💼 9.9 Protect devices that capture payment card data via direct physical interaction with the card from tampering and substitution.
- ID:
/frameworks/pci-dss-v3.2.1/09/09
Description
These requirements apply to card-reading devices used in card-present transactions (that is, card swipe or dip) at the point of sale. This requirement is not intended to apply to manual key-entry components such as computer keyboards and POS keypads.
Similar
- Sections
/frameworks/pci-dss-v4.0/09/05/01
- Internal
- ID:
dec-c-a5724c5b
- ID:
Similar Sections (Take Policies From)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 PCI DSS v4.0 → 💼 9.5.1 POI devices that capture payment card data via direct physical interaction with the payment card form factor are protected from tampering and unauthorized substitution. | 3 | 1 | no data |
Similar Sections (Give Policies To)
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 PCI DSS v4.0 → 💼 9.5.1 POI devices that capture payment card data via direct physical interaction with the payment card form factor are protected from tampering and unauthorized substitution. | 3 | 1 | no data |
Sub Sections
| Section | Sub Sections | Internal Rules | Policies | Flags | Compliance |
|---|---|---|---|---|---|
| 💼 9.9.1 Maintain an up-to-date list of devices. | 1 | no data | |||
| 💼 9.9.2 Periodically inspect device surfaces to detect tampering, or substitution. | no data | ||||
| 💼 9.9.3 Provide training for personnel to be aware of attempted tampering or replacement of devices. | no data |
Policies (1)
| Policy | Logic Count | Flags | Compliance |
|---|---|---|---|
| 🛡️ Google Cloud Asset Inventory API is not enabled🟢 | 1 | 🟢 x6 | no data |