Credit Card machine Pin Pad encryption?

[NicksPizza]

Anyone else out there having to upgrade a PIN pad for debit cards to meet a new super encryption requirement? Got a letter today from CC company and want to be sure the $55 unit cost is on the up and up.

 

[smeagol8]

I got that letter, too, but they said $150 per machine. And don’t worry about paying, we’ll just take it out of your bank account.

 

[NicksPizza]

Turns out it was a little sneaky. Had we just read the letter and sent off the pin pad we had (which they said was out of compliance), we would have been out an extra $35 we simply didn’t need to spend. Out equipment IS compliant with the standards, it just needs encryption . . . a $15 fee plus shipping to them, figure $5 or $6 bucks. I’ll bet most people just read it and send off the pad without lookig up the equipment on the internet. 10 minutes saved me $35 or so.

I hate that way of doing business. But, what are you gonna do until the contract comes up?

 

[SolutionsGal]

Effective June/2010, all PIN pads must meet the current PCI DSS encryption standards. Almost all Pin Pads out there now don’t meet those security requirements and most processing companies are trying to help by swapping out the pads. If your processor is asking for $65.00 which includes encryption and shipping, that is certainly fair. If they are asking more, it is time to pick up the phone and talk with your processing companies retention department. They certainly wouldn’t want to lose your business over the pin pad. IMO

 

[NicksPizza]

I appreciate the information Diana. I did find on some internet searches that the $55 for a used pinpad encrypted was a fair price. My one issue was with the letter my processor sent out that told me that my equipment was out of date and I had to send it in for a newer one. That was patently false in my case . . . . I checked the specs on my pad, and found it is compliant with the newest encryption, just needed programming. Processor didn’t mention the $15 encryption on units that are compliant, and that mine was one of them. When I called my processor, they looked at my account and found that they had my correct current equipment and that is was simply a matter of encryption.

I suspect many or busy people out there just ponied up the extra cash based on that less than correct letter (less that correct if they have good equipment just needing encryption). Not cheesy enough for me to leave them mid-contract, but enough to make me more wary.

 

[SolutionsGal]

Hey Nick,

You are right about the “deceptive nature” of the letters that are being sent out to merchants. I always advise merchants to make a call when something doesn’t seem quite right with a processor. It seems to me that some processors know that merchants are busy and don’t have the time to do their homework, but you have proven how 10 minutes makes a big difference in pocketbook, and in today’s economy, we can ill afford to take things at face value. Thanks for your timely tip for everyone.