Category Archives: PCI Compliance Kiosk

PCI Compliance kiosk. It means different things to people. Are your kiosks PCI compliant? EMV compliant? Is your application PA-DSS certified? Odds are against it. For PCI it’s easy to check just by going to the Validated Applications section on the PCI site. EMV introduces Level 1, Level 2 and then Level 3 certifications. Call them Mechanical, Firmware and Application. There is also a listing of devices (emvco.com).

But I don’t want to do that — Let’s list out some of Why Nots –

it costs money to do. You’ll need a QSA and that could be $75K easy.

it takes time. Figure a year or a month depending.

It is inconvenient. It’s unnecessary regulation given our environment. But it can come back to extract a heavy price in the future.

All of my transactions are so small and so many that the liability factor is low for any significant fraud rate.
Table of Contents

PCI Kiosk Definitions

PCI Level 1 Compliance — The Payment Card Industry Data Security Standard (PCI DSS) defines defines a “Level 1” merchant as one that processes at least 1 million, 2.5 million, or 6 million transactions per year, depending on which credit cards the merchant accepts. It is the highest, and most stringent, of the PCI DSS levels. Visa, Mastercard, and Discover define Level 1 merchants as those processing more than 6 million credit card transactions annually.
How to Qualify — To comply with PCI DSS, Level 1 merchants and service providers must attain a yearly Report on Compliance from a Qualified Security Assessor (QSA) or Internal Security Assessor after an onsite audit. Those in levels 2, 3, and 4 may self-assess by filling out the PCI DSS Self-Assessment Questionnaire (SAQ) that the security standards council provides.
EMV Compliance – EMV compliance means that a business has upgraded their point-of-sale equipment to feature credit card readers that support EMV technology (chip). If a customer walks into the store and is asked to insert their credit card into the slot on the machine, that store is EMV compliant. If the only option is to swipe the card via the magnetic strip on the back, the store in question probably isn’t EMV compliant.

Is the device you are using Approved by PCI Security Standards Council? Here is PTS search.

Affiliations

PCI SSC Participating Organization logoParticipating Organization PCI Security Standards Council – The PCI Security Standards Council is an open global forum that is responsible for the ongoing development, enhancement, dissemination, and implementation of security standards for payment cardholder account data. The PCI Security Standards Council’s mission is to enhance payment account data security by driving education and awareness of the PCI Security Standards, which include the Data Security Standard (DSS), Payment Application Data Security Standard (PA-DSS), and PIN-Entry Device (PED) Requirements.

KIosk pci compliance isn’t enough

PCI Compliance for Kiosks PCI compliance is up — but it’s not enough to protect retailers from fraud. Source: nrfcom So you built an 8 foot wall guess what? somebody will build a 10 foot ladder. PCI Compliance for Kiosks Kiosks are becoming increasingly popular in a variety of industries, from retail to healthcare to hospitality. While kiosks… Read More »

New Sponsor – OTI EMV Kiosk Credit Card Readers

EMV Credit Card Readers Welcome to OTI aka On Track Innovations as new Sponsor Check out the standard credit card readers below. Here is OTI link Easy To Integrate EMV Cashless / Contactless Payment Solutions For Unattended Machines OTI’s cashless credit card readers include key certifications and allow unattended-market operators to accept credit cards and mobile payments including… Read More »

EMV Kiosk Payment Solutions by TEAMSable POS

TEAMSable Partners With Worldnet Payments To Provide EMV Payment Solutions to Merchants San Jose, California – March 30, 2020 – TEAMSable, premiere hardware manufacturer of complete Point-Of-Sale (POS) systems, and Worldnet Payments, a trusted leader in electronic payments and security technology, announced today that they have joined forces to provide a one-stop shop for businesses looking for EMV… Read More »

EMV Payment Kiosk hardware reference list 2014

Kiosk EMV Capable Card Readers, PIN Pads and Contactless Readers for Self-Service Kiosks Jan 2014 — The following is a list of EMV capable card readers, PIN pads and contactless card readers that are designed specifically for self-service environments like a kiosk.  As we’re beginning research and development on adding EMV capabilities to our US-based kiosk applications it makes sense to take inventory… Read More »

PCI Kiosk – What About PCI DSS 4.0?

