πΌ 9.9 Protect devices that capture payment card data via direct physical interaction with the card from tampering and substitution.
-
Contextual name: πΌ 9.9 Protect devices that capture payment card data via direct physical interaction with the card from tampering and substitution.
-
ID:
/frameworks/pci-dss-v3.2.1/09/09 -
Located in: πΌ 9 Restrict physical access to cardholder data
Descriptionβ
These requirements apply to card-reading devices used in card-present transactions (that is, card swipe or dip) at the point of sale. This requirement is not intended to apply to manual key-entry components such as computer keyboards and POS keypads.
Similarβ
- Sections
/frameworks/pci-dss-v4.0/09/05/01
- Internal
- ID:
dec-c-a5724c5b
- ID:
Similar Sections (Take Policies From)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ PCI DSS v4.0 β πΌ 9.5.1 POI devices that capture payment card data via direct physical interaction with the payment card form factor are protected from tampering and unauthorized substitution. | 3 |
Similar Sections (Give Policies To)β
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ PCI DSS v4.0 β πΌ 9.5.1 POI devices that capture payment card data via direct physical interaction with the payment card form factor are protected from tampering and unauthorized substitution. | 3 |
Sub Sectionsβ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|---|---|---|---|
| πΌ 9.9.1 Maintain an up-to-date list of devices. | ||||
| πΌ 9.9.2 Periodically inspect device surfaces to detect tampering, or substitution. | ||||
| πΌ 9.9.3 Provide training for personnel to be aware of attempted tampering or replacement of devices. |