What is the consensus on the following:

On a payment switch (Interfacing to Banknet, Visanet, or a FDR) using an ISO8583 (http://en.wikipedia.org/wiki/ISO_8583) message format there are times when messages (Debit/EBT, reversals, completions, advises) need be be SAF'ed (Store and Forwarded'ed) to the endpoint - The specs from the associations and processors require field 35 (track II) and 45 (track 1) among others to be sent. (specs state that these must match the original request, and typically the MTI is the only filed that is changed)

There are instances when these advice transactions need to be sent - but cannot be sent real-time do to various reasons and do to the nature of Store and Forward processing.

Any comments on SAF? since it requires storing temporary at least, some of the prohibited data in order to operate ? I'm suspected that this data is stored to disk protected only prior to the completion of the authorization.

The temporary storage of such data for processing purposes is generally understood and accepted by the card brands. The main thing is to ensure that it is not kept any longer than necessary - determine the absolute minimum period of time the data is required for the business, and work from there.

I suggest you start a dialog with your card brands regarding this issue - you will probably find they have enountered this before, and can supply you with information on what must be done.

I'm suspected that this data is stored to disk protected only prior to the completion of the authorization.

When you speak to your acquirer, I would emphasize that you are retaining the data before the auth. As andrewj says and as we heard at the Community meeting in Toronto, storing these data pre-auth generally can be acceptable and will be unavoidable in a system outage situation.

Small update on this.

We recently recieved a notice that one payment processor is removing Field 35 or Track2 data, in advice messages, for Store-and-Forward.

Which is a good thing to see. They are using PAN and EXP instead of Track 2, and have updated our interaces to this endpoint sucessfully.

Another update on this (if you are from Australia) - there is a change being made to AS2805.2 to change the track 2 field from mandatory to optional in 04x0 messages. This should be released sometime this month.