Small Market Share - Best Innovation Group > Media > Blog

Please Wait a Moment
X

Blog

01Nov

The PAX Terminal Controversy- Small Market Share, Big Headache?

While attending Money 20/20 last week I received a text from a colleague asking if I’d heard rumors about PAX terminals being pulled by a payment processor. At first I thought it might have been a typo, but soon enough I began hearing corroboration in the conference hallways. But the story got even juicier- the FBI had raided PAX’s Jacksonville warehouse.

PAX Global Technology is hardly a household name- it ranks a distant third to Ingenico and Verifone in the point-of-sale (POS) card terminal market, with its greatest presence by far in Latin America. Nonetheless, it generated over $65 million in US market revenue in 2020, focusing primarily on serving smaller merchants seeking low-cost hardware alternatives.

POS terminals are a longstanding security target. Arguably the two highest-profile data breaches in memory, Target’s and Heartland’s, were perpetrated by infiltrating these simple machines stationed alongside every checkout register. By definition, they require an open connection to the outside world.

According to Krebs on Security, payment processors grew concerned when they noticed the data packets being transmitted from PAX terminals were significantly larger than that required for card transactions, and were also connecting to websites not listed in PAX’s documentation. This is a warning flag that the transmission may be implanting malware and/or extracting impermissible data.

Here’s where the plot thickens. PAX is a Chinese company, publicly traded on the Hong Kong Stock Exchange. Its management has already insinuated that recent actions against it are politically and racially motivated. However, multiple partners report that PAX has yet to offer sound explanations for the transmission discrepancies.

FIS Worldpay has confirmed it is in the process of replacing all PAX terminals deployed at a small minority of its clients. According to Krebs, at least one UK-based processor is doing the same.

But here’s the kicker- Krebs further speculates that absent prodding and hand-holding from their processors, most small merchants are unlikely to take proactive steps to address this vulnerability in the short term. For one thing, they’ll be reluctant to risk disruption during the busy holiday season. Further, given the global chip shortage replacement terminals could prove hard to come by- particularly for mom and pop merchants lacking clout.

It’s no wonder POS terminals are seen as a soft underbelly for bad actors. It’s not yet known how (or if) this apparent breach will impact the front line, but as usual any issues will likely be felt in card issuers’ contact centers and fraud departments. This is probably a good time to turn the threat monitor up another notch.      

We’ll be discussing this evolving story in greater detail at our weekly CU Digital Town Hall on Wednesday afternoon, November 3. Visit https://www.cutownhall.com/ to request an invitation to join us (if you’re reading this after November 3, a replay link should be posted to the site).

 

About the Author

Related

The State Of The Credit Union: Analytics Adoption – Part II

In our last blog, we explored results from The National Survey on Credit Union Data Analytics and De...

Read More >

Apple Pay, Google Wallet And The Rise Of Online Payment Innovations

Digital payments are not new. PayPal came to life in 1998 as a money transferring platform. By the y...

Read More >

Offering Digital-Friendly Rewards To CU Card Holders

More and more purchasing and other financial transactions are moving online, and whether that means ...

Read More >
2019 Credit Union Technology Trends to Watch

2019 Credit Union Technology Trends to Watch

Wow. What a year! The credit union and FinTech worlds are frothy and lots of change is underway. Th...

Read More >

The Sticky Card: Credit Unions Can Influence Which Cards Their Members Choose To Make Purchases

Most consumers have at least three credit cards from various sources. In addition, many people also ...

Read More >
Lessons Learned From the 2008 Downturn

Lessons Learned From the 2008 Downturn

In 2008, the market suffered a horrible loss due to mortgages being repackaged that were not worth t...

Read More >

About Us

Best Innovation Group, Inc is a technology innovation and development company catering to the financial industry. We invite you to join the hundreds of financial institutions that have already worked with our team of experts in designing technology solutions to fit their growing needs.

Contact Us

Toll Free:
877.244.4964
Office:
813.377.4963
Fax:
813.425.2390

Subscribe To Our Mailer