Expired Certificate Causes Major Retail Card Payment Outage in Germany

by
Fnord666
from SoylentNews on (#5ZRSM)

Rich writes:

A digital certificate that expired after 10 years is causing a major outage in German retail payment handling. The involved Verifone H5000 card reader was introduced in 2012 but is still widely in use. Acceptance points have been advised to not power off their devices, because on startup, the failing certificate locks out the device even from updates. The vendor is trying to come up with a solution, which will likely involve USB sticks for local updates.

Report in English: https://www.stripes.com/theaters/europe/2022-05-27/aaefes-esso-credit-card-outage-6146620.html

Details in German (with screenshots): https://www.borncity.com/blog/2022/05/27/strung-der-verifone-h5000-ec-kartenlesegerte-einige-insights-zur-zertifikateproblematik/

While in the past, many issues could be fixed by cleverly scraping together remaining data, this is one of the first nationwide occurrences of a new class of security-related bugs that actively lock out any solution attempt. What is your experience in this field?

Original Submission

Read more of this story at SoylentNews.

External Content
Source RSS or Atom Feed
Feed Location https://soylentnews.org/index.rss
Feed Title SoylentNews
Feed Link https://soylentnews.org/
Feed Copyright Copyright 2014, SoylentNews
Reply 0 comments