PCI DSS Update From LinkedIn Pulse September 2023 Transition Period The updated timeline still includes a transition period for organizations to update from PCI DSS v3.2.1 to PCI DSS v4.0. To support this transition, PCI DSS v3.2.1 will remain active for 18 months once all PCI DSS v4.0 materials—that is, the standard, supporting documents (including SAQs, ROCs, and… Read More »

PCI Compliance Kiosks – CAT or Cardholder Activated Terminals FAQ

Cardholder Activated Terminals FAQ There are two primary classifications of Point of Sale Terminal Types: Attended and Unattended Payment Terminals are classified into two major types, depending on the situation: Attended Terminals A POS Transaction occurring at an attended POS Terminal is a face-to-face Transaction, since a Sales Person or Representative is present at the time of the… Read More »

PCI EMV Kiosk 2019? EMV Compliance Kiosk

PCI EMV Compliance Kiosk Update – Unattended The deadline for merchants to bring payment devices into compliance with EMV standards passed more than three years ago, but there are still non-compliant devices in the marketplace. A year ago, KioskIndustry.org published a piece looking at the state of adoption of Europay, Mastercard and Visa (EMV) requirements among kiosk deployers… Read More »

Credit Cards – PCI P2PE Validation – UCP

Unattended Card Payments Inc. KIF Now PCI P2PE Validation PRESS RELEASE  UPDATED: NOV 6, 2019 07:00 PST LAS VEGAS, November 6, 2019 (Newswire.com) – Unattended Card Payments Inc. (UCP), a leading Value Added Reseller of payment devices for self-service kiosks, announced today that its Key Injection Facility (KIF) located in Las Vegas, Nevada, has been validated for Point-to-Point Encryption (P2PE)… Read More »

Ingenico 8.6B Sale to Worldline – EMV Kiosk

Ingenico Acquired By Worldline From TechCrunch Feb03 — Some consolidation is afoot among the payments behemoths of Europe. Smaller, newer fintech companies are eating into their market dominance by adapting faster to changing spending habits, while also looking to capitalize on economies of scale.  [Thanks to Frank at Olea Kiosks] Today Worldline, a financial services company that provides everything… Read More »

EMV Kiosk – Free Ecommerce with NETePay Hosted – Datacapsystems

In response to COVID-19 related business shifts, Datacap is offering free eCommerce functionality with every NETePay Hosted install for the next 6 months to make transitioning to takeout and delivery-only easier for you and your merchants. During this unprecedented time, it’s more important than ever to be able to offer your merchants the ability to pair card-present payments… Read More »

Payment Technology – Contactless Card Reader Limited Time Promotion OTI & EVO

Retailers who offer contactless payments have a lot to gain. New research shows that nearly two thirds of consumers globally prefer shopping with merchants who accept contactless payments! Future-proof your income while lowering vending downtime, cash handling costs, theft and security concerns. Take TRIO-IQ, an intelligent, modular combo platform that works with all Payment options: QR Codes, custom app… Read More »

Text-to-Pay for Restaurants

Datacap and Dash Now enable Text-to-Pay (eCommerce transactions) alongside card-present payments for any Point of Sale via Datacap’s NETePay Hosted™ platform.  No hardware or mobile app required. Editor Note: This type of transaction is very common. Calling into order is likely the most common way of ordering.  We  order food regularly from restaurants and unless you are a loyal customer and… Read More »

PCI Kiosk Compliance Tips for COVID and Small Merchants by PCI SSC

Kiosk PCI Compliance Tips from PCI SSC July 2021 Update — See the updated KMA PCI EMV Credit Card Reader Update – includes a preview of v6 devices from Ingenico. We also have finalized 30×10 matrix of POS devices and specific capabilities and features. From PCI SSC –  The COVID-19 pandemic is quickly changing how many small merchants accept… Read More »

Unattended Card Payments next generation AMP 6500 EMV Android Smart terminal

AMP 6500 EMV Android Smart terminal We are excited to be working with AMP and adding the state of the art 6500 Android self-service device to our portfolio of products.” — Robert Chilcoat   A Weatherproof Android solution to drive clean & contactless unattended payments LAS VEGAS, NV, UNITED STATES, October 2020  — UCP Inc., a leading distributor… Read More »

Payment Card Theft via PoS Malware – Four more chains hit

Noted on Bleeping Computer Excerpt By Ionut Ilascu Hackers caused havoc at four restaurant chains in the U.S. over the summer after compromising their payment systems with malware that stole customers’ payment card information. In the last two days, McAlister’s Deli, Moe’s Southwest Grill, Schlotzsky’s, and Hy-Vee disclosed publicly that their networks were infected with point-of-sale malware copying… Read More »

Kiosk Manufacturer Association Joins PCI SSC as Participating Organization

BusinessWire — Westminster, CO, April 28, 2020 — The Kiosk Manufacturer Association (KMA), an organization focused on self-service, announced today that it has joined the PCI Security Standards Council (PCI SSC) as a new Participating Organization. KMA will work with the PCI SSC to help secure payment data worldwide through the ongoing development and adoption of the PCI… Read More »

PCI Compliance for Unattended Self-Service Kiosks Announcements

PCI Compliance for self service kiosks announcement on PRNewswire WESTMINSTER, Colo., Dec. 15, 2020 /PRNewswire/ — The Kiosk Manufacturer Association (KMA), the leading unattended self-service kiosk association established in 1995, today announced the launch of new initiatives in the PCI Compliance space for unattended self-service kiosks. Those initiatives include providing content for the PCI Perspectives Blog, creating a SIG or Special… Read More »