Back

Your Business is Safe with Dream Payments

Your Business is Safe with Dream Payments

Those who follow technology news may have heard about a new virus called BlueBorne, which potentially threatens all sorts of devices that use Bluetooth. We’ve had a few questions about it from the Dream Payments community, specifically regarding any potential impact to the transactions you are processing with your Dream device.

We’re always here to help, so we wanted to respond quickly and assure you that your information is safe with us – both for your business and your customers – even in light of this recent news.

Dream provides best-in-class security and every transaction that you process through your Dream device is encrypted. This means that your data – and your customer's personal information – is always protected.

Specifically, we use point-to-point encryption technology for all transactions. Data leaving the terminal cannot be read by third parties without the encryption key. This means that if Bluetooth, cellular or Wi-Fi communications are compromised, the data never is – it always remains secure. Even our instruction sets are encrypted so that the terminal will only react to commands issued by approved systems, and our commands do not come directly from the mobile device.

 

  • Card number data is encrypted at the point of capture (terminal) and decrypted only at the acquiring bank.
  • Card details, magnetic-stripe data and security codes are not stored in any form on the terminal or mobile device.
  • All data classified as sensitive is encrypted using advanced algorithms.

 

The Background

BlueBorne patches are already being developed and distributed by the big three: Google, Microsoft and Apple. Still, Armis Labs, an Internet of Things (IoT) security company, believes 40% of devices that could potentially be impacted will never be patched. That’s two-billion devices that could be left vulnerable to attacks. Now that you know the risks, how do you know if the other devices being used in your business are secure?

Typically, the older your device, the less secure it is, so you may want to see if you’re eligible for an upgrade or budget for new technology sooner rather than later.

Every Bluetooth-enabled device adheres to a standard security level from one to four.

  1. Devices with level one security talk to each other without authentication. This means anyone can intercept your data. As an example, someone could listen to your call if you are using Bluetooth-enabled headphones or ear buds with low security.
  2. If your device is level two, it’s a bit more secure. It will request authentication and acknowledgement when you pair devices. The problem is that they pair before they authenticate and this window leaves your device vulnerable to hackers.
  3. With level three security, your Bluetooth devices authenticate before they pair. This improves safety because it closes the window that is left open in level two.
  4. Level four uses a stronger authentication protocol, which leads to an even more secure connection.

Not every device is as secure as your Dream Payments terminal, but there are additional ways to protect your Bluetooth-enabled devices, including:

  • Know where they are at all times.
  • Turn Bluetooth off when you are not using it.
  • Set your devices to be “non-discoverable.”
  • Download and install patches and updates regularly.
  • Immediately remove lost or stolen devices from your paired device lists.
  • Choose wireless headsets and ear buds with signal encryption.

We know you work hard to build and grow your dream business. We work just as hard to keep your business safe.