3DES, PED and PCI-DSS: Spelling It All Out
While the July 1, 2010 deadline for compliance with the latest additions to the Payment Card Industry Data Security Standard (PCI-DSS) has obviously passed, some retailers and restaurateurs are still scratching their heads over how to ensure that they’re really following the rules. Here’s a crash course.
Under the newest regulations set forth in the PCI-DSS, retailers and restaurateurs must adhere to what is known as the PCI Pin Entry Device (PED) standard. To toe the mark, they can only use PIN pads that meet the Triple Data Encryption Standard (TDES) and, as such, incorporate TDES (aka 3DES) encryption keys. TDES encrypts PIN data multiple times in the keypad and is therefore very difficult for hackers to crack. Any PIN entry device that has not been certified under the PCI PIN Transaction Security (PCI PTS) program or the older Visa PED program must be removed from service.
One of the first companies of its kind to offer PCI-compliant point of sale solutions, pcAmerica has upgraded its PA-DSS-certified Cash Register Express retail point of sale and Restaurant Pro Express restaurant point of sale software to satisfy requirements set forth in the latest PCI standards. Version 12.5 of both solutions, released on September 13, 2010, satisfy these standards with new support for now-mandated 3DES pinpad encryption. Like its predecessor, Version 12.0, Version 12.5 also ensures secure processing of credit and debit card transactions with tokenization technology. Moreover, pcAmerica goes beyond enabling PCI compliance by supporting such innovative technology as encrypted magnetic stripe readers that encrypt data before it enters the POS system.
pcAmerica can help you meet PCI compliance regulations and avoid problems in the future. For more information, visit www.pcamerica.com.
Posted: October 20th, 2010 under Point of Sale, POS, POS Hardware, POS System, Restaurant POS System, Retail POS System.
Comments: none