Conexxus

Retail Financial Transactions (RFT) Standards

Conexxus offers a broad depth of standards and specifications for the convenience store and retail fuels industry.  These standards improve profitability by reducing the cost of IT ownership as well as improve competitiveness.  Conexxus members at the Silver or Gold levels enjoy access to the full documentation and schemas for each standard.  This page provides information about the Retail Financial Transactions Committee Standards.  Click here to view available standards for other Conexxus Committees.

Members, please login to access standards.  To learn about Conexxus membership, click here.

Electronic Payment Server (EPS) 

The Conexxus Electronic Payment Server (EPS) specification, built from an early IFSF version, adds functionality necessary for the North American market to manage credit, debit, fleet, and loyalty card transaction processing from the POS to EPS.  The specification supports payment inside at a POS device and payment from an outdoor payment terminal, including unattended dispensers and car washes.  The PIN pad is no longer a device of the POS and the EPS can function as a standalone processor. The EPS's connection to one or more hosts or front-end processors (FEPs) segregates payment functionality within the EPS.  In addition, prompts presented to the customer are the same regardless of the POS. The specification also supports standardized messaging between a Point of Purchase (POP) terminal and the EPS.

The EPS specification separates payment from the other components of a fuel retailing site, such as a point of sale (POS) system or outdoor sales processor (OSP). Separating payment functionality eliminates the burden of maintaining network specific software on the POS, may reduce PCI scope, and may improve interoperability.  In addition, by using an EPS, making changes to POS software applications to add or modify features and functionality no longer require payment recertification.  Software in the EPS can be updated and downloaded independently from the POS and may not require a site visit, thereby potentially reducing cost and providing greater POS independence.  Card processing within the EPS is table driven and unique by merchant, which provides greater flexibility and card acceptance support.  The card table supports known debit, credit, prepaid and fleet card processing using multiple entry methods, including, but not limited to magnetic stripe, ICC, RFID, and keyboard entry.

Loyalty

The Conexxus Loyalty Specification describes a message set in XML format for a retail petroleum industry standard interface between a Site System (e.g. POS, EPS) and a Loyalty Host and provides guidance on its use. The message set is comprised of a series of request/response messages.  In all cases, the request message is sent from the Site System to the Loyalty Host, and the response message is sent from the Loyalty Host to the Site System.  The message transport can be any mechanism agreed to between the Site System vendor and the Loyalty Host vendor.  The Loyalty Host, which may be located at the retail location or offsite, may be stateless (i.e., any new message request within a transaction can be processed independent of any previous message) or stateful (i.e., the Loyalty Host retains information throughout the course of a transaction).   

The message specification supports various use cases and flows for loyalty transaction processing, including:

  • Fuel discounting
  • Line item or ticket level discounts
  • Earning and using loyalty rewards (points)
  • Prompting for customer preference and input
  • Tax information to meet local regulations
  • Receipt generation
  • Reporting period totals for reconciliation purposes.

Mobile Payments

The Conexxus Mobile Payment Specification provides a standard message interface between existing Site Systems (e.g., Point of Sale, Electronic Payment Server, Forecourt Device Controller) and a Mobile Payment Processing Application.  This enables transactions both in-store (with or without fuel) and forecourt purchases through a mobile device (e.g., smartphone, tablet, connected car).  It provides a solution for common use cases (e.g., pay for merchandise inside, pre-pay for fuel inside (with or without additional merchandise), pay at the pump, buy a car wash outside).  The Specification also supports loyalty functionality.

The Conexxus Mobile Payment Specification allows for site-level processing (i.e., using existing payment and/or loyalty rails) or above-site processing (i.e., the mobile payment processor interfaces directly with the payment and/or loyalty host).  In either case, the Specification provides messages into the Site Systems to control site specific functionality (e.g., pump authorization, car wash code generation).  To provide flexibility, the way payment and loyalty are processed may be different.  For example, loyalty may be processed above-site while payment is processed at site-level.  

Standard interfaces between mobile devices, mobile payment applications, and site equipment/networks foster innovation and promote interoperability for vendors and manufacturers.

Point to Point Encryption

The Conexxus P2P Specification guides petroleum convenience retailers and their associated vendors when implementing point-to-point encryption technology in conformance with ANSI X9.119-Part 1. This part of X9.119 defines minimum security requirements when employing encryption methods to protect sensitive payment card data. “Protection”, in this case, refers to maintaining the secrecy of the data from unauthorized disclosure.  It applies to protection of the data from the point of encryption to the point of decryption, wherever those points may be in a given system. The Conexxus Specification takes into account the need to support current business processes commonly found in the petroleum convenience industry for accepting a wide variety of cards, including proprietary cards, payment cards, fleet cards, local cards, loyalty cards, gift cards, and access cards.  It uses encryption to maintain the security of sensitive cardholder data, allows exposure of data necessary to fully process unique petroleum transactions, and minimizes the PCI DSS requirements through the use of a hardware Secure Cryptographic Device (SCD) which can be stand-alone or co-located in site system equipment.    The Specification provides:

  • Guidance for implementing “encryption at swipe”, focusing on the ability to complete specialty card transactions, with the introduction of a SCD.
  • Guidance and options for including the SCD in the site architecture.
  • Messaging between the POS/EPS/OSP & the SCD.
  • Guidance for development of an SCD using tables and indicator values to provide highly flexible business logic. 
  • Messaging for maintenance of the table information.

Conexxus Payment System Product Codes

From pay-at-the pump, to paperless transactions with vendors, to tracking consumer sales patterns through point-of-sale data, to not yet realized uses, technology promises greater business efficiencies for the convenience store and petroleum marketing industries.

Standards greatly facilitate the interoperability of technology applications.  The Conexxus Retail Financial Transactions Committee, originally part of the NACS Technology Standards Project and then the Petroleum Convenience Alliance for Technology Standards, generated this set of recommended product codes.  Subsequently, these Payment Product Codes were adopted as part of the X9 standard for terminal-to-host messaging (first TG-23 and later X9.104 Part 2). They have has been maintained sequentially by NACS, PCATS, and now Conexxus; Conexxus is the official Registration Authority, approved by ASC X9, Inc., to maintain these codes as part of X9.104.

These product code definitions are for use in electronic payment systems formats.  Industry specific category/subcategory definitions and descriptions proposed by the NACS Category Management Project are incorporated in the listings.  These codes define petroleum and merchandise products and services by assigning them a specific three-digit number.  Host payment systems, along with vendors, are encouraged to adapt their systems to utilize these codes so that standard product definitions are maximized for the benefit of all users.

Conexxus maintains this set of product codes and updates them as necessary.  In order to facilitate this maintenance and still provide maximum flexibility for individual vendors and networks to use these codes, two sets of undefined code categories exist.  The first is for the exclusive use of Conexxus in making future changes.  The second is for the proprietary use of the vendor community to add codes outside the adopted list.  Notwithstanding such private use opportunities, Conexxus encourages vendors to submit new generic product codes so that the list may reflect the most up-to-date codes in use throughout the industry and continue to achieve the goal of standard product definitions.

 

Click here to view available standards for other Conexxus Committees.

Members, please login to access standards.  To learn about Conexxus membership, click here.