New credit card security standards – the facts
Date: 30 August 2005 – For Immediate Release
New credit card security standards – the facts
EFTPOS New Zealand, the country’s largest EFTPOS terminal supply company, is reassuring merchants that it is business as usual ahead of MasterCard and Visa’s new EMV and 3DES global security standards.
The new security standards are concerning some merchants and EFTPOS is calling for calm. Some terminal providers are using the new worldwide security requirements - which will bring better credit card protection for both customers and merchants - to scare merchants into upgrading their EFTPOS terminals.
“We’ve received a number of calls from businesses saying they are concerned and confused about the information that is circulating around this topic,” EFTPOS New Zealand Head of Development and Implementation John Collins said. “Businesses are unnecessarily worried about claims from some terminal suppliers that they are sitting on potential time bombs.” The timing of any EFTPOS machine upgrade will depend on the terminal’s current specification and which network it uses for processing. Retailers need all the facts before deciding to upgrade their terminals, Mr Collins said.
“We’ve reminded all our customers that we will provide them with what they need by the time they need it, in order to comply with the new standards.” EFTPOS New Zealand has started its programme of upgrading terminals to meet its June 2007 deadline for all merchants to comply with MasterCard and Visa’s new standards. It is currently targeting its customers on the ETSL network who have the most pressing compliance deadline - 1 January 2006. It involves direct communications with the merchants, free of charge terminal and software upgrades and where necessary site visits by Field Service Representatives to install and train merchants on the new terminals.
It is a long-term process and before June 2007 there are a number of other key compliance dates that some merchants must adhere to - this will depend on their terminal’s current specification and which network they use for processing.
However, EFTPOS New Zealand will ensure all of its merchant’s terminals comply in time for each of these dates.
If merchants own their own terminal or rent from another supplier, EFTPOS New Zealand can provide sensible advice and upgrade options.
If in doubt, merchants can contact EFTPOS New Zealand by calling 0800 338 767 or visiting www.eftpos.co.nz
What is the issue?
MasterCard and Visa are introducing new worldwide security requirements called EMV and 3DES, which will provide better credit card security protection for both merchants and customers. Depending on a merchant’s current terminal specification and which network they use for processing there will be different compliance deadlines.
EFTPOS New Zealand has set a June 2007 deadline for complying with these standards for all their merchants on the EFTPOS New Zealand network. However there are a number of other key dates between now and then for merchants to adhere to:
Two Eftpos Networks
In New Zealand, there are two Eftpos systems the EFTPOS New Zealand network owned by ANZ National Bank and the Paymark network run by ETSL (Electronic Transaction Services Limited). Each network has different EMV 3DES deadlines.
EFTPOS NZ Network:
By 1 January 2006, all new terminals installed on the EFTPOS New Zealand network must be compliant with the new standards.
By 30 June 2007 all terminals connected to the EFTPOS New Zealand network must be compliant.
By 1 January 2006, all new terminals installed on the ETSL network must be compliant with the new standards.
By 1 January 2006, all 3.4 terminal spec or below must be upgraded
By 1 January 2008, all terminals connected to the Paymark/ETSL network must be compliant with the new standards
What is EMV?
A new set of global electronic payment transaction standards named after the three organisations that established them – Europay, MasterCard and Visa. This new standard supports global compatibility of chip cards and EFTPOS terminals.
What is 3DES?
Triple DES stands for Date Encryption Standard and is a widely-used method of encrypting data using a secret key. This means that instead of the current system of feeding a customer’s PIN through a single DES operation, the PIN will have three stages of DES operation – making it more secure. Using 3DES will ensure merchants and cardholders have the most up to date security, which will significantly reduce the possibility for fraud.
What does this mean?
For cardholders, there is no absolute requirement to change cards because of EMV or 3DES and there is no deadline for the issue of chip cards. Ultimately, any switch to new cards would probably coincide with regular reissuing of cards.
For merchants using EFTPOS terminals, they may need to upgrade to a new terminal. EFTPOS New Zealand is advising its customers of these requirements and will work with them to organise their move to an EMV/3DES compliant terminal. The need for upgrades and other changes will vary, depending on merchants’ individual situations.
Customers unsure about these requirements should contact EFTPOS New Zealand
Who is EFTPOS New Zealand?
EFTPOS New Zealand is one of the leading providers of EFTPOS terminals in New Zealand - delivering EFTPOS and card processing services to a huge range of businesses from corner dairies to the country's largest corporations.
We are unique in the New Zealand market in that we can provide all-encompassing solutions for merchant payment processing. With a single point of contact, we provide the total EFTPOS service proposition, including terminals, end-to-end card processing, consumables supply and a range of added value services. We have nationwide coverage and provide customer support 24 hours, 7 day a week.