Off-topic discussions about regional news, issues and politics. Pretty much everything goes here, but keep it polite: Flaming and spamming aren't welcome.
User avatar
User

John Hagan

{ RANK }

Foodie

Posts

1416

Joined

Wed Aug 29, 2007 6:38 pm

Location

SPENCER CO. Lake Wazzapamani

Re: card reader for phone questions

by John Hagan » Wed Feb 15, 2012 9:30 am

Thanks Jackie...great points. We do a annual self-assessment here at the store to be PCI compliant. Theres definitely a lot of conflicting info about square and other readers being compliant. It appears at the start Square was considered PCI compliant but is no longer so. And your right, its likely the little guy who is gonna get hit.
The tall one wants white toast, dry, with nothin' on it.
And the short one wants four whole fried chickens, and a Coke.
User avatar
User

Antonia L

{ RANK }

Foodie

Posts

880

Joined

Fri Sep 19, 2008 10:28 am

Location

Cherokee Triangle

Re: card reader for phone questions

by Antonia L » Fri Feb 17, 2012 3:16 pm

John Hagan wrote:While researching this I read an article about restaurants that were moving over to hand held card readers. This was due to customers being increasingly concerned with servers disappearing into the back room with card in hand and the ability to easily write down the three digit verification codes on the back of the cards.


Just about EVERY place in London uses these. Transaction done right in front of you - quick and safe, no chance for employee to take your card into the back room. Did I mention quick? They will be widely used here soon, no doubt.
User avatar
User

Jackie R.

{ RANK }

Foodie

Posts

1691

Joined

Tue Mar 06, 2007 3:48 pm

Location

Highlands

Re: card reader for phone questions

by Jackie R. » Fri Feb 17, 2012 9:55 pm

Antonia L wrote:
John Hagan wrote:While researching this I read an article about restaurants that were moving over to hand held card readers. This was due to customers being increasingly concerned with servers disappearing into the back room with card in hand and the ability to easily write down the three digit verification codes on the back of the cards.


Just about EVERY place in London uses these. Transaction done right in front of you - quick and safe, no chance for employee to take your card into the back room. Did I mention quick? They will be widely used here soon, no doubt.


Assuming you're talking about an integrated ordering and credit card processing system, I agree that we'll be seeing more of this here in the future. Something that was explained to me a couple of years ago is that typically software doesn't support modifications as well as what we're accustomed to in the US. Europeans have a much more "you'll have it our way" mentality, but it's just a matter of time before the developers work our customs into their market (in fact they already have, it's now just a matter of cost analysis and implementation). The restaurants definitely seem to want it.
User avatar
User

Antonia L

{ RANK }

Foodie

Posts

880

Joined

Fri Sep 19, 2008 10:28 am

Location

Cherokee Triangle

Re: card reader for phone questions

by Antonia L » Sat Feb 18, 2012 10:24 am

Jackie R. wrote:Assuming you're talking about an integrated ordering and credit card processing system


What I'm talking about are these little hand-held credit card terminals. When you present your credit card, they run it through the terminal right in front of you, it spits out a receipt, you add a tip (or not), sign it, and hand it back to them.
no avatar
User

Adam Robinson

{ RANK }

Foodie

Posts

277

Joined

Mon Aug 23, 2010 8:39 pm

Re: card reader for phone questions

by Adam Robinson » Tue Mar 20, 2012 1:19 am

Jackie R. wrote:Something you should definitely consider is PCI compliance, John. It's a monster, and the track data that transmits through your device is your liability. Hacker technology is nothing to scoff at and it could put you out of business if you're breached. Not to be a wet blanket, but weakly secured networks are the target and almost all viruses lay in waiting for a harvest of customer identity and credit card numbers. And it's usually the little guys that get hit because of the lack of awareness and prevention.


It should be noted when looking at this compliance, there are different levels for which you are responsible depending on the type of business you are, the amount of transactions you do, etc. While it is sensible to always protect your data, it is highly doubtful you will be under anything but Tier 4. As long as you are not retaining the data in an insecure location, you should have very little worries whatsoever vis-a-vis credit card processing through a good, known vendor.

