must still complete the necessary steps required to become fully PCI Compliant. As well as following the PIM, you work with your chosen Qualified Security Assessor (QSA) or complete the necessary Self-Assessment Questionnaire (SAQ).
If you have any technical issues or notice any issues that you think may jeopardise your P2PE solution please contact the technical helpdesk.
|
Region |
Number |
|---|---|
|
United Kingdom |
0345 850 0195 (Option 1) |
|
Ireland |
1 818 20 21 20 (Option 1) |
|
Poland |
22 306 03 16 (Option 1) |
Region
Number
United Kingdom
0345 850 0195 (Option 1)
Ireland
1 818 20 21 20 (Option 1)
Poland
22 306 03 16 (Option 1)
Elavon Terms of Service Ireland
Elavon Terms of Service French
Elavon Terms of Service Spanish
Elavon Terms of Service Dutch
Helping thousands of customers around the world grow their business through payments
Customer service and support
We’re here to help!
Customer service: 0818 20 21 20
8am to 6pm, Monday to Friday
Elavon technical support: 0818 30 31 30
24 hours a day, 365 days a year
Opayo product support: 01 240 8731
24 hours a day, 365 days a year
Copyright© 2024 | U.S. Bank Europe DAC. Registered in Ireland – Number 418442.
Registered Office: Block F1, Cherrywood Business Park, Dublin 18, D18 W2X7, Ireland. U.S. Bank Europe DAC, trading as Elavon Merchant Services, is regulated by the Central Bank of Ireland.
Helping thousands of customers around the world grow their business through payments
Customer service and support
We’re here to help!
Customer service: 0818 20 21 20
8am to 6pm, Monday to Friday
Elavon technical support: 0818 30 31 30
24 hours a day, 365 days a year
Opayo product support: 01 240 8731
24 hours a day, 365 days a year
Copyright© 2024 | U.S. Bank Europe DAC. Registered in Ireland – Number 418442.
Registered Office: Block F1, Cherrywood Business Park, Dublin 18, D18 W2X7, Ireland. U.S. Bank Europe DAC, trading as Elavon Merchant Services, is regulated by the Central Bank of Ireland.
Essential cookies enable core functionality such as page navigation and access to secure areas. The website cannot function properly without these cookies; they can only be disabled by changing your browser preferences. Please see our Cookie Policy for further information.
Performance cookies help us to improve our website by collecting and reporting information on its usage (for example, which of our pages are most frequently visited).
These cookies and similar technologies gather information about your browsing habits. They remember that you've visited a website and share this information with other organisations, such as advertisers and platforms on which we advertise. They do this in order to provide you with advertisements that are more relevant to you and your interests. These cookies and similar technologies gather information about your browsing habits. They remember that you've visited a website and share this information with other organisations, such as advertisers and platforms on which we advertise. They do this in order to provide you with ads that are more relevant to you and your interests.
These cookies are stored under a different domain than www.elavon.ie. They are mostly used to track you between websites and display more relevant advertisements between websites.
Find out more about cookies on https://www.allaboutcookies.org