Transaction Information Documents (TIDs)

3.7 Transaction Information Documents (TIDs)

Transaction Information Documents (TIDs) used in interchange transactions must comply with the Standards set forth in this section.

Below is a list of the types of TIDs discussed in this section:

• Retail sale

• Credit

• Cash disbursement

• Information

If the merchant uses a manual imprinter, the TID produced is called a formset or slip. For MasterCard formset specifications, refer to Appendix D.

If a transaction begins at an electronic terminal, the merchant may substitute a terminal receipt for a formset. Terminal receipts have no prescribed physical specifications but must be numbered sequentially for reference purposes.

3.7.1 Formset Contents

Each copy of a retail sale, credit, or cash disbursement formset shall satisfy minimum statutory and regulatory requirements in the jurisdiction in which the slip originates and any applicable regulations, issued by the U.S. Board of Governors of the Federal Reserve System or other regulatory authorities, and shall contain the following:

• In the case of retail sale and credit slips, a space for the description of goods, services, or other things of value sold by the merchant to the customer and the cost thereof, in sufficient detail to identify the transaction.

• Adequate spaces for:

− Customer’s signature

− Card imprint and the merchant or bank identification plate imprint

− Date of the transaction

− Authorization number (except on credit slips)

− Sales clerk’s or teller’s initials or department number

− Currency conversion field

− Merchant’s signature on credit slips The merchant must

retain a copy of the TID for at least 18 months.

3.7 Transaction Information Documents (TIDs)

− Description of the positive identification supplied by the cardholder on cash disbursements and retail sale slips for certain unique transactions.

• A legend clearly identifying the slip as a retail sale, credit, or cash disbursement and identifies the receiving party of each copy.

• On the customer copy of the formset, the words (in English, local

language, or both): “IMPORTANT—retain this copy for your records,” or words to similar effect.

• Such other contents as are not inconsistent with these rules.

MasterCard recommends that each retail sale, credit, and cash disbursement slip bear a means of identifying the member that distributed the slip to the merchant.

3.7.2 Terminal Receipt Contents

A terminal or other device at a point of interaction must not display magnetic stripe track data other than card account number, expiration date, and

cardholder name.

Each copy of a terminal receipt shall satisfy all requirements of applicable law, and shall contain the following information:

• Doing Business As (DBA) merchant name, city and state, country, or the point of banking location

• Transaction date

• MasterCard account number

• Transaction amount in the original transaction currency

• Adequate space for the customer’s signature (required on merchant copy only)

• Authorization approval code (except on credit receipts). Optionally, the acquirer also may print the transaction certificate, the application

cryptogram, or both for smart card transactions.

• Merchant’s signature on credit receipts only

Each receipt shall clearly identify the transaction as a retail sale, credit, or cash disbursement.

3.7 Transaction Information Documents (TIDs)

3.7.3 Primary Account Number Truncation

MasterCard requires ATM acquirers to truncate, or render indeterminable on printed ATM receipts, a minimum of four digits of the PAN. MasterCard also requires PAN truncation for all receipts generated at Cardholder-Activated Terminals (CATs). PAN truncation is permitted for receipts generated at all other points of interaction.

MasterCard strongly recommends that all cardholder receipts generated by POI terminals, whether attended or unattended, reflect only the last four (4) digits of the PAN, replacing all preceding digits with fill characters that are neither blank spaces nor numeric characters, such as “X,” “*,” or “#.”

Effective 1 April 2005, the cardholder receipt generated by newly installed, replaced, or relocated POI terminals, whether attended or unattended, must reflect only the last four (4) digits of the PAN. All preceding digits must be replaced with fill characters that are neither blank spaces nor numeric characters, such as “X,” “*,” or “#.”

3.7.3.1 Truncation Considerations

Truncating a greater number of digits, when compared to the total number of digits in the PAN, increases the effectiveness of the effort. However, it also increases the confusion and difficulty that cardholders may have reconciling their ATM terminal receipts to their periodic statements, therefore a satisfactory balance must be reached.

1. Truncation of the routing BIN alone, while helpful, may not prevent

duplication of the PAN. It is possible to observe the card in use in order to obtain issuer identification.

2. Truncating the check digit and several other digits does not improve PAN security. Absent the check digit, calculation of several missing digits within the PAN, especially if the routing BIN also is truncated, is substantially more complicated and time consuming.

3. Truncating a small number of digits, when compared to the total number of digits in the PAN, reduces the effectiveness of the effort. It is possible to reconstruct a few missing digits by using a trial-and-error approach. 4. Truncating a greater number of digits, when compared to the total number