Category Archives: PCI Compliance Kiosk

PCI Compliance kiosk. It means different things to people. Are your kiosks PCI compliant? EMV compliant? Is your application PA-DSS certified? Odds are against it. For PCI it’s easy to check just by going to the Validated Applications section on the PCI site. EMV introduces Level 1, Level 2 and then Level 3 certifications. Call them Mechanical, Firmware and Application. There is also a listing of devices (emvco.com).

But I don’t want to do that — Let’s list out some of Why Nots –

it costs money to do. You’ll need a QSA and that could be $75K easy.

it takes time. Figure a year or a month depending.

It is inconvenient. It’s unnecessary regulation given our environment. But it can come back to extract a heavy price in the future.

All of my transactions are so small and so many that the liability factor is low for any significant fraud rate.
Table of Contents

PCI Kiosk Definitions

PCI Level 1 Compliance — The Payment Card Industry Data Security Standard (PCI DSS) defines defines a “Level 1” merchant as one that processes at least 1 million, 2.5 million, or 6 million transactions per year, depending on which credit cards the merchant accepts. It is the highest, and most stringent, of the PCI DSS levels. Visa, Mastercard, and Discover define Level 1 merchants as those processing more than 6 million credit card transactions annually.
How to Qualify — To comply with PCI DSS, Level 1 merchants and service providers must attain a yearly Report on Compliance from a Qualified Security Assessor (QSA) or Internal Security Assessor after an onsite audit. Those in levels 2, 3, and 4 may self-assess by filling out the PCI DSS Self-Assessment Questionnaire (SAQ) that the security standards council provides.
EMV Compliance – EMV compliance means that a business has upgraded their point-of-sale equipment to feature credit card readers that support EMV technology (chip). If a customer walks into the store and is asked to insert their credit card into the slot on the machine, that store is EMV compliant. If the only option is to swipe the card via the magnetic strip on the back, the store in question probably isn’t EMV compliant.

Is the device you are using Approved by PCI Security Standards Council? Here is PTS search.

Affiliations

PCI SSC Participating Organization logoParticipating Organization PCI Security Standards Council – The PCI Security Standards Council is an open global forum that is responsible for the ongoing development, enhancement, dissemination, and implementation of security standards for payment cardholder account data. The PCI Security Standards Council’s mission is to enhance payment account data security by driving education and awareness of the PCI Security Standards, which include the Data Security Standard (DSS), Payment Application Data Security Standard (PA-DSS), and PIN-Entry Device (PED) Requirements.

PCI Compliance Kiosk vs EMV Compliance Kiosk

PCI Compliance vs EMV Compliance What’s the difference between PCI compliance kiosk and EMV compliance kiosk?  The short answer is they’re both guidelines for protecting cardholder data for the purpose preventing fraud, but they focus on different elements of the credit card transaction. “To clarify it even further and more simply, PCI is about making sure the card… Read More »

PCI Compliance for Unattended Self-Service Kiosks Announcements

PCI Compliance for self service kiosks announcement on PRNewswire WESTMINSTER, Colo., Dec. 15, 2020 /PRNewswire/ — The Kiosk Manufacturer Association (KMA), the leading unattended self-service kiosk association established in 1995, today announced the launch of new initiatives in the PCI Compliance space for unattended self-service kiosks. Those initiatives include providing content for the PCI Perspectives Blog, creating a SIG or Special… Read More »

Text-to-Pay for Restaurants

Datacap and Dash Now enable Text-to-Pay (eCommerce transactions) alongside card-present payments for any Point of Sale via Datacap’s NETePay Hosted™ platform.  No hardware or mobile app required. Editor Note: This type of transaction is very common. Calling into order is likely the most common way of ordering.  We  order food regularly from restaurants and unless you are a loyal customer and… Read More »

Payment Technology – Contactless Card Reader Limited Time Promotion OTI & EVO

Retailers who offer contactless payments have a lot to gain. New research shows that nearly two thirds of consumers globally prefer shopping with merchants who accept contactless payments! Future-proof your income while lowering vending downtime, cash handling costs, theft and security concerns. Take TRIO-IQ, an intelligent, modular combo platform that works with all Payment options: QR Codes, custom app… Read More »

PCI Compliance Tips for COVID and Small Merchants by PCI SSC

PCI Compliance Tips from PCI SSC From PCI SSC –  The COVID-19 pandemic is quickly changing how many small merchants accept payments. Merchants that previously only had brick-and-mortar locations are moving to accept e-commerce and over-the-phone transactions. PCI Security Standards Council shares key considerations to help small merchants keep their customers’ payment data secure in this rapidly changing… Read More »

New Sponsor – OTI EMV Credit Card Readers

EMV Credit Card Readers Welcome to OTI aka On Track Innovations as new Sponsor Check out the standard credit card readers below. Here is OTI link Easy To Integrate EMV Cashless / Contactless Payment Solutions For Unattended Machines OTI’s cashless credit card readers include key certifications and allow unattended-market operators to accept credit cards and mobile payments including… Read More »

Unattended Card Payments next generation self-service customer experiences with AMP 6500 EMV Android Smart terminal

AMP 6500 EMV Android Smart terminal We are excited to be working with AMP and adding the state of the art 6500 Android self-service device to our portfolio of products.” — Robert Chilcoat   A Weatherproof Android solution to drive clean & contactless unattended payments LAS VEGAS, NV, UNITED STATES, October 2020  — UCP Inc., a leading distributor… Read More »

Kiosk Manufacturer Association Joins PCI SSC as Participating Organization

BusinessWire — Westminster, CO, April 28, 2020 — The Kiosk Manufacturer Association (KMA), an organization focused on self-service, announced today that it has joined the PCI Security Standards Council (PCI SSC) as a new Participating Organization. KMA will work with the PCI SSC to help secure payment data worldwide through the ongoing development and adoption of the PCI… Read More »

EMV Payment Solutions by TEAMSable POS

TEAMSable Partners With Worldnet Payments To Provide EMV Payment Solutions to Merchants San Jose, California – March 30, 2020 – TEAMSable, premiere hardware manufacturer of complete Point-Of-Sale (POS) systems, and Worldnet Payments, a trusted leader in electronic payments and security technology, announced today that they have joined forces to provide a one-stop shop for businesses looking for EMV… Read More »

Free Ecommerce with NETePay Hosted – Datacapsystems

In response to COVID-19 related business shifts, Datacap is offering free eCommerce functionality with every NETePay Hosted install for the next 6 months to make transitioning to takeout and delivery-only easier for you and your merchants. During this unprecedented time, it’s more important than ever to be able to offer your merchants the ability to pair card-present payments… Read More »

Ingenico 8.6B Sale to Worldline

Ingenico Acquired By Worldline From TechCrunch Feb03 — Some consolidation is afoot among the payments behemoths of Europe. Smaller, newer fintech companies are eating into their market dominance by adapting faster to changing spending habits, while also looking to capitalize on economies of scale.  [Thanks to Frank at Olea Kiosks] Today Worldline, a financial services company that provides everything… Read More »

Where is PCI EMV for Kiosks in 2019? An PCI EMV Update

PCI EMV Update – Unattended The deadline for merchants to bring payment devices into compliance with EMV standards passed more than three years ago, but there are still non-compliant devices in the marketplace. A year ago, KioskIndustry.org published a piece looking at the state of adoption of Europay, Mastercard and Visa (EMV) requirements among kiosk deployers in 2018.… Read More »

Contactless Card Double Tap

Noted on DailyMail A security loophole is allowing fraudsters to break the £30 spending limit for contactless bank cards. Banks and retailers are allowing customers to cover a single bill of more than £60 by making several ‘tap-and-go’ payments of £30 each. Experts have warned this is making it easy for criminals to make more expensive purchases on… Read More »

Payment Card Theft via PoS Malware – Four more chains hit

Noted on Bleeping Computer Excerpt By Ionut Ilascu Hackers caused havoc at four restaurant chains in the U.S. over the summer after compromising their payment systems with malware that stole customers’ payment card information. In the last two days, McAlister’s Deli, Moe’s Southwest Grill, Schlotzsky’s, and Hy-Vee disclosed publicly that their networks were infected with point-of-sale malware copying… Read More »

Credit Cards – PCI P2PE Validation – UCP

Unattended Card Payments Inc. KIF Now PCI P2PE Validation PRESS RELEASE  UPDATED: NOV 6, 2019 07:00 PST LAS VEGAS, November 6, 2019 (Newswire.com) – Unattended Card Payments Inc. (UCP), a leading Value Added Reseller of payment devices for self-service kiosks, announced today that its Key Injection Facility (KIF) located in Las Vegas, Nevada, has been validated for Point-to-Point Encryption (P2PE)… Read More »