|
|
|
|
|
|
by fayez
4244 days ago
|
|
|
First things first; the card data is encrypted on read and the device will soon be PCI certified. So none of the card data will be accessible to anyone on the device. The transaction data (amounts, items, transaction statuses, etc) is managed by the PoyntOS (owned by Poynt). That data has the necessary authentication and authorization around it to prevent just anyone with the device from having access to it. Only a merchant user logged into the app and with the appropriate level of privilege will be able to access the data. Finally, 3rd party applications will go through a strict vetting process and will be signed. Therefore, it will not be possible for some fake app to work on the device. Also, PCI requires us to constantly monitor the installed application for any kind of tamper. |
|
|