manualshive.com logo in svg

Square Contactless and Chip Reader, Manual

Share
Download
Square Contactless and Chip Reader Manual Download Page 7

Square Reader Authentication and Use

Authentication of the Square Reader

Upon receipt, the operator can connect the Square Reader to the USB hub of the Square
Stand. The Square Reader is cryptographically authenticated to both the Register application
and Square back-end servers. If the Square Reader is valid, it will register as such with the
Square Register application. If the operator has received an unauthorized reader, the Square
Register application will indicate the reader cannot be used with the application. The user
does not have configurable application or Reader settings for the authentication function.

Using the Square reader

How to obtain a Square Reader

The Square Reader may be obtained either via the Square website or via an approved retail
location. The Square Reader is ready for use upon receipt. (The Seller should verify that
Square offers payment processing in their country.) To use, simply remove the Square Reader
from the packaging and connect to a USB port of the Square Stand. The Square Reader
should authenticate itself to the Square Register application and operation can continue.

Attributes of a Square Reader

The Square Reader has the following approval classes: Secure Card Reader (SCR), Secure
Read and Exchange of Data (SRED), Integrated Chip Card Reader (ICCR). The Square Reader
is intended for use in environments with attended payments; it is not intended for use as an
unattended payment terminal (UPT).

How to store a Square Reader

To store the Square Reader simply remove it from the Square Stand USB port and store for
next use. In the event the Seller will not use the Square Reader for more than twelve (12)
months at a time, be sure to charge the Square Reader prior to storage and periodically to
preserve its readiness.

Procedures for using a Square Reader

It is important that each day or before use the Seller check the Reader to make sure it has not
been tampered with between uses. This can be easily done by looking at the chip card slot to
verify there are no foreign objects such as capture devices, card skimmers, extra wires/cables
or other materials.

The Square Register application will convey operational messages from the Reader including
when the device is ready for payment and when a payment data capture is complete. The
Square Reader has no user-configurable security options.

Security Self-Tests

In addition to the continual tamper detection and response, the Square Reader authenticates
the firmware and terminal configurations using RSA 3072/SHA-256 every time it is powered

© 2016 Square Inc. All Rights Reserved.

Version 1.00

5

Summary of Contents for Contactless and Chip Reader

Page 1: ...Contactless and Chip Reader PCI Compliance Policy and Procedures Version 1 00 ...

Page 2: ...Table of Contents 01 Introduction 05 Square Reader Authentication and Use 07 Square Reader Security 10 Version History ...

Page 3: ...r use by merchants in many industries for accepting card present payment transactions The Reader only works with the Square Register application and a compatible mobile device1 running in a Square Stand https squareup com stand There is no configuration required other than to verify that the Reader is fully powered and connected via a USB port to the Square Stand Installation and inspection Sellers...

Page 4: ...Introduction Isometric top down view Front view 2016 Square Inc All Rights Reserved Version 1 00 2 ...

Page 5: ...Introduction Side view Back view 2016 Square Inc All Rights Reserved Version 1 00 3 ...

Page 6: ...Introduction 2016 Square Inc All Rights Reserved Version 1 00 4 ...

Page 7: ... classes Secure Card Reader SCR Secure Read and Exchange of Data SRED Integrated Chip Card Reader ICCR The Square Reader is intended for use in environments with attended payments it is not intended for use as an unattended payment terminal UPT How to store a Square Reader To store the Square Reader simply remove it from the Square Stand USB port and store for next use In the event the Seller will...

Page 8: ...for decommissioning Square Inc Reader Decommissioning 1455 Market St Suite 600 San Francisco CA 942103 USA How to review the hardware and firmware version A Square Seller can confirm the hardware version by physical inspection as described above In addition the Seller can confirm the hardware and firmware version via the Support Readers screen of the Square Register application The PCI approved firmwar...

Page 9: ... the Square Reader If the primary battery is entirely discharged the backup battery will maintain tamper detection of the device for one year If the Square Reader is not fully charged annually it will enter into a tampered state and become inoperable Common use and recharging of the primary battery will prevent the Square Reader from entering a tampered state For infrequent or seasonal users of th...

Page 10: ...ader to an approved mobile device with the Register application installed Opening the Register application will notify the Seller if the device has reached a tamper event If the Square Reader experiences one of the above tamper events Square will reach out to the Seller and communicate as appropriate how to return the Square Reader to Square for secure disposal and replacement Software development...

Page 11: ...re s key provisioning equipment authenticates incoming readers Square Readers entering the key provisioning stage authenticate the key bundles received as having originated from Square s factory key provisioning module The Square Reader does not accept keys from any entity other than the factory provisioning module Using the Square proprietary protocol the cryptographic keys are injected into new ...

Page 12: ...Version History Version Change description 1 00 Initial release 2016 Square Inc All Rights Reserved Version 1 00 10 ...

Reviews:

No comments

Brands by name

Popular brands

Load more brands