New Credit Card Security Requirements For Terminals And PINs
Last year's data breach at Target has increased awareness of credit card security and made many in our industry more open to the idea of EMV and chip card technology. This is especially true of small business owners. Though still hesitant to adopt EMV terminals and PIN pads, they're now more willing to learn all the benefits of the new technology. However, merchants should know that EMV is just one of numerous tools that can help make transactions more secure.
The Payment Card Industry Security Standards Council, which introduced PCI security standards, continuously updates their requirements to improve security, keep up with technology and stay one step ahead of fraud. This includes requiring that payment devices such as terminals and PIN pads keep up with new standards, as well as setting timelines for when manufacturers must stop making and selling older terminals because they can no longer meet these standards.
For devices that accept PINs, there are different versions of PCI requirements. The council has dictated that after April 30, devices using version one cannot be manufactured or sold. After April 30, devices must certify to version four, but devices that were already certified to version two can be manufactured and sold through April 2017.
Because of these requirements, certain terminals and PIN pads will not be able to be purchased after April 30, 2014, including:
- Equinox T4205
- Equinox T4210
- Equinox M4230
- Equinox T4220
- Equinox P1300 and S9 PIN Pads
- VeriFone Vx510 and 510LE
- VeriFone Vx570
- VeriFone Vx610
- VeriFone Vx670
Merchants will still be able to use these terminals, but new ones will not be able to be sold, nor will merchants be able to perform new PIN injections on the old terminals.
For more information on the new requirements or on credit card security in general, visit the PCI Security Standards Council's website.