verifone

3 Articles

Expired Certificate Causes German Payment Meltdown

May 30, 2022 by 83 Comments

For most Hackaday readers the process of buying groceries this weekend has been a relatively painless one, however we’re guessing some of our German friends will have found their cards unexpectedly declined. The reason? A popular model of payment card terminal, the Verifone H5000, has suffered what has been described as a “software malfunction”. So exactly what has happened? The answer is as simple as it is unfortunate: a security certificate for German transaction processing stored on the device has expired.

The full story exposes the flaws in assuming that a payment terminal is an appliance rather than a computer and its associated software that needs updating like any other. The H5000 is an old terminal that ceased production back in the last decade and has reached end-of-life, however it has remained in use and perhaps more seriously, remained in the supply chain to merchants buying a terminal. With updates requiring a site visit rather than an over-the-air upgrade, it’s likely that the effects of this mess could last a while.

In case the hardware for this type of equipment interests you, we’ve had a teardown on another Verifone terminal in the past.

Teardown: VeriFone MX 925CTLS Payment Terminal

July 8, 2019 by 53 Comments

Regular Hackaday readers may recall that a little less than a year ago, I had the opportunity to explore a shuttered Toys “R” Us before the new owners gutted the building. Despite playing host to the customary fixture liquidation sale that takes place during the last death throes of such an establishment, this particular location was notable because of how much stuff was left behind. It was now the responsibility of the new owners to deal with all the detritus of a failed retail giant, from the security camera DVRs and point of sale systems to the boxes of employee medical records tucked away in a back office.

Clipping from New York Post. September 24th, 2018.

The resulting article and accompanying YouTube video were quite popular, and the revelation that employee information including copies of social security cards and driver’s licenses were left behind even secured Hackaday and yours truly a mention in the New York Post. As a result of the media attention, it was revealed that the management teams of several other stores were similarly derelict in their duty to properly dispose of Toys “R” Us equipment and documents.

Ironically, I too have been somewhat derelict in my duty to the good readers of Hackaday. I liberated several carloads worth of equipment from Geoffrey’s fallen castle with every intention of doing a series of teardowns on them, but it’s been nine months and I’ve got nothing to show for it. You could have a baby in that amount of time. Which, incidentally, I did. Perhaps that accounts for the reshuffling of priorities, but I don’t want to make excuses. You deserve better than that.

So without further ado, I present the first piece of hardware from my Toys “R” Us expedition: the VeriFone MX 925CTLS. This is a fairly modern payment terminal with all the bells and whistles you’d expect, such as support for NFC and EMV chip cards. There’s a good chance that you’ve seen one of these, or at least something very similar, while checking out at a retail chain. So if you’ve ever wondered what’s inside that machine that was swallowing up your debit card, let’s find out.

Continue reading “Teardown: VeriFone MX 925CTLS Payment Terminal”

Name These Parts: Verifone Payment Module Tear Down

November 23, 2011 by 39 Comments

[Jerzmacow] got his hands on this Verifone Vx570 handheld payment terminal at a flea market. It’s got a thermal printer, a magnetic card reader, and then there’s the big LCD screen and buttons. In other words, lots of parts for his hacking amusement. But first, he decided to take a look at the parts that went into the design. He carefully disassembled the device, documenting what he found along the way. He mentions that there’s a switch pressing against the underside of the LCD which disables the hardware when disassembled. So it sounds like he won’t be able to get it to work again (there’s a Lithium battery inside which we’d guess powers some type of hardware kill switch circuit).

He posted an HD video of the tear down which we’ve embedded after the break. We find some of the design to be quite peculiar. Normally we have [Dave Jones] to walk us through design choices in his EEVblog hardware reviews. Since [Jerzmacow] wasn’t able to provide that level of insight, we’d love to hear what you think each piece of hardware is for. Leave your comments, along with time-stamps from the video. Specifically, what’s up with that strange board shown at 1:51? Continue reading “Name These Parts: Verifone Payment Module Tear Down”