274.8—Functional and technical EBT system requirements.
(a) Functional requirements.
The State agency shall ensure that the EBT system is capable of performing the following functional requirements prior to implementation:
(ii)
Permitting eligible households to select a personal identification number (PINs) at least four digits in length;
(iv)
Maintaining the master household issuance record file data and current authorization information;
(2) Providing food benefits to households.
(i)
Verifying the identity of authorized households or authorized household representatives at issuance terminals or POS;
(ii)
Verifying the PIN and/or PIN off-set, primary account number (PAN), terminal identification number and retailer identification number;
(iii)
Determining the sufficiency of the household's account balance in order to debit or credit household benefit accounts at the point of sale;
(3) Crediting retailers and financial institutions for redeemed benefits.
(i)
Verifying electronic transactions flowing to or from participating retailers' bank accounts;
(iv)
Providing balance information to retailers or third party processors from individual POS terminals, as needed;
(vi)
Preparing a daily tape in a National Automated Clearinghouse format or other process approved by FNS with information on benefits redeemed for each retailer and in summary;
(vii)
Transmitting the ACH tape to a financial institution for transmission through the ACH or other method approved by FNS;
(viii)
Transferring the information on the ACH tape or other process approved by FNS containing daily redemption activity of each retailer to the FNS Minneapolis Computer Support Center at least once weekly. Transmittal may be by tape, disc, remote job entry or other means acceptable to FNS.
(b) Performance and technical standards.
The State agency shall ensure that EBT systems comply with POS technical standards established by the American National Standards Institute (ANSI) or International Organization for Standardization (ISO) where applicable. This includes the draft EBT ISO 8583 Processor Interface Technical Specifications contained in the ANSI standards, which delineates a standard message format for retailers and third parties. In addition, the State agency shall ensure that the EBT system meets performance and technical standards in the areas of system processing speeds, system availability and reliability, system security, system ease-of-use, minimum card and terminal requirements, performance bonding, and a minimum transaction set. With prior written approval from FNS, the State agency may utilize the prevailing industry performance standards in its region in lieu of those identified in this section. The standards shall be included in all requests for proposals and contracts.
(1) System processing speeds.
(i)
For leased line systems, 98 percent of EBT transactions shall be processed within 10 seconds or less and all EBT transactions shall be processed within 15 seconds. Leased line systems rent telecommunications carriers specifically to connect to the central authorizing computer. For dial-up systems, 95 percent of the EBT transactions shall be processed within 15 seconds or less and all EBT transactions shall be processed within 20 seconds or less. Dial-up systems utilize existing telecommunications lines to dial up and connect to the central computer at the time of the transaction. Processing response time shall be measured at the POS terminal from the time the `enter' or `send' key is pressed to the receipt and display of authorization or disapproval information. Third party processors, as defined in paragraph (h)(5) of this section, shall be required by the State agency to comply with the same processing response times required of the primary processor.
(ii)
The EBT system shall provide re-ports, as determined by the State agency, that document transaction processing response time and the number and type of problematic transactions that could not be processed within the standard response time.
(2) System availability and reliability.
(i)
The EBT system central computer shall be available 99.9 percent of scheduled up-time, 24 hours a day, 7 days per week. Scheduled up-time shall mean the time the database is available for transactions excluding scheduled downtime for routine maintenance. The total system, including the system's central computer, any network or intermediate processing facilities and cardholder authorization processors, shall be available 98 percent of scheduled up-time, 24 hours per day, 7 days per week. Scheduled downtime for routine maintenance shall occur during non-peak transaction periods. State certification procedures shall determine whether intermediate processing facilities and cardholder authorization processors are capable of complying with system availability standards prescribed herein prior to permitting the interface with the central computer system.
(ii)
The system central computer shall permit no more than 2 inaccurate EBT transactions for every 10,000 EBT transactions processed. The transactions to be included in measuring system accuracy shall include all types of SNAP transactions permitted at POS terminals and processed through the host computer, manual transactions entered into the system, credits to household accounts, and funds transfers to retailer accounts.
(iii)
Reconciliation reports and other information regarding problematic transactions shall be made available to the State agency by the system operator, individual retailers, households or financial institutions as appropriate. Reports on problematic transactions, including inaccurate transactions shall be delineated by the source of the problem such as card failure, POS terminal failure, interruption of telecommunications, or other component failure. Errors shall be resolved in a timely manner.
(3) System security.
