Visa confirmed Monday it has issued an alert warning that some point-of-sale software may be storing PINs in violation of industry rules, leading to suspicions that the root of the recent debit card debacle may have been out-of-date or misconfigured software.
“…we provided a confidential alert to a limited number of financial institutions advising them that a particular configuration of certain software could cause it to store cardholder data,” Visa said in a statement e-mailed to TechWeb. “We further advised them of the existence of a software upgrade designed to address the problem.”
When purchasing a Point Of Sale system it is very important that the software complies with all formal regulations and industry standards such as in this case the PCI data security standard. Furthermore, most countries require strict certification of all software communicating with the PIN terminals.