Hi Everyone,

Just looking at a new company

http://www.acculynk.com/

It looks like they offer online ecommerce PIN Debit for websites. You are supposed to click your PIN number on a scrambled PIN pad. Has anyone ever used them? Any thoughts? Good/Bad?

Thanks,

Don

First of all, there is no such thing as a "card not present" PIN Debit transaction. The card has to be swiped in a POS machine in order to obtain the PIN Verification Value (PVV) and the PIN Verification Key Index (PVKI) which is embedded in the magnetic stripe. Go to Visa or MasterCards website and try to find a "card not present" PIN Debit rate.

Acculynk uses a software application which "simply allows" you to enter your PIN for perceived security. It's simply another alternative payment. At the end of the day, you still have to "type" your card number into a box in a browser, which is extremely dangerous. It then determines whether it is a card which can be used with a PIN. If so, a pop-up (you have to have your javascript enabled) floating PIN Pad appears. You then use your mouse to "click in your PIN." It shuffles to give the appearance it is secure, but anyone familiar with how screen scraping or keystroke logging works won't be fooled. Keep in mind your PIN is the holy grail to hackers. What benefit do you derive for entering your PIN into a web browser? The benefit is to the merchant, they save a little bit of money off interchange, how much is yet to be determined by the EFT networks.

If you want a genuine two factor authenticated PIN transaction conducted on the web you must use a hardware device. To my knowledge, there is only one company in the world with a PCI Certified PIN Entry Device designed for the web.

<<snipped>>

Good post from PINcept.

Although implied, I will elaborate that the certified device for the web requires that every end consumer would have to have the device, so don't hold your breath for paradigm shift of web-based pin transactions in the near future.

But with the recent breeches in security, who knows?

Thanks for the post guys. But this company seems to have an approved system that incorporates cards from NYCE, PULSE, ACCEL, plus( a number of the larger debit networks). It would seem like this is CNP PIN Debit for approved networks. Since this does not go through the VISA/ MasterCard networks, but rather the debit networks, Visa/MC would not touch this info to begin with. They also charge PIN Debit rates (with a fee it appears) on these transactions instead of the discount rates and some type of additional per transactions fees. I was just trying to find out if anyone has actually used them, and if the system worked or saved them money.

My apologies. I jumped to conclusions, so now I've gone back and done my research.

It looks legit and has all the proper docs from actual PIN networks, so in my opinion its worth a try. However, you may need to post this video (http://paysecure.acculynk.com/p/media/paySecureDemo.html) near the area where they customer enters their debit card number.

this is going to be new for many people and new things are scary to many. So, "Educate, and Wait" will be the theme. Don't expect 100% acceptance and I would probably ask myself "who is my end user and are the savvy enough to use this product". Things like age, as older people can tend to be less likely to accept newer technology, or become confused by the scrambling.

Another downside is that pin-debit network fees have been increasing, and sometimes don't offer a huge savings, so you need to check the rates and make sure that the reward is worth the added effort. If you have a fairly high ticket product, then it may just be. It used to be that PIN-debit only cost .25cents per transaction, but now most PIN-debit trans have a transaction fee and a percentage attached. Although the percentage fees are usually less than 1%.

Kind Regards