The Sydney Morning Herald has reported on another consumer security compromise that puts consumer data at risk. Thanks to our technology partnership with Tyro Payments, retailers using our Tyro integrated EFTPOS solution have a best of breed solution. Tyro explains this:
At Tyro we have designed, built and had PCI PA DSS certified (*) an integrated payment system that entirely removes all worry about sensitive card holder information ever being leaked onto a merchant’s network, let alone the POS system(s). This means, with respect to integrated (electronic) EFTPOS transactions both your POS and your merchants are exempt from requiring either PCI PA DSS certification or PCI self assessment. We have done all the heavy lifting for you.
In a Tyro integrated world, both the POS and EFTPOS devices communicate with each other securely (SSL) via Tyro’s data centre. The POS’s responsibly is simply to initiate a payment transaction, sending transaction type and amount to the EFTPOS terminal. The terminal collects the card holder account information, and securely transmits this information directly to Tyro for authorisation. An annotated response is then returned to the POS for receipt printing. This response contains no sensitive card holder information.
For a more complete description please download this document, and read Section 5 of the paper titled “Internet Payment Architecture“.
Using Tyro protects our customers against data breaches.