Verifone Passes Encryption Test

Verifone has been put to the fire, as it were, and emerged secure.

The payment transaction company announced today (May 20) that its end-to-end encryption and tokenization solution has passed an assessment by Coalfire Systems, a Payment Card Industry Qualified Security Assessor (PCI QSA).

According to a company press release, Coalfire — as part of its full report — describes VeriShield Total Protect as being able to “nearly eliminate the current risk of payment card data compromise within a merchant’s retail environment and can dramatically reduce how many PCI DSS requirements need to be validated when properly deployed.”

In the release, Verifone attests that VeriShield Total Protect is the most widely-adopted payment data encryption solution in the U.S., utilized by more than 250 of the biggest merchants and 9 out of the 10 top payment processors in the country. Its attributes include: reducing PCI DSS controls; functionality with a range of payment technologies (such as mag stripe, contactless, NFC and EMV); easy integration with retail systems; and random-number tokenization.

“One of the reasons Verifone has been a leader in global payment solutions and commerce enablement for more than 30 years is because security is in our DNA,” said Joe Majka, chief security officer for Verifone, in the press release. “Our best-in-class payment solutions and services meet or exceed global security standards and help our clients securely accept electronic payments across all channels of commerce. This assessment from Coalfire — perhaps one of the most renowned IT security advisors and auditors out there — speaks to the security capabilities of VeriShield Total Protect, as well as Verifone’s continued efforts to reduce merchants’ growing exposure to data breaches and more aggressively safeguard consumer information.”

The release additionally notes that Coalfire conducted its testing of VeriShield Total Protect at its labs in Louisville, Colorado, as well as at Verifone’s labs in San Diego, California. The battery of assessments included complete POS installation, integration, transaction testing, device assessment, encryption evaluation and forensic analysis.