Skip to main content

πŸ’Ό 9.5.1 POI devices that capture payment card data via direct physical interaction with the payment card form factor are protected from tampering and unauthorized substitution.

Description​

Including the following:

  • Maintaining a list of POI devices.
  • Periodically inspecting POI devices to look for tampering or unauthorized substitution.
  • Training personnel to be aware of suspicious behavior and to report tampering or unauthorized substitution of devices.

Similar​

  • Sections
    • /frameworks/pci-dss-v3.2.1/09/09
    • /frameworks/pci-dss-v4.0.1/09/05/01

Similar Sections (Take Policies From)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό PCI DSS v3.2.1 β†’ πŸ’Ό 9.9 Protect devices that capture payment card data via direct physical interaction with the card from tampering and substitution.3
πŸ’Ό PCI DSS v4.0.1 β†’ πŸ’Ό 9.5.1 POI devices that capture payment card data via direct physical interaction with the payment card form factor are protected from tampering and unauthorized substitution.3

Similar Sections (Give Policies To)​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό PCI DSS v3.2.1 β†’ πŸ’Ό 9.9 Protect devices that capture payment card data via direct physical interaction with the card from tampering and substitution.3
πŸ’Ό PCI DSS v4.0.1 β†’ πŸ’Ό 9.5.1 POI devices that capture payment card data via direct physical interaction with the payment card form factor are protected from tampering and unauthorized substitution.3

Sub Sections​

SectionSub SectionsInternal RulesPoliciesFlags
πŸ’Ό 9.5.1.1 An up-to-date list of POI devices is maintained.
πŸ’Ό 9.5.1.2 POI device surfaces are periodically inspected to detect tampering and unauthorized substitution.1
Β Β Β Β πŸ’Ό 9.5.1.2.1 The frequency of periodic POI device inspections and the type of inspections performed is defined in the entity's targeted risk analysis.
πŸ’Ό 9.5.1.3 Training is provided for personnel in POI environments to be aware of attempted tampering or replacement of POI devices.