IMGCAP(1)]
Ingenico S.A., a France-based point-of-sale terminal maker, is reviewing emerging payment devices to assess their security, says Christopher Justice, managing director of Ingenico North America. A recent Ingenico analysis of payment-device security determined that as Payment Card Industry Security Standards Council requirements evolve, the security of some core components should be evaluated, Justice says. For example, payment processors are paying close attention to so-called "end-to-end" encryption, but terminal makers also have a role in ensuring sensitive transaction data remain encrypted throughout the payment cycle, Ingenico touts in a white paper. "End-to-end security also means that security is based on the fact the payment terminal cannot be tampered with at any stage in its lifetime," the white paper states. That requires payment-terminal makers to have some means of control over the product. And the payment-technology evaluation extends to the sales agent that sells a merchant account, Justice says. A payment terminal that operates on a mobile phone requires the same level of review as a terminal placed on a countertop, he says. "Anybody can run off at this point and create an app for [Apple] iPhone, but that does not necessarily mean it's safe and secure for your customer to secure their business information," Justice says.
