The business I work for uses an Equinox Optimum T4220 (hardware number 060001) in dial-out mode. I see two search results1 for "T4220" listed on the PCI SSC's website under Approved PIN Transaction Security (PTS) Devices2. These listings look similar to what we have, but
- come from other manufacturers
- have a hardware number in the 0630xx and up
I would like to determine whether or not this terminal violates the PCI DSS's requirements on storing cardholder data. I am concerned with requirements 3.2.1, 3.2.2, 3.2.3, and 3.4.
I am also concerned with cryptography and transmission as I have no way to detect violation of these rules either.
How can I determine whether or not a POS terminal negatively impacts this business' attempt to become compliant with the PCI DSS?
Aucun commentaire:
Enregistrer un commentaire