VPAS - VeriFone PED Authentication Service – Detects Presence of Rogue Devices Installed to Hijack Payment Data Information
SAN JOSE, Calif.--(BUSINESS WIRE)--VeriFone Systems, Inc. (NYSE: PAY), today announced a new layer of PIN entry device (PED) security designed to thwart criminal installation of compromised devices at retail locations. The VeriFone PED Authentication Service (VPAS) adds an exclusive layer of on-site security to monitor devices in use to ensure they are legitimate.
“Adherence to ever-changing security standards is the first line of defense, but VPAS augments that strategy with real-time compromise detection as a last line of defense.”
While today’s PCI-approved PED devices are significantly enhanced to resist attacks, criminals are taking advantage of often-mixed environments that incorporate differing levels of hardware security. Increasingly sophisticated attacks focus on stealing legitimate devices and replacing them on-site with seemingly identical but compromised systems that are equipped with electronic “bugs” or “skimmers” to capture data.
“No merchants are immune from these increasingly sophisticated criminal assaults that exploit the lengthy upgrade cycle from older, less secure devices,” said Paul Rasori, VeriFone senior vice president of marketing. “Adherence to ever-changing security standards is the first line of defense, but VPAS augments that strategy with real-time compromise detection as a last line of defense.”
The potential compromise of payment devices is an issue worldwide. Criminals are increasing their investments in efforts to cash in on purloined account data and PINs and are targeting payment devices on all fronts: at the network level, the device level, and the retail environment itself. An alarming number of recent PED compromises on older, yet still ‘compliant’ devices, demonstrates that retaining merchant and consumer trust requires efforts beyond minimal compliance to rules and requirements. By utilizing VPAS with established PIN pad security best practices, merchants and service providers are able to significantly upgrade their level of protection.
The VPAS service will initially be available with VeriFone’s VX Series, MX Series, SC 5000 and Omni 3700 series devices. These systems already feature a unique secret inserted at the time of manufacture - a Unique Manufacturers Authentication Key (UMAK) - that can bind each device to a physical location at the point of sale. Devices transmit their UMAKs at frequent intervals so that VPAS is able to detect installation of rogue devices.
VeriFone, the leader in payment security and founding member of the Secure POS Vendor Alliance, is the only payment solutions provider to offer this unique layer of security. Customer engagement services are available immediately.
Additional Resources:
verifone.com/vpas
Safe Harbor Statement under the Private Securities Litigation Reform Act of 1995 for VeriFone Holdings, Inc.
This press release includes certain forward-looking statements related to VeriFone Holdings, Inc. within the meaning of the Private Securities Litigation Reform Act of 1995. These statements are based on VeriFone management's current expectations or beliefs and are subject to uncertainty and changes in circumstances. Actual results may vary materially from those expressed or implied by the forward-looking statements herein due to changes in economic, business, competitive, technological and/or regulatory factors, and other risks and uncertainties affecting the operation of the business of VeriFone Holdings, Inc. These risks and uncertainties include: the VeriFone PED authentication service is a new service offering and its ability to successfully prevent payment device compromises is yet to be proven, the successful rollout and implementation of the PED authentication service, the implementation of the PED authentication service does not guarantee that third party criminal attacks will not occur or be successful, customers’ acceptance and adoption of VeriFone solutions and other new product and service offerings, our ability to protect against fraud, the status of our relationship with and condition of third parties upon whom we rely in the conduct of our business, our dependence on a limited number of customers, uncertainties related to the conduct of our business internationally, our dependence on a limited number of key employees, short product cycles, rapidly changing technologies and maintaining competitive leadership position with respect to our payment solution offerings. For a further list and description of such risks and uncertainties, see our filings with the Securities and Exchange Commission, including our annual report on Form 10-K and our quarterly reports on Form 10-Q. VeriFone is under no obligation to, and expressly disclaims any obligation to, update or alter its forward-looking statements, whether as a result of new information, future events, changes in assumptions or otherwise.
About VeriFone Systems, Inc. (www.verifone.com)
VeriFone Systems, Inc. (“VeriFone”) (NYSE: PAY) is the global leader in secure electronic payment solutions. VeriFone provides expertise, solutions and services that add value to the point of sale with merchant-operated, consumer-facing and self-service payment systems for the financial, retail, hospitality, petroleum, government and healthcare vertical markets. VeriFone solutions are designed to meet the needs of merchants, processors and acquirers in developed and emerging economies worldwide.
Contacts
Permalink: http://www.businesswire.com/news/home/20100525005728/en/VeriFone-Offers-Payment-Security-Monitoring-Service-Foil
0 comments