Shift4
Shift4 Dollars On The Net Login Dollars On The Net My Portal
Shift4 Social Shift4 on Facebook Shift4 on Twitter Shift4 on LinkedIn Shift4 Blog 4Sight Newsletter

Security Corner

What You Need to Know About EMV

PCI DSS Requirement 12.8 - Service Provider Management

Shift4 Security Policies and Important Information

Credit Card Association Security Programs

Security Education

What You Need to Know About EMV

In the rush to release EMV-capable devices, many solutions came to market with lackluster security; in fact, some actually allowed card data to be sent from the EMV device to the point of sale in clear-text – leaving merchants more vulnerable to a data breach than they had been prior to EMV. To ensure that our merchant customers never fall victim to the misconception that EMV is a security solution when is in fact an authentication tool, Shift4 requires the use of point-to-point encryption with every new EMV implementation. Shift4’s UTG is programmed to verify P2PE configurations on startup and will not enable EMV capability on any device that is not securely configured.

In the event that an EMV terminal transmits unencrypted card data to the UTG, an error will be returned to the POS and the card data will not be processed. Remember, EMV is designed to protect merchants from the fraudulent use of card-data stolen in previous breaches, while TrueTokenization and P2PE shield merchants from becoming the victim of the next breach.

Shift4

PCI DSS Requirement 12.8 - Service Provider Management

If you retain service providers to process, store, or transmit cardholder data, you must have policies and procedures in place to manage those service providers. While there are no general guidelines to manage service providers, there are four specific PCI DSS requirements.

Shift4’s PCI-Validated True P2PE® (Point-to-Point Encryption) Solution

Shift4 Shift4’s PCI-Validated True P2PE Solution
Download PDF
1.17MB
Shift4
Shift4 PCI P2PE Instruction Manual – True P2PE
Download PDF
179KB
Shift4
Shift4

Shift4 Security Policies and Important Information

See the documents below for the most recent updates on our security policies and procedures.

Shift4 Privacy Shield: Common and Supplementary Principles
Download PDF
92KB
Shift4
Shift4 PCI-DSS Roles and Responsibilities
Download PDF
68KB
Shift4
Shift4 Universal Transaction Gateway Change Management
Download PDF
39KB
Shift4
Shift4 Internet-Borne Malicious Activity on Shift4 Systems
Download PDF
38KB
Shift4
Shift4

PA-DSS Attestations of Validation

Below are the annual PA-DSS Attestations of Validation (AOV) for Shift4’s PCI-validated payment solutions

Shift4 AOV for Shift4's Universal Transaction Gateway (PCI version 3.2)
Download PDF
788KB
Shift4
Shift4 AOV for Shift4's 4Go (PCI version 3.2)
Download PDF
837KB
Shift4
Shift4 AOV for Shift4's Secure Suite 4 MICROS 3700 (PCI version 3.2)
Download PDF
831KB
Shift4
Shift4 AOV for Shift4's Secure Suite 4 MICROS 9700 (PCI version 3.2)
Download PDF
825KB
Shift4
Shift4

Credit Card Association Security Programs

The following links can give you current information on the card associations' security protocols.

Shift4 American Express
Visit Site Shift4
Shift4 Discover
Visit Site Shift4
Shift4 JCB
Visit Site Shift4
Shift4 MasterCard
Visit Site Shift4
Shift4 Visa
Visit Site Shift4
Shift4

Security Education

The links below contain a wealth of information on IT and payments security from external sources that our team of experts consider reliable.

Shift4 IC3 Issues Internet Crime Report for 2016
Visit Site Shift4
Shift4 Kaspersky 2016 Security Bulletin
Visit Site Shift4
Shift4 Ransomware Risks and Mitigation
Download PDF
6.50MB
Shift4
Shift4 Symantec 2017 Internet Security Threat Report
Download PDF
1.96MB
Shift4
Shift4 Trend Micro 2016 Security Roundup
Download PDF
2.16MB
Shift4
Shift4 Verizon 2017 Data Breach Investigations Report
Visit Site Shift4

Shift4Our mission is to apply pervasive and robust information assurance processes and technologies for partners, customers, and corporate entities to assure the availability, authenticity, integrity, and confidentiality of information assets and to protect information technology resources and facilities.

DID YOU KNOW?

Shift4 offers access to 24 months of transaction archives, protecting you against costly chargebacks and
retrieval requests.

HAVE A QUESTION?

Can't find what you're looking for?
Don't understand a selection of information? Use the quick contact feature; we're here to help.

 
Birdies4Shriners Shriners Hospitals Donate Today





Shift4
Shift4 Secure Payment Processing | Creators of Tokenization
Copyright © 1994-2017 Shift4 Corporation. All rights reserved.
Shift4 Shift4 Newsletter Shift4 Blog Shift4 on LinkedIn Shift4 on Twitter Shift4 on Facebook Shift4.com
site map | privacy policy | contact us | 702.597.2480
Shift4 pci Security Standards   Shift4
TRUSTe