ms1969
03-05-2008, 12:52 PM
Not sure if this would be considered DSS, PABP, or neither - and not sure how to search the existing archives for something like this.
I am a hardware engineer for a large manufacturer of various POS kiosks. I have no prior experience with PCI compliance - the bulk of that normally falls to our separate software group. However, one of my requirements is to expose various connections to the consumer to plug in a device - such as via USB.
Someone had suggested to me a while back that exposing ports into a kiosk in this way, particularly if the ports are connected to the system that does the transaction processing, is not PCI compliant. Does anyone have any knowledge of how the standards apply to this situation? Would it be different if the ports were exposed on a device on the same network, but not the system doing the transaction processing? One option is to have multiple PCs networked within the kiosk.
I am a hardware engineer for a large manufacturer of various POS kiosks. I have no prior experience with PCI compliance - the bulk of that normally falls to our separate software group. However, one of my requirements is to expose various connections to the consumer to plug in a device - such as via USB.
Someone had suggested to me a while back that exposing ports into a kiosk in this way, particularly if the ports are connected to the system that does the transaction processing, is not PCI compliant. Does anyone have any knowledge of how the standards apply to this situation? Would it be different if the ports were exposed on a device on the same network, but not the system doing the transaction processing? One option is to have multiple PCs networked within the kiosk.