Effective 31 December 2014, all pre-PCI POS PIN acceptance devices used in an attended environment are to be replaced by devices that are PCI-approved.
Currently, the Card Associations do not have mandatory retirement dates for these devices; however, by 2014, these devices will have been approved against 10-year old requirements, and it is possible that the Card Associations will introduce dates to replace these devices. Acquiring Banks are asked by Card Associations to bear this in mind when selecting replacements to gain maximum return on investment and enhanced PED security.
Card Associations emphasize that strong consideration should be given to replacing any pre-PCI devices with the most recently approved devices available, including using PCI PED Version 2.0 devices (or later), with which PAX S-series terminals comply.
Acquirers that do not meet these Card Association requirements will continue to accept liability for PIN compromises attributable to the use of these devices. Such acquirers may also be liable for penalties in accordance with Card Association regulation for violation of the PIN management requirements.
Compared to other vendors, PAX has, at no extra cost to you, the customer, upgraded the existing S-Series of POS products from 1.x to the mandated 2.x PCI compliancy.
If you check at www.pcisecuritystandards.org you will see that other major vendors have chosen not to up upgrade their key POS models from 1.x, but will only provide 2.x PCI compliancy on newer POS models (i.e. a strategy to both end-of-life certain models or brands, and encourage clients to migrate to what are presumably higher gross margin products). Future products PAX brings to market will always include standard 2.x / 3.x compliancy at no extra cost.
Other smaller POS brands trying to make a name for themselves often appear to have very low cost terminals. However they suffer from a combination of 3 key disadvantages which could lead you to making a risky investment decision which could jeopardize your business:
(i) they can be categorized as 1-or-2-product companies , without a deep and wide portfolio of POS devices;
(ii) while claiming to be PCI compliant , proves the lack of updated compliancy - often only 1.x, and not the mandated 2.x), as well as showing how few products they have compared to the larger POS manufacturers;
(iii) because they do not sell globally, but only in a few select countries outside of their home market, their long-term financial viability & resources capability is constantly in question.
The current status of PAX’s PCI compliant S-Series, as published on www.pcisecuritystandards.org is copied below.