PAX
is one of the biggest payment processing device manufacturers in the
world. You use one of their devices in your store to process customer
payments.
Yesterday a news story
came out about the FBI raiding PAX’s Florida offices due to a security
issue with their payment terminals. It is early in this process but
it’s critical to share what we know about the situation.
It appears that the security issue relates to a type of problem called DDOS. This is where a device or computer becomes compromised and can be used to overwhelm another target with traffic.
There
are millions of PAX payment terminals out there and if a hacker had
control over them all, which they likely do not, they could do something
like tell all the devices to visit a specific website a bunch of times -
all at once, overwhelming the site with traffic and bringing it down.
As of this communication, there have been ZERO statements indicating that these devices are unsafe to process customer payments.
No one from the Payment Card Industry, any Payment processors, nor the
FBI have said that these devices need to be stopped from processing
payments. You may continue to use the device until further notice.
As a reminder, the hardware devices you are using have been thoroughly tested and certified PCI compliant by 3rd party security companies.
Based
on the limited information we do have, we believe there is a good
chance that the problem is limited to a specific payment processor.
If
true, the problem as far as it impacts you from a technical level,
could be fairly benign. If the news becomes a national headline story,
regardless of what is real and what is not, it will impact the
perception of your customers. We are thinking about this as well.
Again,
it is early in the process. We are attentively tracking the situation,
consider it the highest priority, and are ready for action. We will
keep you posted. Please standby.
No comments:
Post a Comment