Back to Jackie's point, though, it's a sensible point to make. The vast, vast majority of businesses, even ones with local consultants, leave themselves completely wide open. This is usually a function of resources, but sometimes one of ignorance. I would guess a script kiddie with even an ounce of intent could take down or otherwise severely damage most of the smaller businesses in our area. One who wasn't worried about going to jail most certainly could do so.

If you are storing credit card numbers or other pertinent data, please be sure to have at least one professional come in and audit your system, preferably yearly. Jackie is absolutely correct that one such breach can permanently destroy your brand, and, in some cases, take down your company forever. Too many businesses are lackadaisical when it comes to this, because they believe they are too small to be targeted, not realizing that the automated tools to hack businesses do not have require targeting, and that if you have a known vulnerability open to the internet, someone is eventually going to find it, whether they're trying to or not.
User avatar
User

Jackie R.

{ RANK }

Foodie

Posts

1691

Joined

Tue Mar 06, 2007 3:48 pm

Location

Highlands

Re: card reader for phone questions

by Jackie R. » Wed Mar 21, 2012 11:15 pm

Thanks for the acknowledgements, Adam. As for the Tier 4 merchant status, I totally get your point. It's not something that usually comes to mind for me, and it's notable that the transaction data is not stored locally in this example. But I've heard of malware that remains in a device (phone, ie) for a period of time to collect an "acceptable" amount of data that has been scanned or manually keyed on an unsecured device (and cell phones are definitely all unsecured) until it is considered a reasonable harvest. And as far as the bankers and secret service are concerned, no one is the wiser until the day the devil has done the deed, therefore leaving the merchant as the sacrificial lamb. I wish it weren't so ugly, but it is, and my knowledge of this has become one of my leading convictions to suck up rising prices on menus to cover the necessary expense of securing systems and networks.
User avatar
User

John Hagan

{ RANK }

Foodie

Posts

1416

Joined

Wed Aug 29, 2007 6:38 pm

Location

SPENCER CO. Lake Wazzapamani

Re: card reader for phone questions

by John Hagan » Thu Mar 22, 2012 8:36 am

Not sure if this is the best place to post, but it was of interest anyway. I recently had my card info stolen at the gas pump. I have a card I only use for gas as I get a nice percent cash back. I check my accounts every morning and noticed a couple of five dollar transactions at the same gas station. Then there were three transactions for 1.21 from the sports authority. Before I get a chance to call the card company they call me and ask me about my charge for 128,000 :shock: to the sports authority.
Im guessing that somebody hacked the gas pump or installed a reader of some sort in there. Also interesting, this was in the fairly small town of Taylorsville.
The tall one wants white toast, dry, with nothin' on it.
And the short one wants four whole fried chickens, and a Coke.
no avatar
User

Adam Robinson

{ RANK }

Foodie

Posts

277

Joined

Mon Aug 23, 2010 8:39 pm

Re: card reader for phone questions

by Adam Robinson » Thu Mar 22, 2012 11:54 am

John Hagan wrote:Not sure if this is the best place to post, but it was of interest anyway. I recently had my card info stolen at the gas pump. I have a card I only use for gas as I get a nice percent cash back. I check my accounts every morning and noticed a couple of five dollar transactions at the same gas station. Then there were three transactions for 1.21 from the sports authority. Before I get a chance to call the card company they call me and ask me about my charge for 128,000 :shock: to the sports authority.
Im guessing that somebody hacked the gas pump or installed a reader of some sort in there. Also interesting, this was in the fairly small town of Taylorsville.


Yep, it's really, really easy to do.

If you aren't afraid of the interwebs, I'd recommend hooking your cards up to Mint. It's very easy to see a full list of your charges and make sure nothing there is amiss.

My fiancee, and most of her local staff, had their cards stolen at a coffee shop recently from an installed skimmer. Mucho money began disappearing from checking. The bank actually didn't catch it at first. But it got resolved eventually.
Previous

Who is online

Users browsing this forum: Google [Bot] and 10 guests

Powered by phpBB ® | phpBB3 Style by KomiDesign