As an addition to or component of the Security Program required of Automated Data Processing systems prescribed under § 277.18(p) of this chapter, the State agency shall ensure that the following EBT security requirements are established:
(i)
Storage and control measures to control blank unissued EBT cards and PINs, and unused or spare POS devices;
(ii)
Measures to ensure communication access control. Communication controls shall include the transmission of transaction data and issuance information from POS terminals to work-stations and terminals at the data processing center. The following specific security measures shall be included, as appropriate, in the system design documentation, operating procedures or the State agency Security Program:
(A)
Computer hardware controls that ensure acceptance of data from authorized terminals only. These controls shall include the use of mechanisms such as retailer identification codes, terminal identifiers and user identification codes, and/or other mechanisms and procedures recognized by the industry;
(B)
Software controls, placed at either the terminal or central computer or both, that establish separate control files containing lists of authorized retailers, terminal identifying codes, and user access and identification codes. EBT system software controls shall include separate checks against the control files in order to validate each transaction prior to authorization and limiting the number of unsuccessful PIN attempts that can be made utilizing standard industry practices before the card is deactivated;
(C)
Communications network security that utilizes the Data Encryption Standard algorithm to encrypt the PIN, at a minimum, from the point of entry. Other security may include authentication codes and check-sum digits, in combination with data encoded on the magnetic stripe such as the PIN and/or PIN offset, to ensure data security during electronic transmission. Any of the network security measures may be utilized together or separately and may be applied at the terminal or central computer as indicated in the approved system design to ensure communications control;
(D)
Manual procedures that provide for secure access to the system with minimal risk to household or retailer accounts. Manual procedures may include the utilization of manager identification codes in obtaining telephonic authorization from the central computer system; requirements for separate entry with audio response unit verification and authorization number; and/or the utilization of 24 hour hotline telephone numbers to authorize transactions.
(A)
Message format checks for completeness of the message, correct order of data, existence of control characters, number and size of data fields and appropriate format standards as specified in the approved system design;
(B)
Range checks for acceptable date fields, number and valid account numbers, purchase and refund upper limitations in order to prevent and control damage to the system accounts;
(A)
Functions affecting an account balance are separated or dually controlled during processing and when requesting Federal reimbursement through a concentrator bank under the provisions of paragraph (i) of this section. These functions may include but are not limited to the set up of accounts, transmittal of funds to and from accounts, access to files to change account records, and transmittal of retailer deposits to the ACH network or other means approved by FNS for crediting retailer bank accounts;
(B)
Passwords, identity codes or other security procedures must be utilized by State agency or local personnel and at data processing centers;
(v)
A separate EBT security component shall be incorporated into the State agency Security Program for Automated Data Processing (ADP) systems where appropriate and as prescribed under § 277.18(p) of this chapter. The periodic risk analyses required by the Security Program shall address the following items specific to an EBT system:
(E)
Manipulation of retailers' accounts such as creation of false transactions or intrusion by unauthorized computer users;
(F)
Capability to monitor systematic abuses at POS terminals such as debits for a complete allotment, excessive manual issuances, and multiple manual transactions at the same time. Such monitoring may be accomplished through the use of exception reporting;
(G)
Tampering with information on the ACH tape or similar information utilized in a crediting method approved by FNS; and,
(H)
The availability of a complete audit trail. A complete audit trail shall, at a minimum, be able to provide a complete transaction history of each individual system activity that affects an account balance. The audit trail shall include the tracking of issuances from the Master File and Issuance File, network transactions from POS terminals to EBT central computer database and system file updates.
(vi)
The State agency shall incorporate the contingency plan approved by FNS into the Security Program.
(C)
Makes available clear and comprehensive account balance information with a minimum number of actions necessary;
(D)
Provides training and instructions for all system users especially those persons with disabilities;
(G)
Provides reasonable accommodation for the needs of households with disabilities in keeping with the Americans with Disabilities Act of 1990.
(ii)
In addition to the requirements of paragraph (h)(4)(i) of this section, the State agency shall ensure that retailers utilizing the EBT system:
(C)
Have available deposit information in a format readily comparable to information maintained in the store; and
(5) Minimum card requirements.
(i)
The address of the office where a card can be returned if found or no longer in use should be printed on the card.
(ii)
FNS reserves the right to require State agencies to place a Department logo on the EBT card and/or sleeves or jackets.
(iii)
EBT cards and/or sleeves or jackets shall not contain the name of any State or local official. EBT informational materials shall not indicate association with any political party or other political affiliation.
(iv)
State agencies may require the use of a photograph of one or more household members on the card. If the State agency does require the EBT cards to contain a photo, it must establish procedures to ensure that all appropriate household members or authorized representatives are able to access benefits from the account as necessary.
(i)
Balance information shall not be displayed on the screen of the POS terminal except for balance-only inquiry terminals;
(iii)
PIN encryption shall occur from the point of entry in a manner which prevents the unsecured transmission between any point in the system.
(7) Transaction receipts.
