VeriFone Systems Inc.’s new PIN-entry device authentication service adds another element of security by periodically monitoring PIN pads to ensure they are legitimate, the terminal maker announced May 25.
The service ties the unique manufacturer’s authentication key already built into VeriFone products to a specific point-of-sale location and periodically compares the identification data of the two against a database of preregistered devices to help identify “rogue” terminals, VeriFone says.
Criminals are increasing their investments in efforts to cash in on purloined account data and PINs and are targeting payment devices on all fronts, VeriFone says. In many cases, criminals have stolen payment terminals and PIN pads and replaced them with ones that capture sensitive cardholder data, the terminal maker says.
“If an anomaly is detected, retailers, processors and/or banks are notified so they can take action ranging from calling a merchant to verify a device (and updating the database) to shutting down the merchant ID until such time as the questionable equipment has been visually inspected or any other form of action deemed appropriate” is taken, a VeriFone spokesperson tells PaymentsSource. A merchant ID is the retailer’s unique identifier for accessing payment networks.
Merchants pay a per-transaction fee for the authentication service. The base price of compatible terminals is the same regardless of whether the new service is used, VeriFone says. The new service works with VeriFone’s VX, MX, SC5000 and Omni 3700 devices.
VeriFone would not say what a typical transaction fee would be. “There’s too much variability to quote a general price,” the spokesperson says. VeriFone will set pricing individually, he says.
Despite all of the security measures built in to modern point-of-sale terminals, the need for more security is unending, San Jose, Calif.-based VeriFone says.