The short answer is you need both or something equivalent. SSL is designed to protect data while it is in transit over the Internet or any LAN/WAN. 3DES would be required to store the data in the terminal.

In your pro's and con's you mentioned a con that SSL is difficult to configure but failed to mention a con about a secure 3DES key management.

Technically, SSL is an asymmetric encryption algorithm meaning that the key used to encrypt is different than the key used for decryption (referred to as a public key & private key). This method by definition means that the key is not a security risk – no data will compromised should a hacker have his/her hands on the public key.

3DES on the other hand is a symmetric encryption algorithm meaning that the key used to encrypt is the same key used for decryption. This method means that your data is only as secure as your protection of the key. The problem is that the terminal needs the key to encrypt the data so you're caught in a catch-22. Tackling this problem is not a simple task.

If I have time, I'll try to add more later on this topic…