How To Make A Card Reader Secure And Reliable



Similar documents
Transaction Security. Only Magensa can authenticate the card. Stopping the use of counterfeit cards. PERIOD.

FOR A BARRIER-FREE PAYMENT PROCESSING SOLUTION

Flexible and secure. acceo tender retail. payment solution. tender-retail.acceo.com

FOR A BARRIER-FREE PAYMENT PROCESSING SOLUTION

QwickPAY User Guide - ios Mobile Merchant Powered by Magensa

PCI DSS FAQ. The twelve requirements of the PCI DSS are defined as follows:

QwickPAY User Guide - Android Mobile Merchant Powered by Magensa

QwickPAY User Guide - Virtual Terminal Mobile Merchant Powered by Magensa

Need to be PCI DSS compliant and reduce the risk of fraud?

Payment Power for Merchants

First Data takes you beyond with Terminals and Point-of-Sale (POS) solutions designed to support evolving customer payment preferences.

THE FIVE Ws OF EMV BY DAVE EWALD GLOBAL EMV CONSULTANT AND MANAGER DATACARD GROUP

WIRELESS - GPRS iwl250 POS SOLUTION

Business Applications

Increase Efficiency, Maximize Profits, and Secure Guest Confidence.

VERIFONE PAYWARE SOLUTIONS

RETAIL BANKING SOLUTIONS. Enhancing Your Customer s Branch Experience. Comprehensive Services Tailored for Retail Banks. Vault-Like Security

E2EE and PCI Compliancy. Martin Holloway VSP Sales Director VeriFone NEMEA

OpenEdge Research & Development Group April 2015

Heartland Secure. By: Michael English. A Heartland Payment Systems White Paper Executive Director, Product Development

Protecting Cardholder Data Throughout Your Enterprise While Reducing the Costs of PCI Compliance

EMV and Small Merchants:

EMV and Restaurants: What you need to know. Mike English. October Executive Director, Product Development Heartland Payment Systems

NCR Secure Pay FAQ Updated June 12, 2014

User Guide. Mobile Merchant and Virtual Terminal

Preparing for EMV chip card acceptance

Accept Credit Cards at Your Business

TREASURER S OFFICE ADMINISTRATIVE STANDARDS FOR THE TREASURER S FISCAL PROCEDURE No MERCHANT DEBIT AND CREDIT CARD RECEIPTS

SM-S200 SM-S300 SM-T300 3" 80mm rugged Mobile Printer with LCD display & WiFi version

PCI and EMV Compliance Checkup

Technical Team. FLY ON. Casio $79 Annual Warranty

How do you go beyond to

Desktop Terminals. UK Terminals and Monthly Lease Payments (VAT Excluded) Ingenico ICT250CC VAT per month. 48 month lease.

Payment terminals for your point of sale

Ingenico Wireless Solutions

Credit Card Processing Overview

Security & Encryption in Healthcare Payments PCI DSS Technical Assessment White Paper

How To Use Wineweb Point Of Sale With An Ipad Or Iphone Or Ipod With A Browser On A Pc Or Ipad On A Cell Phone Or Ipo On A Computer Or Ipd On A Tablet Or Ipot On A

Beginner s Guide to Point of Sale

a CyberSource solution Merchant Payment Solutions

Euronet Software Solutions ATM Management System Maintain and Expand Your Automated Service Offerings with a Secure, Flexible and Powerful Solution

The Comprehensive, Yet Concise Guide to Credit Card Processing

PAYMENT SECURITY. Best Practices

mpos Solution A: Visa, MasterCard and JCB are supported. Both Debit & Credit Cards which is supported by any of this Card Type can be accepted.

Mercury VirtualTerminal ios Application

Visa Recommended Practices for EMV Chip Implementation in the U.S.

CREDIT CARD PROCESSING GLOSSARY OF TERMS

Version 15.3 (October 2009)

User Guide: VirtualMerchant Mobile

SETUP GUIDE. Thank you for your purchase of Hamilton products! In this handy guide, you will discover: ADDITIONAL REQUIREMENTS SETUP HOW IT WORKS

mobile payment acceptance Solutions Visa security best practices version 3.0

Stronger(Security(and( Mobile'Payments'! Dramatically*Faster!and$ Cheaper'to'Implement"

Sage 100 ERP I White Paper. Payment Processing Trends, Tips, and Tricks: What You Need to Know

Frequently asked questions - Visa paywave

Future POS... Award winning software at your fingertips

OVERCOMING DATA SECURITY CHALLENGES IN RETAIL PETROLEUM

How to Select a Receipt Printer for Mobile POS

Payments Transformation - EMV comes to the US

Sage ERP MAS I White Paper. Payment Processing Trends, Tips, and Tricks: What You Need to Know

EMV EMV TABLE OF CONTENTS

a CyberSource solution Merchant Payment Solutions

Tokenization Amplified XiIntercept. The ultimate PCI DSS cost & scope reduction mechanism

Implementation Guide

MOBILE CHIP ELECTRONIC COMMERCE: ENABLING CREDIT CARD PAYMENT FOR MOBILE DEVICES

PAYMENT EXPRESS EFTPOS GETTING STARTED GUIDE. Version 0.1

welcome to liber8:payment

We believe First Data is well positioned to take advantage of all of these trends given the breadth of our solutions and our global operating

PCI PA - DSS. Point XSA Implementation Guide. Atos Worldline Banksys XENTA SA. Version 1.00

NCR CONNECTED PAYMENTS

How To Choose Moneris

Datawire Secure Transport Value Proposition

IBM and ACI Worldwide Providing comprehensive, end-to-end electronic payment solutions for retail banking

CardControl. Credit Card Processing 101. Overview. Contents

BEST-IN-CLASS MERCHANT SERVICES

EMV and Chip Cards Key Information On What This Is, How It Works and What It Means

Changing Consumer Purchasing Patterns. John Mayleben, CPP SVP, Technology and Product Development Michigan Retailers Association

InstaMed Payments with Encryption Payment Card Industry (PCI) Technical Assessment White Paper

Apple Pay. Frequently Asked Questions UK Launch

PayTrace, Inc. All Rights Reserved. Print R1, 8/2013. (888)

RSA SecurID Two-factor Authentication

Security Best Practices

First Data ISO Reseller Program. Build an independently operated business with outstanding long term income potential.

WHITEPAPER. Fraud Protection for Native Mobile Applications Benefits for Business Owners and End Users

The PASS Product Line Overview. The Next Payment Generation

Steps for staying PCI DSS compliant Visa Account Information Security Guide October 2009

Understanding the Value of Tokens

The Adoption of EMV Technology in the U.S. By Dave Ewald Global Industry Sales Consultant Datacard Group

Secure Payments Solution

Merchant Payment Solutions

Wayne EMV Solutions. Protect your business with a complete EMV Solution inside and out.

toast EMV in 2015: How Restaurants Can Prepare for the New Chip-and-Pin Standard

Transcription:

Secure Card Reader Authenticators

When it comes to card reading security and reliability Merchants, retailers and financial institutions rely on MagTek. Secure card reader authenticators (SCRAs) capture data with a single swipe and they offer the flexible options needed for PCI DSS compliance and ease-ofuse. MagneSafe SCRAs deliver data encryption, card authentication, and device/host authentication to protect cardholders from identity theft and card fraud. They proactively identify counterfeit cards and for the ultimate in application flexibility and interface options, MagTek SCRAs deliver the configuration choice you need with the reliability you know you can trust. MagTek means quality. 2

Secure Card Reader Authenticators (SCRAs) Dynamag Ergonomically designed, compact and is able to mount conveniently to most flat surfaces where space is a premium. idynamo Mobile merchants can now leverage the power of their Apple ios products without the worries of handling or storing sensitive card data at any time. BulleT Bluetooth interface and sleek ergonomic design, enables secure wireless communications with a PC or mobile phone. Flash Offer secure storage for fast, mobile transactions where cables or wireless connections are not accessible all in a handy ergonomic design. udynamo Connect a secure card reader authenticator to your mobile device through the headphone jack or USB connection for secure transactions. 3

Dynamag For retailers and financial institutions that want security, ergonomic design and ease-of-use, the Dynamag secure card reader authenticator (SCRA) is MagneSafe secured and offers a reliable and convenient swipe path with complete security features for the peace of mind you can trust. Specifically designed to meet PCI DSS requirements to secure card data, the Dynamag employs the industry standard, Triple DES encryption and is USB powered. This bidirectional SCRA conveniently makes any existing electronic transaction more secure. Benefits The Dynamag enables retailers and financial institutions to future proof their POS and PC-based electronic transactions that support today s traditional applications and tomorrow s advanced security requirements. The Dynamag is 100% interface compatible with all traditional MagTek readers. It gives you the flexibility to activate advanced security features including card authentication, data encryption, and device/host authentication remotely when higher security is necessary. Features Ergonomic design Industry standard footprint Protects card data per PCI DSS requirements MagnePrint card authentication MagneSafe technology Device/host authentication Unique, non-changeable device serial number Triple DES encryption DUKPT key management Tokenization Masked data Reads up to 3 tracks Bidirectional read Reads ANSI/ISO/AAMVA cards plus custom formats USB HID or USB keyboard emulation; no third party device driver is required USB powered Multicolor LED to indicate reader status 4