Households shall be provided printed receipts at the time of transaction. At a minimum this information shall:
(i)
State the date, merchant's name and location, transaction type, transaction amount and remaining balance for the SNAP account;
(ii)
Comply with the requirements of 12 CFR part 205 (Regulation E) in addition to the requirements of this section; and
(iii)
Identify the SNAP households member's account number (the PAN) using a truncated number or coded transaction number. The households' name shall not appear on the receipt except when a signature is required when utilizing a manual transaction voucher.
(8) Performance bonding.
The State agency may require a performance bond in accordance with § 277.8 of this chapter or utilize other contractual clauses it deems necessary to enforce the requirements of this section.
(9) Minimum transaction set.
At a minimum, the State agency shall ensure that the EBT system, including third party processors and retailers driving their own terminals, is capable of providing for authorizing or rejecting purchases, refunds or customer credits, voids or cancellations, key entered transactions, balance inquiries and settlement or close-out transactions. The system must be capable of completing this transaction set across State borders nationwide in accordance with standards specified in paragraph (h)(10) of this section.
(10) Interoperability.
State agencies must adopt uniform standards to facilitate interoperability and portability nationwide. The term “interoperability” means the EBT system must enable benefits issued in the form of an EBT card to be redeemed in any State. The term “portability” means the EBT system must enable benefits issued in the form of an EBT card to be used in any State by a household to purchase food at a retail food store or a wholesale food concern approved under the Food and Nutrition Act of 2008. The standards must include the following:
(i) EBT system connectivity.
State agencies are responsible for establishing telecommunications links, transaction switching facilities and any other arrangements with other State agencies necessary for the routing of interoperable transactions to such other State EBT authorization systems. State agencies are also responsible for facilitating the settlement of such interoperable transactions and the handling of adjustments. These connections need not be direct connections between State authorization systems but may be facilitated through agreements and linkages with other designated agents or third party processors. All State agencies must agree to the timing and disposition of disputes, error resolution, and adjustments in accordance with Department regulations at § 273.13(a) and § 273.15(k) of this chapter and paragraph (f) of this section. State agencies or their designated agents must draw funds from State SNAP accounts for SNAP benefits transacted by that State's SNAP recipients, regardless of where benefits were transacted.
(ii) Message format.
Each authorization system must use the ISO 8583 message format, modified for EBT, in a version mutually agreed to between the authorization agent and the party connected for all transactions. Each authorization system must process each financial transaction as a single message financial transaction, except for pre-authorized transactions and reversals, processed as paired transactions.
(iii) Card Primary Account Number (PAN) Requirements.
Track 2 on each card shall contain the PAN. Each Government entity must obtain an Issuer Identification Number (IIN) from the American Banker's Association (ABA). The IIN should be included as the first six digits of the PAN. The PAN must comply with ISO 7812, Identification Cards—Numbering System and Registration Procedures for Issuer Identifiers. Each State agency must be responsible for generating, updating, and distributing IIN files of all States to each retailer, processor, or acquirer that is directly connected to the State's authorization system. Each terminal operator that uses a routing table for routing acquired transactions must, within 7 calendar days of receiving an IIN routing table update, modify its routing tables to reflect the updated routing information.
(iv) Third Party Processor requirements.
Each Third Party Processor or terminal operator must have primary responsibility and liability for operating the telecommunications and processing system (including software and hardware) through which transactions initiated at POS terminals it owns, operates, controls or for which it has signed an agreement to accept EBT transactions, are processed and routed, directly or indirectly, to the appropriate State authorization system. Each terminal operator must maintain the necessary computer hardware and software to interface either directly with a State authorization system or with a third party service provider to obtain access to one or more State authorization systems. Each terminal operator must also establish a direct or indirect telecommunications connection for the routing of transactions to the State authorization system or to a processor directly or indirectly connected to the State authorization system.
(v) REDE File.
The State agency must ensure that their EBT system verifies FNS retailer numbers for all interstate transactions against the National REDE file of all FNS EBT retailers to validate these transactions.
(c) Concentrator bank responsibilities.
The concentrator bank shall be a Federally-insured financial institution or other entity acceptable to the Federal Reserve which has the capability to take retailer credits and/or debits, obtained from the EBT system operator, and transmit them to the ACH network operated by the Federal Reserve or through another process for crediting retailers approved by FNS. Transmittal shall be by tape or on-line in a format suitable for the ACH or as approved by FNS.
