Purging Credit Card Security Data

Credit card security codes are retained until after the transaction is authorized. In real-time transactions, the security code record is deleted immediately after the self-service transaction is authorized. However, if the payment merchant is set up to perform batch authorizations, there could be a delay between the time that sessions containing transactions are submitted and when they are authorized. The Purge Gift Security Codes and Purge Membership Security Codes pages enable you to ensure the timely deletion of this data and remain PCI compliant.

Access the Purge Gift Security Codes or Purge Membership Security Codes page.

Image: Purge Gift Security Codes page

This example illustrates the fields and controls on the Purge Gift Security Codes page. You can find definitions for the fields and controls later on this page.

The fields on each page are the same for both gift and membership security code purges.

The fields in the Purge Cutoff Date group box enable you to periodically purge gift or membership security codes from your system. The cutoff date is calculated by subtracting the days, hours and minutes from the current system date and time, and any transaction with a date/time earlier than that is deleted.

Click the Run button to launch Process Scheduler and run the AV_CVVPURGE Application Engine process, which removes security codes from the AV_EP_PMT_CVV record that:

• Exceed the retention maximum days, hours and minutes, irrespective of whether they are authorized or not.

• Have been authorized, yet somehow were not purged by AV_EP_BATCH after the credit card transaction was authorized.