Triton Systems is preparing for PCI5

Cryptera has been supplying Encrypting Pin Pads to Triton Systems for almost 15 years and is now working on the next generation EPP.

Since 2006, Triton Systems and Cryptera have been working closely together. Triton originally had another supplier of their Encrypting Pin Pads but turned to Cryptera for the development of their PCI-1 variant. They had very specific requirements in terms of footprint, key management, and software.

Cryptera EPP’s are known for their high quality and robust design, which allows ATM and kiosk manufacturers to design in- and outdoor self-service solutions with low maintenance costs. At the same time, it assures customers that their PIN code is handled in a secure, compliant, and reliable EPP.

Triton is a trusted name in the ATM business world, who has been providing reliable and affordable products for more than 30 years. They are a major provider of off-premise ATMs and ATM management software globally. Triton ATMs are made in the USA and built from the ground up at their manufacturing plant in Long Beach, Mississippi. They have a sleek look and a small footprint. Triton has a complete line of ATMs for retail locations and financial institutions.

Since the beginning of the cooperation between Triton and Cryptera, we have launched Triton’s PCI3 certified EPP back in 2014. This product is valid for new installations until April 2020. Together with Triton, the Cryptera R&D Department is currently working on the PCI5 EPP. The project is moving according to plan, and the PCI-5 certified EPP will ensure the installations of new ATMs until April 2026.

“For more than 13 years Triton has partnered with Cryptera to ensure the highest level of security for all Triton ATMs. While there are other knock-off EPP suppliers out there, sourcing through Cryptera ensures that Triton EPPs are fully secure and free from any potential backdoor compromise.” Terry Asher, VP Engineering & Operations @ Triton

Moving to PCI5 assures that the EPP complies with the latest PCI security requirements. This includes a device-controlled reboot function, secure device authentication, etc. At the same time, cryptographic functions that are no longer considered secure, like SHA-1 based signatures, are removed.