kioware emv kiosk software


Are your kiosks PCI EMV-compliant?  Is your application PA-DSS certified?  Odds are against it. For PCI it’s easy to check just by going to the Validated Applications section on the PCI site. EMV introduces Level 1, Level 2 and then Level 3 certifications. Call them Mechanical, Firmware and Application.  There is also a listing of devices (emvco.com).

But I don’t want to do that — Let’s list out some of Why Nots — #1 it costs money to do. You’ll need a QSA and that could be $75K easy.  Someone like Coalfire/etc.  #2 it takes time.  Figure a year or a month depending. #3 It is inconvenient. It’s unnecessary regulation given our environment.  But it can come back to extract a heavy price in the future.


PCI SSC Participating Organization logo Participating Organization PCI Security Standards Council – The PCI Security Standards Council is an open global forum that is responsible for the ongoing development, enhancement, dissemination, and implementation of security standards for payment cardholder account data. The PCI Security Standards Council’s mission is to enhance payment account data security by driving education and awareness of the PCI Security Standards, which include the Data Security Standard (DSS), Payment Application Data Security Standard (PA-DSS), and PIN-Entry Device (PED) Requirements.


Useful Links

PCI EMV News Updates

PCI EMV Kiosk FAQ & Commentary

    • Q: So what about grandfathering devices like they do for ADA?  Can I delay?  A:  The only extensions that Visa/MC are making for the liability shift are for ATMs (2016) and fuel dispensers (2017) – all other merchants are open to the liability shift in 2015.
    • Q: What about someone like Redbox with thousands of machines with old credit card readers?  A:  Redbox may be looking at the cost of upgrading and comparing that against what they would be liable for after the “shift” – one guess is that the cost to upgrade would far outweigh the fraud on $1 payments.
    • Q: Are the banks going to charge me less for being EMV?  A:  One of the other dirty little secrets is that many banks are charging merchants EMV conversion fees to enable EMV acceptance at terminals. For some of the larger merchants, this alone would be some real money.
    • Q: So what costs am I looking at?  A:   The upgrade cost for these merchants would be – the equipment, field technician, software mods, PCI certification (yes – PCI is still required), bank setup fees, and all the other bits and pieces.

Here is a handy list of resources and devices.  Many thanks to KioskSimple for compiling and producing this. It’s a very good list…Editor

EMV Capable Card Readers, PIN Pads and Contactless Readers for Self-Service Kiosks

Ingenico kiosk EMV chip and PIN and contactless readerThe following is a list of EMV capable card readers, PIN pads and contactless card readers that are designed specifically for self-service environments like a kiosk.  As we’re beginning research and development on adding EMV capabilities to our US-based kiosk applications it makes sense to take inventory of the available EMV capable devices specifically designed for the self-service kiosk industry and weigh all of our options.  This is why I’m taking the time to assemble this list of EMV capable payment devices which will likely grow as the looming October 2015 EMV liability shift draws nearer.

Kiosk EMV chip and PIN

Ingenico iUP 250 + iUR 250

Ingenico makes the iSelf Series which includes EMV Chip and PIN devices designed specifically for self-service kiosk applications.  Combining iUP 250 & iUR 250 allows EMV Chip & PIN transactions in your kiosks while respecting PCi 3,x certification.

Ingenico iSelf-Series kiosk EMV chip and PIN

VeriFone UX 100 + UX 300

VeriFone makes the UX “Unattended Devices” for kiosks and other unattended environments.  PIN pad features LCD graphic screen that securely displays payment amount and engages customers through targeted messaging.

VeriFone Unattended Devices Kiosk EMV chip and PIN solutions

Kiosk EMV chip and contactless readers

IDTech ViVOpay Vend III

The ViVOpay Vend III contactless NFC, contact EMV, and magnetic stripe all-in-one payment device provides self-service kiosk operators with an integrated device that allows all three types of payment acceptance technologies.

IDTech ViVOpay kiosk EMV chip and contactless readers

MEI CASHFLOW® EasiChoice 4 in 1

With the EasiChoice bezel from MEI your self-service kiosks can accept any payment type the consumer has in their wallet: bills, coupons, magnetic stripe cards, NFC/contactless payments, and contactless EMV cards. MEI 4-in-1 kiosk EMV chip and contactless readers

Kiosk EMV contactless NFC card readers

Ingenico iUC 180

The Ingenico contactless reader focuses on contactless transaction only, the iiUC 180 is the ideal solution for small transactions, especially in the vending industry.

Ingenico iSelf-Series kiosk EMV contactless NFC card readers

VeriFone QX 700

The VeriFone QX 700 provides rapid transaction speeds for all card types, including public transportation, stored value and other value-added applications.

VeriFone QX 700 EMV contactless reader NFC

IDTech ViVOpay Kiosk II

The ViVOpay Kiosk II is a flexible stand-alone contactless reader comprised of a compact controller module and an RFID antenna module packaged individually giving equipment manufacturers flexibility to integrate contactless payment functionality with their host systems.

IDTech ViVOpay kiosk EMV contactless NFC card readers

Which EMV hardware should I buy for my kiosks so I don’t have to replace it in the next 3 years?

This is a good question that is discussed in the video of the 2014 CPI EMV technology panel below.  The answer boils down to personal preference.  CPI makes the point that just because a card reader is EMV capable doesn’t mean your entire solution will be EMV compliant.  Your entire solution needs to receive end-to-end EMV certification and according to MEI this has not happened in the US using the MEI 4-in-1 at the time this video was recorded.  I’m not here to recommend EMV hardware for your kiosks just to spell out the options, so watch the video for more information and form your own opinions.  We plan to add EMV support to KioskSimplekiosk software for Windows in 2015.


Thank You to our Contributors!
ADA Standards, HIPAA Standards, PCI Standards and more


  • Feb 2014 – NIST Framework for Cybersecurity – considered extension of HITECH and HIPAA requirements it lays out top down executive & enterprise view of cybersecurity. Close to BCP (Business Continuation Plan)

Kiosk Manufacturer