Even on the third day after the partial breakdown of payment terminals, the problems in the German retail trade persist. The disruption in Verifone payment terminals, which affects all network operators, is ongoing, the payment service provider Concardis announced on Friday in Eschborn. The retailers Aldi-Nord, Netto and Edeka also confirmed that the problem caused by a software error on Tuesday evening with payments by giro or credit card still exists.
The US manufacturer himself only referred to his statements from the previous day on Friday: “We will shortly provide a software update to fix the problem and will inform our customers as soon as it is available.” According to the information, the affected terminal type H5000 is mainly used in Germany.
The head of the consumer center in NRW, Wolfgang Schuldzinski, drew attention to the effects on citizens in the “Rheinische Post”: “It’s difficult enough for consumers when they suddenly can no longer pay for their purchases without cash, because by no means everyone always has enough cash with you.” In addition, the systems are often used to withdraw cash due to the ever decreasing number of bank branches. This could get people into serious trouble, said Schuldzinski.
The payment service provider Payone operates 60,000 of the devices nationwide, but not all of them are affected by the problem. As a spokeswoman said, there is still no final solution in sight. An exchange of the payment terminals can therefore not yet be ruled out. Concardis said: “As a network operator and payment service provider, we are doing everything we can to exchange Verifone H5000 payment terminals that are no longer working for our retail customers as quickly as possible and to make alternative devices available”. However, this could take a few days.
After initial analyses, Payone expressed the suspicion that the failure of the devices could have been caused by a certificate error in certain versions of the software provided by Verifone. The US manufacturer did not provide any information on this until Friday. According to the Federal Association of Electronic Cash Network Operators (BECN), Verifone has already identified the error: “The terminal manufacturer is currently working on being able to initiate measures to rectify the error,” said the association’s website.
A digital certificate is a proof of authenticity that confirms the identity of a computer or electronic device. In the case of the POS systems, this secures the communication between the payment terminal and the POS server. The flow of data between the maintenance computers and the terminals cannot flow without a valid certificate, since the user name and password alone are not sufficient for logging in.
Two years ago, the security expert Scott Helme warned of a scenario in which certificates in the Internet of Things expire unnoticed and this can lead to widespread disruptions. In a blog post at the time, he also referred to disruptions caused by certificate errors at US payment service providers.
The affected card terminal H5000 from Verifone was also checked by the Federal Office for Information Security and certified for use in retail at the time of its market launch. (dpa)