Square Contactless and Chip Reader, Руководство пользователя

Страница: 10 / 12

Square Reader Security
• Visible or tactile changes to the cable connections or card slot
Please contact Square Support at https://squareup.com/square-support if you discover any
evidence of external tampering.
Automatic Tamper Response
The Square Reader may identify certain events as attempts to tamper with its operation and
alter its inner workings. If the Square Reader identifies a tamper event it will erase the
encryption key material it contains and become inoperable.
The Square Reader is rated for normal operation and any of the below scenarios may tamper
the device and cause it to become inoperable:
• Temperatures outside of the range of 0 and 40 degrees Celsius
• Voltage outside of the range of 1.6 and 3.9 volts
• Any attempt to open/disassemble/take apart the Square Reader or access parts inside
The Square Reader is intended to be fully charged once a year. If the Square Reader’s primary
battery is fully discharged and left for more a year without a recharge it may become
inoperable.
The Seller can detect if a tamper event has occurred by connecting the Square Reader to an
approved mobile device with the Register application installed. Opening the Register
application will notify the Seller if the device has reached a tamper event.
If the Square Reader experiences one of the above tamper events, Square will reach out to the
Seller and communicate as appropriate how to return the Square Reader to Square for secure
disposal and replacement.
Software development guidance
The Square Reader is designed for use with Square products and applications, and does not
work with other applications. All code is developed, written, and managed by Square.
Square developers must refer to the Software Engineering and Vulnerability Management
Procedures when developing new software for Square Readers.
Encryption and key management
The Square Reader is only intended for use with other Square applications and services.
Square performs all key management, key loading, and acquiring. Operating the device with
any other key loading, acquirer, or key management will render the device inoperable. In
addition, the use of the device with different key management systems will invalidate the PCI
approval of this device.
All of the cryptographic keys used by the Square Reader to protect the confidentiality and
© 2016 Square Inc. All Rights Reserved. Version 1.00 8