Many large merchants with complex POS systems choose to enable EMV using middleware that integrates their EMV card readers with their POS system. A well-designed middleware solution will isolate card data so that it never touches the POS. The POS (“selling system”) reaches out to the middleware with a request for payment, and then the middleware directs the actions of the EMV card reader through the completion of the transaction. If the combination of middleware plus EMV card readers (the “selling system”) are the only components ever touching card data, the POS is no longer a part of the payment transaction, offering significant PCI scope reduction.
This article explains differences in security and flexibility in selecting tokenization approaches.
It seems that all we are hearing about in the news are data breaches of some sort. Whether it’s personal information, like in the recent compromise of over 4 million Federal employees, or credit card information like last December with Target and other major retailers, data breaches leave all of us feeling a little more vulnerable.
If you follow the news, you know how many companies today are victims of security breaches. There’s one every week, it seems. Maybe you worry you’ll be next. But take a breath: while there’s no way to place your company completely out of the way of risk, there are a few helpful security areas you might be overlooking. Use these five factors to grade your payment processing security.