PAN Truncation
Thousands of people are the innocent victims of some form of card fraud in Britain each year. Some of these will inevitably be your customers. Fraudulent use of a customer’s PAN (i.e. cardholder details) frequently arises due to the theft of customer details from discarded card transaction receipts.
What is PAN truncation?
Primary Account Number (PAN) Truncation, is a simple and effective way of disguising cardholder account numbers on transaction receipts.
How does it work?
A software update to your terminal is all it takes to enable each customer’s card account details to be replaced by a set of asterisks (****) on their copy of the receipt. This keeps their account details secret and stops fraudsters who could otherwise steal and use the information. (You will retain the account number in full on your merchant copy of the receipt should any queries arise).
What do I need to do?
If you rent your terminal from Streamline you will already have this functionality. Further information can be found in Section 14 of your Merchant Operating Instructions.
If you own your own POS terminal and you do not already have this functionality you must arrange for your equipment to be urgently upgraded. Visa and MasterCard mandatory implementation dates have already passed. You will need to contact your terminal supplier for advice on implementing this measure.
Frequently asked questions
- What part of the PAN (i.e. the cardholder account details), should be truncated?
- MasterCard and Visa recommend that you display only the last 4 digits.
Back to top
- What are the penalties if we do not comply with this mandate?
- Currently there are no penalties, however the Card Schemes may introduce these in the future. The important thing to consider is that this will protect your customers from fraud, as well protecting the reputation of your business.
Back to top
- When did I need to do this by?
- The mandatory dates for implementation were:
MasterCard – 2005
Visa - July 2006
Back to top
- What are the costs involved in undertaking this change?
- Please contact your terminal software supplier. They will provide these details
Back to top
- When disguising the PAN, do ‘asterix’ (****) have to be used or can other symbols can be used?
- Provided the number is disguised other symbols can be used. However most retailers will be using the *.
Back to top
- Who do I contact to arrange this function?
- Please contact your terminal supplier.
Back to top
- Will I need another terminal?
- Please contact your terminal supplier.
Back to top
- I bought my terminal outright from a 3rd party provider, who do I contact to arrange for the functionality to be added?
- Please contact your terminal supplier for advice.
Back to top
- I have a no maintenance agreement with the 3rd party provider whom I bought my terminal from. Will Streamline cover the cost to add this function?
- Streamline will not cover the cost to add this function.
Back to top
- All my sales/refunds are Customer Not Present transaction types. Do I still need this function?
- Yes, if you are issuing a receipt to the customer by post then this should not display the full PAN.
Back to top
- I have an impact printer. How will this function work ?i.e. what happens if I have to provide card numbers to Streamline for disputes?
- You will need to change your printer to a thermal printer in order to protect your customer data.
Back to top
Interested in accepting card payments? Don't hesitate to get in touch.
see more