Small-footprint. USB Powered. Bidirectional. 5

idynamo Adapter kit available. Made for ipad 3, ipad 2, ipad, iphone 4S, iphone 4, iphone 3GS, and ipod touch 2nd, 3rd and 4th generation. idynamo From the company that leads with Security from the Inside MagTek has done it again with the idynamo, a secure card reader authenticator (SCRA) designed to work with Apple ios products. The idynamo offers MagneSafe TM security and delivers open standards encryption with simple, yet proven DUKPT key management, immediate tokenization of card data and MagnePrint card authentication to maximize data protection and prevent the use of counterfeit cards. Mobile merchants can now leverage the power of the ipad 3, ipad 2, ipad, iphone 4S, iphone 4, iphone 3GS, and ipod touch without the worries of handling or storing sensitive card data at any time. Benefits Ideal for merchants and mobile users, the idynamo offers MagneSafe security features combined with the power of iphone and ipod Touch products. This powerful combination assures convenience and cost savings while maximizing card data protection and transaction security from the moment the card is swiped all the way to authorization. No other card reader beats the protection offered by a MagneSafe product. Other devices claim to encrypt data in the reader. The idynamo encrypts the data inside the read head, closest to the magnetic stripe and offers additional security layers with immediate tokenization of card data and MagnePrint card authentication. This layered approach to security far exceeds the protection of encryption by itself, decreases the scope of PCI compliance, and reduces fraud. The idynamo is rugged and affordable, so it not only withstands real world use, it performs to the high standards set by MagTek as the leader in magnetic card reading products for nearly 40 years. Features Ergonomic and rugged design Protects card data per PCI DSS requirements MagnePrint card authentication MagneSafe security architecture Generates dynamic payment card data with each swipe Device/host authentication Unique, non-changeable serial number Time bound session IDs Triple DES encryption DUKPT key management Tokenization Masked data Reads up to 3 tracks Bidirectional read Reads ANSI/ISO/AAMVA cards plus custom formats Made for iphone 4S, iphone 4, iphone 3GS, ipad 3, ipad 2, ipad and ipod touch Made for ipod and Made for iphone and Made for ipad mean that an electronic accessory has been designed to connect specifically to ipod or iphone or ipad respectively, and has been certified by the developer to meet Apple performance standards. Apple is not responsible for the operation of this device or its compliance with safety and regulatory standards. iphone, ipod touch and ipad are trademarks of Apple Inc., registered in the U.S. and other countries. 6

Mobile. Rugged. Adaptable. 7

udynamo MagTek s udynamo provides universal connection options for its users. The udynamo secure card reader authenticator connects to a wide variety of devices through its retractable headphone jack. It also provides a USB interface for connection with various devices including Windows or Mac PCs, and is perfect for virtual terminals. The udynamo combines the latest technologies for reliable and secure mobile payments and identification. Benefits The udynamo SCRA allows merchants to make secure transactions while on-the-go using mobile devices and connecting through their mobile headphone jack or USB connections. The secure card reader authenticator uses the MagneSafe Security Architecture to protect cardholder data through instant dynamic encryption, tokenization and authentication. Features Adjustable stabilizer for a variety of devices Swipe path design yields highest read reliability on first pass Triple DES encryption sealed inside the head Derived Unique Key per Device and Transaction Remote configuration and key loading Headphone jack interface - digital output Retractable headphone jack USB interface (power and comm i/o) Track 1, 2 and 3 data Mutual device/host authentication Anti-skimming features Counterfeit detection - cards and devices Tamper resistant and evident enclosures Token generation (the card, the PAN and the transaction) Reads ANSI/ISO/AAMVA cards 8

