After collaborating with PCI auditors and the TLG information security teams, we will implement the following PCI compliance change on March 24, 2020. CVV data will be purged from AgentMate’s database if the transaction is not processed in the application within four calendar days (includes weekends and holidays).
How does this impact you?
The following workflows are impacted:
- PayNow invoice payment collection from a client
- Group Registration payment collection from a client
- In-House Merchant processing whereby the agent is entering a payment requesting the agency’s back office team to process client’s card
In each of these workflows, if a credit card payment is not authorized in AgentMate within four calendar days (includes weekends and holidays) of the credit card information being entered, the CVV will automatically be purged from the AgentMate database. If this happens, you will need to determine if you can have the card processed without the CVV, or you may need to contact your client to obtain the CVV again.
We plan to add a permanent note on each processing screen to advise all agents that they have four calendar days to process the credit card before the CVV is removed. In addition, a system notification will be placed at the top of the application informing agents of the four-calendar day processing time limit.
As laws and regulations grow and change, our technology will continue to evolve to meet compliance requirements. Therefore, the current four-calendar day limit could potentially change during the next PCI audit. All other functionality will remain the same.
Thank you for your understanding as we strive to strengthen our compliance.
Please share this with appropriate members of your team. If you have any questions, please email [email protected].