Secure card reader authentication for iPhone
Posted on 14 April 2010.
When Square announced their iPhone card reader and (much to my bemusement) the media went into a frenzy, we dusted off our 5+ year old technology and reintroduced CircleSwipe, pictured below.
Without a PIN Pad, it doesn't provide the same level of security as our SLIM device. (which also hooks into the earjack of any smart phone) However, one feature should be noted with CircleSwipe. It 3DES Encrypts the Track 2 data at the maghead (when the card is swiped) providing an exponentially more secure platform than devices which utilize SSL encryption. Of course, our SLIM device incorporates our PCI 2.1 certified technology with it's built-in PIN Pad using Derived Unique Key Per Transaction end to end encryption. (from the moment the PIN is entered all the way to Visa/Mastercard) There is NO safer way to conduct a dually authenticated financial transaction on the web...or on the mobile...than swiping your card and entering your PIN.
So, now that you have your choice of about (at last count) 6 iPhone Card Readers, remember that there is only one that provides dual authentication with a built-in PIN Pad which also happens to be the only one with PCI 2.1 Certified PED technology. That one would be HomeATM.
HomeATM's CircleSwipe iPhone Card Reader Encrypts the Track 2 Data |
MagTek launched iDynamo, a secure card reader authenticator, specifically designed to interface with card present payment applications made for the iPad, iPhone 3G and 3GS, and iPod Touch.
iDynamo is available to end-users who want to process payments from their phone as part of its MagneSafe integrated solution to fully encrypt and protect cardholder data at the earliest point of entry—when the card is swiped.
Additional capabilities allow the iDynamo to generate dynamic payment card data using the existing magnetic stripe cards. This dynamic data offers a robust solution for the immediate tokenization or substitution of sensitive card data, thereby removing it from the merchant’s systems while further allowing the card to be authenticated in real-time to ensure it is not a fraudulent or skimmed card.
John Arato, VP of MagTek’s retail business unit said: "As fraud continues to be an issue for the payment industry, we recognize our customers need products that will help them to mitigate their risk and comply with the PCI Data Security Standards while making the solution affordable for any size merchant."