The financial industry is built on trust – and rigorous testing and certification by accredited laboratories. Our systems have been certified to the highest levels of security and data protection as specified by industry bodies EMVCo, PCI and TUV.
All Gemini contactless readers feature a built-in cryptographic processor. This hardware component encrypts cardholder data at source, ensuring that everything transmitted by reader is protected from malicious activity and attempts to read or modify it. Readers hold unique secret keys to encrypt cardholder data, which can be decrypted only by the payment gateway – this is known as E2EE (end-to-end encryption.) Further, the solution employs DUKPT (derived unique key per transaction), where each individual transaction is encrypted with a key that is then immediately discarded. If a derived key is ever compromised, it only affects that single transaction and is not applicable to any other past of future transactions.
Telemetry terminals also secure their communications with certificates for TLS connections, adding another layer of security. What is more, all Gemini hardware has capabilities for remote management and updates through a dedicated Terminal Management System, allowing us to prevent or respond to emerging threats.
All cardholder data sent to the payment gateway must be decrypted, processed and stored securely. Our solution is Payment Card Industry Data Security Standard (PCI DSS) compliant, and certified as a Level 1 Service Provider (the highest level possible.)