Pin Pads, Benefits of Pin Debit and New PCI DSS Rquirements

The acceptance of debit cards is a vital requirement for merchant success. 

Consider VISA's announcement in May of 2009 that for the first time in the company's history, the volume of debit payments surpassed that of credit cards.  Recession news continues to bolster this trend - whether it is due to the diminished availability of credit or a wise consumer approach - all the card networks are reporting healthy growth.

Merchants accept debit cards one of two ways - online - requires a pin pad (PED - pin entry device) or offline (requires a customer signature).  Unless the merchants primary sale or average ticket is less than $25 pin debit costs less than signature debit.

So let's talk pin pads which are an indisputable, worthwhile merchant investment given what you've just read.

Pin pads can be stand along devices - connected by cable directly to your credit card processing terminal and set up for easy customer access and interface or integrated within the credit card terminal itself.  The debit card is swiped through the pin pad and  a 4 digit pin is entered by the customer to authorize the transaction.  The transaction is processed through the ACH processing network and the merchant is funded immediately.  

Each pin pad has a unique encryption security code.  When the pin is entered the pin pad encrypts the number at the point of sale through to the bank, for verification and payment. 

Top pin based debit benefits -

  • Reduced Processing Fees
  • Fast settlement of funds
  • Fewer chargebacks - PIN based debits are not subject to chargebacks
  • Transactions cannot be downgraded - as they often are with credit card transactions that don't qualify for the best rates

If you already have a pin pad - you should be on alert that in July 2010 new VISA equipment compliance requirements will be in effect.  Is your equipment up to date? See the PCI Security Standards website list if you're not sure - your PED must be an exact match with the specs on the site.  If you have don't see your device listed, you have the wrong version or you have questions about whether your pin pad is meeting PCI DSS standards - don't wait until July - call XBS @800-347-1090.

PED security is a real issue.  It doesn't take much imagination to grasp the value of cardholder data combined with a debit PIN - the information would give thieves the ability to drain a bank account.  The technical savvy of today's criminal is mind boggling and apparently encryption cracking services and decoding ability has kept pace with security measures.

NOT ONLY does your POS PED need to be on the list - but VISA is further mandating an update of the PED with what's called TDES (triple data encryption standard)- a stronger, more robust encryption standard that serves to reduce further risk of theft of valuable cardholder data.   

Many recently deployed integrated PED's are TDES capable but still must have the TDES keys injected.  Older integrated PED's may not support the new standards and will have to be upgraded to more recent equipment, integrated or, possibly an external pin pad, with a TDES key injected prior to use/shipment.

Moral of the story?  Secure, pin based debit can increase your revenues and cash flow.

  • Start processing pin debit and lower your processing costs 
  • Ensure your current or new device meets all upcoming July 2010 VISA mandated security requirements and is PCI DSS compliant.


(couldn't resist!)


There are no comments yet.

Leave a Comment

XBS Global - Process Profitably.