This article details prerequisites for exports of merchant data to a 3rd party. The 3rd party is designated by the merchant.
For the merchant's reference, the client data transfer request form is attached. The form, with option #3 selected, must be completed and returned to email@example.com by the signer of the merchant application. A support ticket will be created automatically and the requester can use it to relay information received from the designated 3rd-party.
From the designated 3rd-party
1. Legal business name and address. With this information, an indemnification agreement will be drafted by the Forte/CSG legal department. A Word version of the agreement will be provided to propose, if needed, red-line edits.
2. Signed Indemnification agreement, from above. Upon Forte/CSG approval, a countersigned agreement will be returned.
3. Name, email, and phone of 3rd-party contact assigned to the data migration project.
4. Public PGP key
5. Valid Attestation of PCI Compliance (PCI-AOC, or suitable documentation)
6. If data delivery will be completed through email, provide the recipient's email. The recipient's email must be registered to the legal business from requirement #1.
7. If data delivery will be completed through an upload to the 3rd-party's secure FTP server, provide connection details and login information.