(i)
Preparing a daily ACH tape or other crediting process approved by FNS with information on benefits redeemed and creditable to each retailer;
(ii)
Transferring the ACH tape or other crediting process approved by FNS to the Federal Reserve or other entity approved by FNS;
(iii)
Initiating and accepting reimbursement from the appropriate U.S. Treasury account through the ASAP system or other payment process approved by FNS. At the option of FNS, the State agency may designate another entity as the initiator of reimbursement for SNAP redemptions provided the entity is acceptable to FNS and U.S. Treasury;
(2)
With the approval of FNS, another procedure, other than the ACH system, may be utilized to credit retailer accounts and/or debit FNS' account, if it meets the needs of FNS and the EBT system.
(3)
The State agency shall be liable for any errors in the creation of the ACH tape or its transmission. The State agency may transfer the liability associated with creation of the ACH tape, its transmission or another crediting process approved by FNS as appropriate to the EBT system operator or the concentrator bank. Appropriate system security administrative and operational procedures shall be instituted in accordance with paragraph (h)(3) of this section.
(d) Re-presentation.
The State agency shall ensure that a manual purchase system is available for use during times when the EBT system is inaccessible.
(1)
Under certain circumstances, when a manual transaction occurs due to the inaccessibility of the host computer and the transaction is rejected because insufficient funds are available in a household's account, the State agency may permit the re-presentation of the transaction during subsequent months. At the State agency's option, re-presentation may be permitted within the EBT system as follows:
(i)
Re-presentation of manual vouchers when there are insufficient funds in the EBT account to cover the manual transaction may be permitted only under the following circumstances:
(A)
The manual transaction occurred because the host computer was down and authorization was obtained by the retailer for the transaction; or
(ii)
Re-presentation of manual vouchers shall not be permitted when the EBT card, magnetic stripe, PIN pad, card reader, or POS terminal fails and telephone lines are operational. Manual transactions shall not be utilized to extend credit to a household via re-presentation when the household's account balance is insufficient to cover the planned purchase.
(iii)
The State agency may debit the benefit allotment of a household following the insufficient funds transaction in either of two ways:
(A)
Any amount which equals at least $10 or up to 10 percent of the transaction. This amount will be deducted monthly until the total balance owed is paid-in-full. State agencies may opt to re-present at a level that is less than the 10 percent maximum, however, this lesser amount must be applied to all households.
(B)
$50 in the first month and the greater of $10 or 10 percent of the allotment in subsequent months until the total balance owed is paid-in-full. If the monthly allotment is less than $50, the State shall debit the account for $10.
(2)
The State agency shall establish procedures for determining the validity of each re-presentation and subsequent procedures authorizing a debit from a household's monthly benefit allotment. The State agency may ask households to voluntarily pay the amount of a represented transaction or arrange for a faster schedule of payment than identified in paragraph (d)(1)(iii) of this section.
(3)
The State agency shall ensure that retailers provide notice to households at the time of the manual transaction that re-presentation may occur if there are insufficient benefits in the account to cover the transaction. The statement shall be printed on the paper voucher or on a separate sheet of paper. The State agency shall also provide notice to the household prior to the month when a benefit allotment is reduced when a re-presentation is necessary. Notice shall be provided to the household for each insufficient transaction that is to be re-presented in a future month. The notice shall be provided prior to the month it occurs and shall state the amount of the reduction in the benefit allotment.
(4)
The Department shall not accept liability under any circumstances for the overissuance of benefits due to the utilization of manual vouchers, including those situations when the host computer is inaccessible or telecommunications lines are not functioning. However, the State agency, in consultation with authorized retailers and with the mutual agreement of the State agency's vendor, if any, may accept liability for manual purchases within a specified dollar limit. Costs associated with liabilities accepted by the State agency shall not be reimbursable.
(5)
The State agency shall be strictly liable for manual transactions that result in excess deductions from a household's account.
(1)
State agencies may opt to allow retailers, at the retailer's own choice and liability, to perform store-and-forward transactions when the EBT system cannot be accessed for any reason. The retailer may forward the transaction to the host one time within 24 hours of when the system again becomes available. Should the 24-hour window cross into the beginning of a new benefit issuance period, retailers may draw against all available benefits in the account.
(2)
State agencies may also opt, in instances where there are insufficient funds to authorize an otherwise approvable store-and-forward transaction, to allow the retailer to collect the balance remaining in the client's account, in accordance with the requirements detailed in this section.
(i)
State Agencies may elect to allow store-and-forward to provide remaining balances to retailers as follows:
(A)
The EBT processor may provide partial approval of the store-and-forward transaction, crediting the retailer with the balance remaining in the account through a one-step process;
(B)
The transaction should be in accordance with the standard message format requirements for store and forward; and
(C)
Re-presentation, as described in paragraph (d) of this section, to obtain the uncollected balance from current or future months' benefits shall not be allowed for store-and-forward transactions.
(ii)
In States that elect not to give retailers the option described in this paragraph, all store-and-forward transactions with insufficient funds will be denied in full.