EasyManua.ls Logo

Square Contactless and Chip Reader - Automatic Tamper Response; Software development guidance; Encryption and key management

Square Contactless and Chip Reader
12 pages
Save Page as PDF
Print Icon
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Square Reader Security
Visible or tactile changes to the cable connections or card slot
Please contact Square Suppo at https://squareup.com/square-suppo if you discover any
evidence of external tampering.
Automatic Tamper Response
The Square Reader may identify ceain events as attempts to tamper with its operation and
alter its inner workings. If the Square Reader identifies a tamper event it will erase the
encryption key material it contains and become inoperable.
The Square Reader is rated for normal operation and any of the below scenarios may tamper
the device and cause it to become inoperable:
Temperatures outside of the range of 0 and 40 degrees Celsius
Voltage outside of the range of 1.6 and 3.9 volts
Any attempt to open/disassemble/take apa the Square Reader or access pas inside
The Square Reader is intended to be fully charged once a year. If the Square Reader’s primary
battery is fully discharged and left for more a year without a recharge it may become
inoperable.
The Seller can detect if a tamper event has occurred by connecting the Square Reader to an
approved mobile device with the Register application installed. Opening the Register
application will notify the Seller if the device has reached a tamper event.
If the Square Reader experiences one of the above tamper events, Square will reach out to the
Seller and communicate as appropriate how to return the Square Reader to Square for secure
disposal and replacement.
Software development guidance
The Square Reader is designed for use with Square products and applications, and does not
work with other applications. All code is developed, written, and managed by Square.
Square developers must refer to the Software Engineering and Vulnerability Management
Procedures when developing new software for Square Readers.
Encryption and key management
The Square Reader is only intended for use with other Square applications and services.
Square peorms all key management, key loading, and acquiring. Operating the device with
any other key loading, acquirer, or key management will render the device inoperable. In
addition, the use of the device with different key management systems will invalidate the PCI
approval of this device.
All of the cryptographic keys used by the Square Reader to protect the confidentiality and
© 2016 Square Inc. All Rights Reserved. Version 1.00 8

Related product manuals