Compact. Portable. Universal. 9

BulleT Security anywhere. With the BulleT secure card reader authenticator (SCRA) security comes with the flexibility and portability of a Bluetooth wireless interface. Small enough to fit into the palm of your hand, the BulleT enables secure wireless communications with a PC or mobile phone using the popular Bluetooth interface. Not only does the BulleT encrypt card data from the moment the card is swiped, but it also enables card authentication to immediately detect counterfeit or altered cards. Benefits Ideal for merchants and financial institutions mobile users, the BulleT offers MagneSafe security features with the convenience of a Bluetooth interface. This powerful combination assures card data protection, transaction security and convenience needed to secure mobile applications with strong encryption and the capability to implement two-factor authentication. The BulleT is specifically designed to leverage the existing magnetic stripe card as a secure token empowering cardholders with the freedom and confidence of knowing that their transactions are secure and protected anytime, anywhere. Features Bluetooth interface Handheld and wireless Protects card data per PCI DSS requirements MagnePrint card authentication MagneSafe technology Device/host authentication Unique, non-changeable device serial number Triple DES encryption DUKPT key management Tokenization Masked data Reads up to 3 tracks Bidirectional read Reads ANSI/ISO/AAMVA cards plus custom formats Rechargeable battery with 5-year life; standard USB cables to recharge; hundreds of card swipes between charges Range of up to 30 feet (10 meters) Multicolor LED to indicate reader status 10

Bluetooth. Portable. Secure. 11

Flash Secure transactions, anywhere, anytime. The Flash secure card reader authenticator (SCRA) offers faster mobile transactions. The Flash leverages the card swipe to securely capture and encrypt card data in advance at the point of service (pizza delivery, home cosmetic sales, etc.) and make that data available for secure, routine card processing. Benefits The Flash offers enhanced MagneSafe security features. The card data is not only captured in a single swipe, but is also encrypted at the moment of swipe. This enables dozens of transactions to be stored with a single reader. The encrypted information is later transferred to a PC, where an application can retrieve the transactions to reconcile orders, verify amounts, and process transactions. With security features that exceed current PCI DSS requirements for card data protection and transaction security, the Flash offers the convenience demanded by today s on-the-go users. Features Handheld and wireless Stores dozens of transactions Protects card data per PCI DSS requirements MagnePrint card authentication MagneSafe technology Device/host authentication Unique, non-changeable device serial number Triple DES encryption DUKPT key management Tokenization Masked data Reads up to 3 tracks Bidirectional read Reads ANSI/ISO/AAMVA cards plus custom formats USB HID no third party device driver is required Rechargeable battery with 5-year life; standard USB cables to recharge; hundreds of swipes per battery charge Multicolor LED to indicate reader status 12

Memory SCRA. Long Life Battery. Portable. 13

MagneSafe Security Architecture MagneSafe Security Architecture is a foundation you can build on. The MagneSafe Security Architecture (MSA) has evolved exponentially from its inception in 2006 when it delivered the industry s first Secure Card Reader Authenticators (SCRAs) for secure electronic transactions. The MSA is a digital identification and authentication architecture that safeguards consumers and their personal data. Designed to exceed PCI regulations, MSA leverages strong encryption, secure tokenization, counterfeit detection, tamper recognition, data relevance and integrity, and dynamic digital transaction signatures, which together validate and protect the entire transaction and each of its components. A key feature of the MSA is MagnePrint card authentication, a patented, proven technology which reliably identifies counterfeit credit cards, debit cards, gift cards, ATM cards and ID cards at the point of swipe, before fraud occurs. MSA s multi-layer security provides unmatched protection and flexibility for safer online transactions. Layers of Security Industry experts agree that a layered approach is the best approach for security and MagneSafe provides the layers necessary in one easy to implement, scalable solution. SCRAs provide true end-to-end encryption with the encryption occurring within the reader, along with tokenization formatting capabilities. Encryption and tokenization are preventive measures that help to protect cardholder data, at rest and in transit, and at various points through the payment infrastructure. Encryption and Tokenization however, do not protect cardholder data that exists outside of the network. Here data is widely available form other data capture venues such as pocket skimmers, unattended gas pumps, phishing and pharming sites, and telephone scammers. The multi-layer security of MagneSafe adds the unmatched protection both cardholders and relying parties require through sophisticated card, device and data authentication methods that assure a valid transaction. SCRAs deliver dynamic payment card data (digital identifiers of ID), and magnetic card stripe fingerprinting (MagnePrint) which provides counterfeit detection, counters skimming attempts and stops fraudulent transactions in real-time. No other security device in the market today is able to do everything that MagneSafe does in one easy to implement, scalable, cost-effective solution. MagneSafe SCRAs transform the existing magnetic stripe card into a highly secured payment and identification token with proven ability to identify counterfeit cards and prevent card fraud. Fraud Prevention It s now possible for card issuers to uniquely identify each physical card they send out by analyzing its magnetic signature. By recording this signature, and making it available to be reference checked by merchants at the same time they swipe for authorization, the cards and processes all stay the same, and only the counterfeit cards are declined. When a card-present transaction is submitted, the MagnePrint of the card read at the transaction point is transmitted along with the card and other transaction data. The MagnePrint risk management tool compares the transaction MagnePrint value to a reference MagnePrint value already present in the authorization database, calculates the degree of correspondence (the match value) between the two values, and makes a judgment about the card s authenticity based on all available transaction information, including the match value. During one test, a run of a million transactions with an acceptance threshold set at 0.5 resulted in a false accept rate of zero, that is all attempts to process fraudulent cards were thwarted, and the resulting false reject rate was only 0.027 percent. In comparing a given transaction MagnePrint value to its reference MagnePrint value, the scoring algorithm assigns a match value between zero (no match) and one (perfect match). The authorization methodology allows each relying party to select an acceptance threshold between zero and one for its transactions, or even to specify a threshold that varies according to the characteristics of the transaction (e.g., more stringent for higher-dollar transactions originating from a fraud prone merchant). 14

