Secure Retail Payments Web Portal Brought to You by VeriFone
Secure Retail Payments Home Page Payment Security News Payment Security Resources Payment Security Products from VeriFone
Payment Security Links Contact VeriFone VeriFone Retail Payments Conference 2007 VeriFone Corporate Web Site
Products

For 25 years, VeriFone systems and solutions have delivered the speed, convenience and security of electronic payment to millions of businesses worldwide.

From card association mandates like PCI PED and EMV, to government regulatory guidelines like HIPAA, VeriFone solutions help simplify compliance so you can stay focused on running your business. We have the industry relationships to understand the implications that changes have for payment systems. We design solutions that offer clear migration paths to help our customers keep up with change with minimal effort and cost.

Examples of VeriFone’s leadership approach to security and mandates:

  • VeriFone’s Vx 670, Vx 570, and MX800 Series received PCI PED Approval from Visa and MasterCard.
  • VeriFone was the first vendor to release a complete line of Visa PED approved products prior to the January 2004 mandate to do so.
  • We offer system solutions and peripherals that support EMV standards, as well as Triple DES and PED.
  • Our PC and Enterprise payment software solutions were the first of their kind to be validated under Visa's new Payment Application Best Practices security audit, well ahead of the mandate do so.
  • VeriFone's PCCharge software was one of the first applications to be validated against Visa's Payment Application Best Practices (PABP), which is part of Visa's Cardholder Information Security Program (CISP) mandate. Mandated since June 2001, the CISP is intended to protect Visa cardholder data.
  • VeriFone's PCCharge products are the only payment processing software products on the market that have been certified by Microsoft to work with MS Windows.

Click one of the following links to view that product category:

Hardware Products

There are three categories of hardware payment solutions on the market today. Non-Approved devices, Visa PED approved devices and PCI PED approved devices. A description of these devices and a list of what VeriFone products have meet each standard follows.

Non-Approved Devices

Prior to 2004, there were only minimal standards governing the manufacture of PIN Entry devices. Primarily, the protection of the master keys, key encryption schemes and proper software operation of the device were the only things required. Validation of software requirements and tamper prevention and detection were left to the individual manufacturer. These devices are typically referred to as “non-approved” devices. This is precisely the category of device that was compromised by tampering in the incident announced this weekend. Current card association regulations require that these devices be removed from service by July 10, 2010. However, due to the risk of a tampering compromise, retailers may wish to consider replacing these devices sooner.

Non-Approved VeriFone Products

  • PIN Pad 100
  • PIN Pad 102
  • PIN Pad 1000
  • PIN Pad 2000
  • Everest
  • Omni 490
  • Nurit 202
  • Nurit 252
  • Nurit 272
  • Nurit 2085
  • Nurit 3000

 Visa PED Approved Devices

The second category of PIN pad or terminal device is the VISA PED approved device. All units sold after January 1, 2004 had to conform to VISA PED requirements However, this category of devices can not be sold after December 31, 2007. At this point in time any device manufactured to conform to VISA PED requirements does not have a sunset date. That is, there is no requirement that retailers remove them from service.

VISA PED VeriFone Approved Products

  • PINpad 1000SE
  • SC 5000
  • EverestPlus
  • Omni 3740
  • Omni 3750
  • Omni 7000
  • Omni 7100
  • Vx 510
  • Vx 610
  • Nurit 222
  • Nurit 292
  • Nurit 8000
  • Nurit 8100
  • Nurit 8320

 PCI PED Approved Devices

The final category of PIN pad or terminal devices is the PCI PED devices, which are the most secure and comply with current security standards. Only those products meeting PCI PED requirements may be purchased after December 31, 2007. The PCI PED standards were released two years ago, and VeriFone launched its first PCI PED approved product—the MX870—last year. During the course of 2007, VeriFone will release a complete range of PCI PED approved products.

PCI PED VeriFone Approved Products

* Pending

To validate this list of VeriFone products, or determine what category your competitive product meets, check the VISA PED Approved Devices website. If the product is not listed at all, it is an “unapproved product.” If the product is listed with a renewal date of December 31, 2007, then it is a VISA PED approved product. If the renewal date is December 31, 2014, then the product is PCI PED approved product.

Software Products

From payment and value-added applications, to back-end deployment, terminal management systems, and an integrated virus scanning engine, VeriFone has advanced software solutions to meet the specific needs of merchants, banks, issuers, and acquirers everywhere. We also offer a variety of application development tools for the development community.

VeriFone submits all of our payment products for Payment Application Best Practices (PABP) validation. The following VeriFone Software Products have been validated by a third party to meet the PABP.

Services Products

The following VeriFone Services can be used to help insure your compliance with payment security standards.

  • Secure Terminal Retirement - VeriFone offers a service to insure PIN pads are retired securely to prevent criminals from obtaining sensitive information, as well as devices to be used in tampering schemes. This service also offers an environmentally friendly method of recycling PIN pad components.
  • Terminal Security Audit - VeriFone is announcing a service to perform audits of PIN pads.  More details will be posted later this week.

VeriFone's VeriShield Protect