PCI-DSS Certification Information

Customers often inquire if the Lilitab Swipe product is "PCI certified".  For a retail business, such certification is normally awarded to the entire system (everything that touches card data) and the surrounding processes.  As such, a certification review is based upon numerous internal and external factors and certification is not typically awarded to individual pieces.  Imagine a chain, made of many links.  These links represent items such as servers, networks, storage systems, and security policies, as well as the Lilitab product.  In a review process, each link is examined – and must pass – but it is the chain which is normally awarded the certification.  

The Lilitab encrypted card swipe product is simply a “link in the system chain”, and is not an individually certified unit.  That said, the Lilitab product should not obstruct an overall system PCI certification review - in fact, it may very well assist in your certification process by reducing the scope of a full PCI review.

The significant review points for the Lilitab encrypted swipe products are:

  • Encryption occurs inside the reader unit at the time of swipe. 
  • Personally Identifiable Information (“PII”), and other raw data, is neither transmitted or stored within the Lilitab product.
  • The reader unit utilizes industry standard encryption methodology (3DES) and dynamic keys (DUKPT).
  • The reader unit interior is not accessible to normal physical traffic or customer handling,
  • There is no ability to turn off or suspend the encryption process,
  • Lilitab only utilizes industry approved and registered encryption keys.

The above points typically place Lilitab products as a "non-factor" for overall PCI consideration.

The component manufacturer states: "Other devices claim to encrypt data in the reader. The (reader) encrypts the data inside the read head, closest to the magnetic stripe and offers additional security layers with immediate tokenization of card data and …card authentication. This layered approach to security far exceeds the protection of encryption by itself, decreases the scope of PCI compliance, and reduces fraud". 

Non-Encrypted Reader: The Lilitab non-encrypted reader properly reads and conveys card magnetic data – the difference is the data is transmitted in raw form.  Non-encrypted card readers are therefore not PCI-DSS friendly, nor well suited in retail environments where customer credit card security is mandatory.  However, if your card swipe commerce does not contain PII, or have other security requirements, then an unencrypted reader may well fit your business requirements.  Additionally, a non-encrypted reader is recommended for testing and application development purposes.

For additional Lilitab product technical details, please contact the Lilitab support desk at (888) 705 0190 extension 2.  


image is not available

Adam has been designing self-service kiosks for over 25 years. He founded lilitab to leverage tablet technology to help businesses install digital touch-points to increase revenue.

Adam managers the strategic, financial, and operational management of the company.

image is not available

For the past 20 years, Bryan has been developing innovative products, both in technical and leadership roles. Prior to joining lilitab in 2012, he served as Director of Engineering for SpeckDesign in Palo Alto.

At lilitab, Bryan oversees all aspects of product development.

image is not available

Michael has more than 25 years of sales and executive management experience, growing and scaling emerging technology companies. He was the VP of Sales and Marketing for friendlyway AG, a pioneer and leader in the kiosk and digital signage industry.

At lilitab, Michael is responsible for new business development.

image is not available

John has been hands-on in the tech industry for over 25 years, working in multi-tier object oriented, distributed systems with extensive experience in web-based technologies and a proven record of providing integrated solutions. Prior to joining lilitab, he has worked in various sectors including banking, health insurance, utility sector, eDiscovery, finance and consulting.

image is not available

Adriana manages all aspects of the day-to-day operations at Lilitab’s facilities. She coordinates shipping and receiving, supervises warehouse staff, monitors inventory and manages customer service at Lilitab. Karkkanen holds a Master’s degree in social marketing from Sonoma State University and she continues to use her training to shape Lilitab’s highly praised customer service experience.