POS Security Poodle Warning!
PCI Compliance is Coming Soon June 2018
SSL encryption is a standard encryption method used for decades. A vulnerability named POODLE has been detected within SSL and is no longer PCI compliant. POODLE (Padding Oracle On Downgraded Legacy Encryption) is a vulnerability in SSL that could allow a hacker to extract data from secure online connections.
Why should you care?
Well, there could be a loss of confidential data that allows an attacker to decrypt sensitive information on your systems.
According to the PCI Standards Council Blog, the Payment Card Industry Stands Council (PCI SSC) is extending the migration completion date to June 30, 2018, for transitioning from SSL AND TLS 1.0 to a secure version of TLS (currently v1.1 or higher).
The new date of June 2018 (with some deadlines as soon as this summer) offers additional time to migrate to more secure protocols, but waiting in not recommended.
The existence of the POODLE and Heartbleed exploits, among others, prove that anyone using SSL and before TLS risks a breach. To view the PCI Standard Council’s Q & A regarding compliance visit the PCI Standards Council Bulletin on migrating from SSL.
How Big is the POODLE SSL Vulnerability to POS Systems?
POODLE SSL Vulnerability Risk
So How Do You Keep Your POS System Secure?
Once the deadline is up, the credit card processing functionality of any non-compliant equipment will cease. This is an industry-wide requirement. Most legacy POS systems are vulnerable and will need to be upgraded before the deadline.
To remain PCI compliant, merchants, in some cases, will need to update software, operating systems, and/or hardware. Merchants who refuse to upgrade their system will not be able to process credit cards once the deadline is met.
Prismpay has gotten out ahead of the potential POODLE SSL vulnerability disruption and is fully PCI compliant, but most POS companies are just starting to become aware of this issue and it is likely that many of them will be severely impacted in the months to come.
For more information about the POODLE SSL vulnerability or PCI compliance with your POS system, contact us.
Prismpay is Secure and PCI Compliant
It’s time to protect your business with Prismpay, a PCI compliant POS solution. Visit Prismpay to learn more about our products and services or feel free to learn more here about Point of Sale Security.
If You Have an older POS Unit
Call us, We can Help You!
Contact us Now or Call Us Now at 855-204-3838 and see how we can help you! Do it Now!