It is the banks' responsibility to provide safe payment solutions.
Tyro’s new architecture protects merchants and card holders against data breaches. Tyro integrated IP EFTPOS does not expose the cardholder data.
Tyro merchants are no more burdened with the risks and costs of PCI-DSS compliance and the costs of a data breach i.e. scheme fines, costs of unauthorised transactions and of security breach investigations.
PCI PA-DSS certification
ARA: Data Breach worries retail
To protect your business and your customers from data fraud, Tyro complies with Payment Card Industry Data Security Standards (PCI DSS). Do you?
Understand PCI DSS! To avoid large fines or the loss of your credit card acceptance capability, self-assess your compliance and act! Download the self-assessment form. Learn about the Top Three POS System Vulnerabilities.
Tyro was the first Australian ADI with a
PCI DSS Certification and a
PCI PA-DSS Certification.
Older dial-up EFTPOS terminals send part or all of the data in the clear. Tyro uses SSL (Secure Sockets Layer) with 3DES (Triple Data Encryption Standard) as well as positive terminal authentication.
Tyro’s technology insulates the merchant's network from sensitive card holder and transaction data. All customer cardholder data is secure and there is no risk to his reputation or liability from disclosure of this data.
Also see APCA Fraud Protection Guidelines.
The merchant requires a secure login and critical changes to his account information (eg bank account info, email addresses) are notified to the merchant via email. This means that the merchant can detect any unauthorised changes in a timely manner.
Our terminals are encrypted to ensure all transaction data is secure. To further secure your wireless network, our recommended best practice for WiFi terminal security settings is:
1. Enable WPA-2
2. Enable MAC address filtering
3. Hide SSID Broadcasting
4. Review firewall logs regularly
This is aimed at merchant cashier fraud and will detect unusual patterns of activity and refunds before these cause loss to the merchant (or loss to Tyro).
The PIN is encrypted securely in the terminal and then encrypted a second time for transfer to the authorisation switch. The merchant likes this because the cardholders can be assured that their critical personal information is treated securely at all times.