Evolution of Card Reading Technology MagneSafe SCRAs are characterized by their ability to: Read and encrypt cardholder data Generate a unique encryption key per swipe Mutually authenticate the reader and a legitimate host Manage time bound sessions Capture and transmit the dynamic digital identifiers Generate a unique token of the transaction Features Ideal for PCI 2.0 applications Triple DES Encryption DUKPT Key Management MagnePrint Card Authentication Secure Tokenization Device & Host Authentication MagnePrint technology Masked Data Unique, non-changeable device serial numbering PA-DSS Statement for Payment Applications The use of MagTek SCRAs and the Magensa Payment Protection Gateway (MPPG), when properly implemented, will dramatically reduce the scope of Requirements 1, 2 and 11 and provide additional scope reduction for requirements 3, 5, 6, 7, 9, 10, and 12. In order to take advantage of the reduced or eliminated PA-DSS scope that may be achieved by the combination of MagneSafe equipped SCRAs and the Magensa Payment Protection Gateway, the following conditions must also exist. 1. All card reading must be accomplished by the use of MagneSafe-enabled SCRAs. 2. No manually, keyed entered transactions are permitted through any application interfaces. Key entered PANs for card not present transactions must be entered on a MagTek (PCI PED 2.x compliant) IPAD or IPAD SC. 3. All transactions must be routed through the MPPG. 4. Neither the merchant nor the application provider possess or have access to the decryption keys used by the SCRAs to encrypt the cardholder data. 5. The SCRAs are set to Security level 3 or above. As with all Payment Applications, the final determination of applicability of PA-DSS should be performed by a qualified PA-QSA. MSR magnetic stripe reader SCR secure (encryption) card reader SCRA secure card reader authenticator Managed by Merchant Managed by the Reader Available only through MSA Read card data Transmit card data Encryption Tokenization Masked data Time-bound sessions Dynamic data generation Read MagnePrint Transmit stochastic encrypted data Mutual hardware/ host authentication Authenticate the card Managed by Merchant Managed by the Reader Available only through MSA Read card data Transmit card data Encryption within the reader Tokenization Masked data Time-bound sessions Dynamic data generation Read MagnePrint Transmit stochastic encrypted data Mutual hardware/ host authentication Authenticate the card Managed by MagneSafe Security Architecture (MSA) Read card data Transmit card data Encryption in the read head Tokenization Masked data Time-bound sessions Dynamic data generation Read MagnePrint Transmit stochastic encrypted data Mutual hardware/ host authentication Authenticate the card Real-time counterfeit detection Real-time counterfeit detection Real-time counterfeit card detection 15

About MagTek Since 1972, MagTek has been a leading manufacturer of electronic devices and systems for the reliable issuance, reading, transmission and security of cards, checks, PINs and other identification documents. Leading with innovation and engineering excellence, MagTek is known for quality and dependability. Its products include secure card reader authenticators, small document scanners, PIN pads and card personalization and issuance systems. These products are used worldwide by financial institutions, retailers, hotels, law enforcement agencies and other organizations to provide secure and efficient electronic payment and identification transactions. Today, MagTek continues to innovate with the development of a new generation of Protection Services secured by the MagneSafe Security Architecture. By leveraging strong encryption, secure tokenization, real-time authentication and dynamic transaction data, MagneSafe products enable users to assess and validate the trustworthiness of credentials used for online identification, payment processing and other high-value electronic transactions. MagTek is based in Seal Beach, California and has sales offices throughout the United States, Europe, and Asia, with independent distributors in over 40 countries. For more information, please visit www.magtek.com. MagTek Inc., 1710 Apollo Court, Seal Beach, CA 90740 p 562-546-6400 f 562-546-6301 800-788-6835 www.magtek.com Registered to ISO 9001:2008 Copyright 2013 MagTek, Inc. PN 99875460 Rev 5.03 1/13

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information