Skip to the main content.
Contact
Contact

1 min read

Why POI Tamper Inspections are so Important

Why POI Tamper Inspections are so Important

It is amazing to see how many organizations take things for granted in their environment. In the video below, you can see a skimmer device installed in a retail location. The attendant was distracted for less than 20 seconds and the card skimming device was in place in 5 seconds. No special tools or techniques were required. The device is mounted to a stand which should, for all intents and purposes, be secure from theft or direct tampering but not an overlay.

Video from Inside Edition: https://youtu.be/5b1axnNK-wI

Sometimes the simplest processes like inspecting a device before use, can go a long way to ensuring thieves do not compromise your environment. Without a proper inspection procedure, this device may be in place for months before anyone were to notice.

PCI DSS Requirement 9.9 requires anyone with a POI device such as a pin pad to ensure that they have appropriate procedures to inspect devices to help detect tampering. This should apply to all devices whether or not it is a traditional counter-top device or a mobile device.

In your environment, how many times is an employee distracted and may leave their register or POI device unattended? Would they notice the change in the POI device? And lastly, have you ever considered testing staff in your retail locations to see how long it would take to notice?

Originally article: https://www.linkedin.com/pulse/why-poi-tamper-inspections-so-important-robert-spivak

PCI DSS V3.2 Is Almost Here!

PCI DSS V3.2 Is Almost Here!

The PCI Security Standards Councils confirmed last week that the updated version of PCI DSS (v3.2) will be released at the end of April 2016. The...

Read More
What's the minimum I need to do for PCI?

What's the minimum I need to do for PCI?

As we complete the 3rd hour of the meeting discussing PCI scope, the customer turns to me and asks, “So what’s the minimum that I need to do to pass...

Read More
Just like spring - a new version of PCI DSS will come early this year!

1 min read

Just like spring - a new version of PCI DSS will come early this year!

Last week the PCI Standards Council commented on the upcoming DSS 3.2 update and what it means for the rest of 2016. Ever since the sunset of SSL...

Read More