To ensure the confidentiality of customers’ credit card data and to prevent misuse of their credit card accounts, please observe the following recommendations:
For agency administrators/supervisors:
Ensure that the mobile POS device is protected by a secure PIN code and configure the device to self-lock when not in use.
Ensure that operating system updates and security patches are installed in a timely manner.
Do not root or jailbreak the mobile POS device or install any unauthorized applications.
Do not uninstall the app until it is confirmed that all offline orders have been processed, otherwise pending orders made in offline mode might be lost.
Only connect to a secure, WPA/WPA2 password-protected Wi-Fi network or a trusted cellular data network. For more information about Wi-Fi network security, please see Tips for Using Public Wi-Fi Networks.
Disable any unused wireless interfaces (such as Bluetooth or Cellular) on the mobile POS device.
Restrict access to the mobile POS device to only authorized personnel.
For ACTIVE POS app users:
Do not leave the mobile POS device unattended or allow unauthorized personnel to use it.
Do not disclose the mobile POS device PIN code.
Lock the mobile POS device when it is not in use.
Do not uninstall the app, otherwise pending orders made in offline mode might be lost.
Do not install any unauthorized applications on the device.
Do not connect any unauthorized peripherals to the device.
Do not connect the device to any unauthorized wireless networks.
Cardholder information (such as name, address and card details) must be treated as confidential and must not be divulged to anyone.
If the device has been accessed by unauthorized persons or is lost, report this immediately to your supervisor.
