Freemindtronic’s NFC hardware wallets with credit card management are PCI DSS compliant

Why the NFC hardware wallet with credit card manager is PCI DSS compliant

Why Freemindtronic NFC hardware wallets with credit card management are PCI DSS compliant.

NFC hardware wallets with credit card management the patented nfc hardware wallet designed and developed by Freemindtronic SL Andorra has a secure manager function, with physical protection of the Bank Cards.

These are  highly  secure  NFC  devices  for storing encrypted data in AES  256. They have a multi-factor access control and authentication system. These factors  are set at the discretion of the user. They may be different  for each credit card stored in the device. It is even possible to limit a data’s access to a geographical area.

This is a physical safe Gre reen Tech. Indeed, theNFC device works without a battery, since it recoverstheenergy via the NFC signal of the phone that serves as its terminal.
This allows it to always keep available stored data, for 40 years, without maintenance, without the need to be connected to an energy source.

These Hardware wallets are trying to combat the risk of contamination linked to COVID; indeed, they are used without contact via an NFC phone

These Hardware wallets are Air Gap 1. That is, they are  physically isolated from any computer network. The data is stored encrypted only in the device’s non-volatile memory.  They are physically accessible only by theuserand/or their administrators.

This Cold Wallet does not collect any personal data. It doesn’t use a remote server, cloud, or remote backup unit. 

After authenticating the Cold Wallet user, he can automatically fill out the fields of a credit card to make hispayments online. This is  a similar gesture to contactless payment, but to  make  online purchases. Beyond the risk of COVID contamination,they fight cybersecurity attacks, since theuserdoes not touch the  computer keyboard.  The data  is  transmitted from the device  and  encrypted   to the computer system. The data displayed on the screen is offended, shielded froms ss s and prying systems indiscreet or malicious.

Thus, the user can make his purchases online on any computer system or phone without leaving any information of his bank cards. In fact, the user does not need to back up their bank card data in a computer system, in a phone, or in online shopping sites.

Who is affected by the PCI DSS standard?

The PCI standard is dedicated to the data security of the payment card industry (PCIDSS). It is a  set of security standards designed to ensure that all businesses that accept, process, store or transmit credit card information maintain a secure environment.2

The PCI DSS standard applies to any organization, regardless of the size or number of transactions, that accepts, transmits or stores cardholderdata.

It applies to all merchants who trade withbank cards. This also applies to merchants who do not store credit cards data but who have received credit or debit cards as a method of payment.

You can check out the PCI DSS standard on the www.pcisecuritystandards.org website(https://www.pcisecuritystandards.org/document_library). 

Freemindtronic’s Cold Wallet NFC are not bank cards

These NFC devices are not bank cards.  They are also not  payment instruments  frequently used for retail purchases. The definition of a bank card is defined in particular by the European Parliament and Council regulation of 29 April  2015 (EU) 2015/751. (https://eur-lex.europa.eu/legal-content/FR/TXT/HTML/?uri=CELEX:32015R0751&from=FR).

Similarly, these Cold Wallet NFC are  not  means of  payment. These are  NFC   devices that allow you to fill in information fields of bank cards,   in a secure way,  to  makepayments. This is made  fromcomputersystems   and connected phones  (e.g.  computer, smartphone, tablet), but whose transaction is necessarily carried out by existing means of payment, subject to the PCI DSS standard.

PCI DSS does not apply to Freemindtronic SL Cold Wallet NFC

For several reasons, Freemindtronic SL Cold Wallet NFC cannot be subject to all PCI DSS standards.

First, these Hardware wallets are not an organization, nor a trader.

Second, they donot have the functions of payment cards.

Third, they do not allow payment transactions to be carried out on a terminal. An electronic payment terminal is a device that allows a merchant to accept and process credit card payments. The device allows you to record the transaction, debiting the customer’s bank account and crediting the professional’s account with the amount of the sale.  Nordoes it allow you to make money ata bank counter.

Finally, they are also not an electronic payment method (E-payment). Because electronic payment is a means of conducting commercial transactions for the exchange of goods or services over the Internet.

More information

These Hardware wallets have a control system that prohibits token of invalid bank cards.

In addition, the storage of credit card information does not include the PIN. 

Physical protection of the bank card

These Hardware wallets effectively protect against the risk of fraudulent use of bank cards as a result of theft, loss or    malicious persons. Simply physically erase the CCV from the credit card after backing up the information in the Cold Wallet. 

Demo – tutorial:

Cybersécurité anti phishing

These Cold Wallet NFC also havecontrolsystems  including  intelligent self-connectionto an original website. The user always connects to the original sites where he automatically manages the favorites.

An associated plugin is compatible with many web browsers, Chromium, Chrome, Brave, Opera, Firefox, Edge. It has a HTTPS control system and exposure to phishing risks based on domainnames.

in short

Even if Freemindtronic’s Cold Wallet NFC is not affected by PCI DSS standards, these curity level, combined with that of bank cards and their uses, is greatly increased to limit the area of attack in the face of identity theft and fraudulent uses.

These Cold Wallet NFC are the most secure, highly secure, mobile storage units dedicatedto physical protection and security of the use of sensitive data such as the visible information of bank cards on connected media as well as their uses on the internet and intranet.

User Experience

These devices, available in credit card format, are usedas for contactless payment at merchants. Thanks to the simple and fast system of self-filling the  information fields of bank cards,we have the same known sensations as those of  contactless payment. It can therefore be said that  itisCold Wallet  NFC  allowsattempt to make online payments without contact.

1 Air Gap : https://www.techopedia.com/definition/17037/air-gap Yes https://www.automation.com/en-us/articles/2011-2/scada-securitys-air-gap-fairy-tale

2 https://www.pcicomplianceguide.org/faq/#1

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This site uses cookies to offer you a better browsing experience. By browsing this website, you agree to our use of cookies.