Card malfunction: Who is actually to blame? Bafin examined
The Federal Financial Supervisory Authority (Bafin) is investigating the current problems with card payments in Germany.
Paying with a giro/credit card was or is still disrupted.
The massive problems with card payments (via Giro/EC card or credit card) at many discounters and shops in Germany have led to the Federal Financial Supervisory Authority (Bafin) investigating the disruption. The Handelsblatt reports.
The question is whether only the card reader manufacturer Verifone is responsible for the failure or whether the payment service providers Concardis and Payone and the banks are also partly to blame. “The cause of the disruption can only be considered after a more detailed analysis,” the Handelsblatt quoted a Bafin spokesman as saying. The Bundesbank, in turn, wants to “fundamentally work up” this breakdown.
Regarding the division of tasks: the unusual devices used in the shops and the software on them come from the US company Verifone. However, the network operators Concardis and Payone handle payment processing.
According to the Retail Research Institute (EHI), 90,000 to 100,000 such card terminals are said to be in use nationwide.
update end. The development is May 30, 2022
According to the Augsburger Allgemeine Zeitung, payment by card should be possible again at Aldi Nord and Netto. Aldi Nord replaced the affected devices with new ones. According to Aldi Nord, this exchange was planned anyway and has now been brought forward. But don’t get excited too soon: In some Aldi Nord branches there could still be problems because the exchange process would still be running. There is a corresponding notice at the entrance to the branches.
On the morning of May 30, it was still said that the problem with card payments on Verifone H5000 devices would continue. According to media reports, Verifone is said to have provided a software solution. However, delivering these to the affected terminals would still take a few days because manual intervention would be required on each device. Either the dealer concerned or a technician can do this. However, the affected devices do not have to be replaced.
In addition, contrary to initial reports (see below), there is now no problem with an expired certificate. Manufacturer Verifone also ruled out a hacker attack as a reason for the disruption. Verifone writes the following here:
Dear customers and partners, we are aware that a certain proportion of the Verifone H5000 terminals, which are mainly used in Germany, have a usability problem for processing card payments and that inconveniences may have arisen as a result of this situation. We would like to emphasize that the issue is not related to a certificate expiration or a security vulnerability and does not pose a security threat. Rather, it is a software malfunction in the H5000 software. The H5000 terminal series will not be sold and shipped by Verifone as of the end of 2019, all other available and future Verifone terminal products are unaffected. One of the observed H5000 error patterns is that the terminal shows “Ready” but contact-based credit card and girocard transactions are not processed. However, the processing of certain contactless transactions and direct debit transactions is still possible. It could therefore be useful to have the direct debit procedure activated temporarily via network operations. Over the past few days, we have been working on solving the problem with the highest priority and in close cooperation with our customers and partners. We have developed an update solution to fix the problem.
” Quote end
ATMs are not affected by the disruption.
Since Tuesday (May 24th, 2022), some discounters and drugstore chains have not been able to pay by giro or credit card. Aldi Nord, Edeka and Rossmann, for example, are affected; but also, for example, the Munster tank museum. These problems still exist today.
That is the reason
The payment problems always arise when the H5000 model from the US manufacturer Verifone is used as the card payment terminal. According to Spiegel Online, a certificate error within certain versions of the software provided by Verifone is the reason for the disruption. In order to solve this problem, a software update must be installed, as the manufacturer Verifone reports. However, this requires manual intervention at the terminals. That would take some time. Until that happens, the Verifone terminals affected will be completely unavailable for all payment methods.
Cash card stolen: You must do this immediately!
Those H5000 terminals that are still working should never be unplugged or turned off. The devices should also not be restarted and the network connection must be maintained.
The financial service provider Concardis is trying to at least partially defuse the problem by replacing the card payment terminals.
The Verifone H5000 terminals are mainly used in Germany. According to the Tagesschau, however, the corresponding type only accounts for a small proportion of all devices used in Germany.
Customers should know that
Important for customers who cannot pay with their debit or credit card at the checkout: Your card is fine and does not need to be replaced. The POS network operators are also not responsible for the disruption, as emphasized by the Federal Association of Electronic Cash Network Operators. The reason for the disruption in cashless payment lies exclusively with the Verifone terminals.
Aldi Süd, Lidl and the Rewe Group (Rewe, Penny, Toom Baumarkt) should not be affected by the problem, as reported by WDR.