We recently went live with Tessitura at multiple venues, so we were lucky (iffy term to use in this context) enough to get out of the gate with working EMV readers using P2P encryption and the latest PCI DSS standards under our belt.
BUT... When EMV readers go down, or, until you get them setup rock solid, what are people using as backups for cc transactions? Currently, we pull out the old magnetic stripe readers, but since these are not PCI compliant, I'm wary of this as a backup.
Just wondering what other organizations are doing....
Thanks!
Jay
Hi Jay,
We have not yet deployed EMV readers using P2PE encryption, but we would love to as soon as practical. So, great to hear that such solutions are now available through the Network. Readers that Element originally had promoted as a P2PE solution turned out not to be certified, and we were not able to take advantage of the immensely reduced PCI DSS requirements.
I am afraid using your old magnetic swipes as backup will take you back to full PCI compliance requirements. I wonder independently working swipe devices using land or cellular lines would be practical as back up in your case. Compliance requirements would be much more manageable. Of course, the best solution is a high enough system reliability that practically would not need backup. This has been the case with the magnetic stripe readers since we migrated to RAMP. We have a cellular card terminal as backup, but we never had to use it. I hope that EVM systems will reach that level of reliability very soon.
Back to the exciting news of the availability of EMV readers using P2PE encryption in Tessitura and RAMP. May I ask what hardware and payment processor you are using? Have you experienced any downtime with them so far? What kind of setup issues are you currently experiencing or anticipating?
The following link lists P2P solutions already certified by PCI, which would save a lot of time and resources for compliance:
https://www.pcisecuritystandards.org/assessors_and_solutions/point_to_point_encryption_solutions
It takes time and resources to be certify newly developed solutions, but I did not come across any from Vantiv. There are new devices available under Element PS though, which I assume are being provided through Vantiv now. They are Verifone Vx805, Verifone Mx925/Mx915, ID Tech SecuRED, and ID Tech SREDKey. ID Tech’s are not EMV devices.
Ahmet
UMSL – Touhill PAC
Hey Ahmet-
We have had quite a journey with our EMV readers. We have a running, inside joke around our tech team at the Mn Historical society and it goes something like this..."It may take a village to raise a child, but it takes approximately 30 IT minds to complete a single, successful EMV transaction." ;)
To be fair, much of our troubles were due to the fact that when we launched Tessitura, we launched 2 very busy venues, with varying network configurations and complexities, varying firewalls, payment method nightmares because of numerous venues, ISPs, etc... and we launched them at the same time, and on brand new Windows 10 workstations... incidentally, our IT team had zero experience working on Windows 10 machines.
As far as hardware, we went with Verifone MX915 EMV card readers ($750 ea). These were purchased directly from Element, who became Vantiv... and we use Vantiv as an "Acquired Merchant", which means, they handle the processing AND the gateway, so there are no other parties involved besides Tessitura and Vantiv.
A quick summary of the process (provided you have the reader):
So... you now see where the 30 people come in... along with all of the opportunities for errors and complexities. So when we launched, we had some ticketing stations that were live with EMV, and some that were not, so we had to revert back to magnetic swipers on those. But since we ironed out all of our EMV problems, this has all been very stable, and we've had zero EMV downtime, with no reason to go back to the mag-swipes as backups. Hopefully that continues.
If nothing else, I hope this little primer hints at what's ahead so you can prepare.
Jason
Hi Jason,
Thank you very much for sharing your experiences. Hopefully, our transition to EMV readers will be a little smoother, as we will be changing only the card readers in our system. Currently, we are at the process of waiting for Vantiv to certify their payment gateway for First Data to move forward.
It is comforting to hear that issues, which came up with EMV readers at the beginning, are resolved now, and we will continue to be spoiled with the high levels of reliability we had accustomed to. Nevertheless, our cellular swipe terminals will stay with us as our security blanket.
Jason:
Can you elaborate on why you need mac addresses for specific workstations? I just started installing/configuring the workstations but didn't see why we would need the mac addresses. Is this specific to your configuration of firewall/routers?
Thanks.
Rick
Hey Rick-
Delighted to hear there's a happy ending to the Mx915s. I've been struggling with getting one device working for several weeks now, since applying the 1251HF12 patch bundle.
I think I'm finding I need to reboot the Mx915 before use. I reboot the device, am able to run a few ticket purchases in 'production' mode (as declared in triPOS.config) in our Test environment, go to a meeting, come back and try another ticket purchase and receive error: "A connect request was made on an already connected socket".
Have you seen something like this? We're not RAMP, and I had much help from our Tessitura implementation manager to configure our Mx915s ourselves; we had asked for a quicker delivery on the devices than Vantiv was able to handle.
Any info, encouragement would be much appreciated!
Trina