From the 30th June 2015 it becomes mandatory to physically protect payment terminals and PIN pads at Point of Sale. Any business taking ‘card present’ payments has to comply with the PCI Data Security Standards and requirement 9.9 is now in full force.
Non-compliance opens up businesses to the risk of fines of up $200,000 in the event of a data breach, a sobering prospect for any organisation. And breaches are relatively frequent: in 2014, according to Verizon there were a total of 79,720 security incidents across 61 countries with 2,122 confirmed data losses. The major card brands have systems in place to report suspected data security breaches, they deploy PCI Forensic Officers (PFOs) and impose fines.
So, what is the best way to ensure your Point of Sale is physically secure? The answer is a secure, lockable, card payment machine stand. It’s important to ensure that not only is the stand itself securely mounted onto the counter top, but that the back of the payment terminal is also protected.
Pro-active Risk Management
Mounting payment terminals at Point of Sale not only helps with achieving compliance for PCI DSS requirement 9.9, it also meets requirements for a certified P2PE solution. it’s a pro-active way to manage risk and to ensure that a major vulnerability – the point of interaction – is secured.
If the stand is fully secure, the payment terminal is locked in place and cannot be stolen by criminals. Cables are routed out of sight down the pole mount and are inaccessible for criminals trying to tap into the retailer’s network. If a high quality stand solution like Tailwind’s FlexiPole is chosen, the bespoke back plate or PEDPack, designed to specifically fit each terminal type, prevents criminals accessing SIMS and SAMs at the back of the machine with chipping or skimming technology – they just can’t reach the delicate electronics to tamper with them.
So, it’s worth remembering that physically securing payment terminals and PIN pads using Tailwind’s FlexiPole system not only ensures compliance with PCI DSS requirement 9.9 but also has a number of other advantages:
- Stops theft of expensive payment technology
- Prevents skimming, chipping and criminal interference
- Prevents cable damage, the most common reason terminals stop working
- Forms part of an approved P2PE solution, the ‘gold standard’ for customer data protection
- MasterCard recommends plastic Point of Sale stands for contactless terminals [link to article on contactless, see below)
Make sure you and your customers are ready for the deadline and contact Tailwind today.
And just in case you need an extra reminder, we’ve summarised everything you need to know in our handy PCI DSS Infographic: