Bluefin patents technique to pinpoint compromised payment hardware
As the movement to adopt PCI-validated point-to-point encryption as a way to deter POS malware attacks spreads, Bluefin has patented a new process to identify compromised payment devices.
Atlanta-based Bluefin announced the issuance of a patent expanding its proprietary device-fingerprinting methods to validate transactions from individual payment devices with its P2PE technology, according to a recent press release.
When provisioned, Bluefin’s service stores a digital fingerprint of each payment device so that subsequent transactions from the device may be compared to the original to ensure its authenticity, according to the release.
In case a device has been compromised by malware, for example, Bluefin’s fingerprinting process can mark the device as malfunctioning and suspend processing until it’s researched and resolved, the release said.
“POS malware is the hacker-preferred attack vector in more than 90% of card data breaches which have been vexing merchants globally since 2013,” said Ruston Miles, Bluefin’s chief strategy officer, in the release.
P2PE penetration has been gradually expanding in sectors including retail, hospitality, health care and higher education, Bluefin noted in the release.