Why POODLE/SSL Is The New Y2K For Your Restaurant
Remember Y2K (or at least reading about it)? On January 1, 2000 computers that everyone depended on were to malfunction due to four-digit years being represented by two digits. Although this never resulted in the major problems that were predicted, it sure did scare everyone. Now we have a new phenomena that could have a big impact on your restaurant (and represents a much more tangible threat than Y2K did)…
Fast forward to June 30, 2018. On this day, the Payment Card Industry Standards Council (PCI SSC) is mandating that any restaurant running SSL must switch to TLS v1.1 or higher for all credit card processing to continue safeguarding payment data. Now I realize that you may feel like you are staring into a bowl of alphabet soup when I bring up these acronyms so bear with me as I explain.
For decades, SSL (Secure Sockets Layer) has been used as a standard way to convert data into code in order to prevent unauthorized access. Recently, vulnerabilities have been identified in SSL. POODLE (Padding Oracle On Downgraded Legacy Encryption) is a flaw that enables attackers’ to extract data from a encrypted (secure) connection. To avoid this, you must switch from SSL entirely and TLS (Transport Security Layer) version 1.0 to TLS version 1.1 or higher. Not only will this allow you to fix the problem, but your restaurant will remain PCI compliant.
Once the June 30 deadline has passed, the credit card processing functionality of any non-compliant software, operating system and/or hardware will stop working. In other words, you will face a complete shutdown of your credit card processing! Most traditional POS systems are vulnerable and will need to be upgraded before this deadline. This could cost thousands of dollars. Now that’s scary …
While a lot of POS software providers are just now learning about this issue, some are well aware of this problem and are working to make it easier on restaurants that need to procure new software and/or hardware. For example, Harbortouch is offering a free upgrade to the latest version of their POS software to the company’s existing customers or POS software for free to new customers. They are also offering free EMV Terminals to ensure compliance with PCI’s new TLS requirements! These terminals can also support EMV chip card transactions with tip adjustment and accept Mastercard’s new BIN cards.
Many POS providers even have local resellers who will come to your restaurant to install and then support your POS hardware and software … you don’t have to know a thing about SSL or TLS or POODLE. They’ll take care of it for you! Contact a local reseller today for details on how you can ensure you do not lose the ability to accept credit card payments when this deadline arrives!
Leave a Reply