hngopher.com

       [HN Gopher] FBI Raids Chinese Point-of-Sale Giant Pax Technology
       ___________________________________________________________________
        
       FBI Raids Chinese Point-of-Sale Giant Pax Technology
        
       Author : picture
       Score  : 42 points
       Date   : 2021-10-26 17:33 UTC (5 hours ago)
        
 (HTM) web link (krebsonsecurity.com)
 (TXT) w3m dump (krebsonsecurity.com)
        
       | bilkoo wrote:
       | Not sure about other places, but in Canada it seems most cannabis
       | stores use Pax
        
         | duskwuff wrote:
         | You may be confusing Pax Technology (paxtechnology.com) with
         | Pax (pax.com), a brand of cannabis vaporizers.
        
       | heratyian wrote:
       | "...PAX is now claiming that the investigation is racially and
       | politically motivated."
       | 
       | yikes
        
         | robbedpeter wrote:
         | No yikes. This is a standard response - deflect and deny when
         | caught. China is engaged in all sorts of cyber warfare, and
         | it's making hardware choice difficult. You have to scrub every
         | device, and even then you have to observe network traffic to
         | see if there are hidden systems trying to phone Beijing.
        
           | CyanBird wrote:
           | I don't know.... How can a competitor to Pax even know how
           | the Pax servers are being handled internally?
           | 
           | This seems out of the ordinary for this type of thing
           | investigation
        
             | tw04 wrote:
             | I don't follow? The accusation is that their point of sale
             | terminals were used as launching off points for attacks.
             | Why would someone need to know "how their servers are being
             | handled internally" to know an attack came from one of
             | their devices installed locally.
        
       | throwawaymanbot wrote:
       | Are we sure that China really are super advanced? Lol
       | 
       | Using POS terminals/connection as jumping points are they?
        
       | simfree wrote:
       | Pax had much better APIs for payment integration and was much
       | more friendly to developers than Verifone, Ingenico and other
       | merchant processing hardware manufacturers.
       | 
       | They were the equivalent of Ubiquiti in the pinpad space, when
       | they entered the US market small and medium businesses had little
       | choice besides them (or a much more expensive solution like
       | Square where you do not get to choose your payment processor and
       | pay dearly in fees) if they wanted to have a pinpad that showed
       | custom promotions as a wallpaper, asked for email/phone #, stored
       | cards for recurring payments, could change processors with a
       | hands off remote key injection.
       | 
       | For Point of Sale developers you either get to integrate with a
       | godawful middleware like Datacap or do a direct integration with
       | Ingenico or Verifone and a single payment processor, which
       | creates significant vendor lockin. Your only alternatives were
       | Pax and later Dejavoo offering simple APIs for semi-integrated
       | payments.
        
       ___________________________________________________________________
       (page generated 2021-10-26 23:02 UTC)