POS-n-go Android POS Manual

The information on this page provides general guidance when using a wired Nuvei payment terminal connected to a POS-n-go router. Your implementation may be different. POS-n-go Solutions Inc. does not accept any responsibility or liability for the accuracy, content, completeness, legality, or reliability of the information contained on this website. No warranties, promises and/or representations of any kind, expressed or implied, are given as to the nature, standard, accuracy or otherwise of the information provided in this website nor to the suitability or otherwise of the information to your particular circumstances.

PCI Toolkit Help

For additional information contact support@pcitoolkit.com or 855-251-0151.

PCI Toolkit Login

  1. Visit https://nuvei.pcitoolkit.com/version3
  2. Login using either the temporary credentials mailed to you or your updated permanent credentials.
  3. Select Start.

Information

  1. Confirm your business contact information.
  2. Select your type of business (example Retailer) and Card-Present for transaction processing.
  3. Select the Stand Alone Terminal.
  4. Select No for specialized terminal.
  5. Select Network Cable, Ingenico, and your terminal model ICT250.
  6. Select No to storing credit card data electronically.
  7. Select No to processing on behalf of other merchants.
  8. Select No to payment applications.
  9. Select No to sharing card holder data.
  10. Select Yes to network segmentation if your payment terminal is connected to a POS-n-go router which enhances security.

Questionaire

  1. Select No to a written policy for credit card information. One will be provided.
  2. Select No to a written policy for administrative accounts. One will be provided.
  3. Select Yes to a separate password for each person.
  4. Select No to remote access.
  5. Select No to printed mterial with credit card data.
  6. Select No to an awareness training program. One will be provided.
  7. Select Yes to vendor supplied passwords changed.
  8. Select No to web based administrative access.
  9. Select Yes to prohibit storage of full contents of track data.
  10. Select Yes to prohibit storage of card security code.
  11. Select Yes to prohibit storage of PIN.
  12. Select Yes to terminal software up to date.
  13. Select Yes to restrict credit card numbers printed.
  14. Select Yes to strong cryptography.
  15. Select Yes to restrict access to minimum people.
  16. Select No to a written policy for employee logging of access. One will be provided.
  17. Select No to a written policy for managing policies. One will be provided.
  18. Select Yes to a policies reviewed every year.
  19. Select No to a written policy for incidents. One will be provided.
  20. Select No to a written policy for hardware and software. One will be provided.
  21. Select No to a written policy for acceptable use of devices. One will be provided.
  22. Select No to a written policy for firewalls. One will be provided.
  23. Select Yes to a network diagram.
  24. Select Yes to a firewall required and implemented.
  25. Select Yes to the firewall configuration denying traffic.
  26. Select Yes to the IP traffic limited within DMZ.
  27. Select Yes to the firewall dynamic packet filtering.
  28. Select Yes to the firewall restricted traffic.
  29. Select Yes to the removal of unnecessary functionality.
  30. Select Yes to insecure services identified.
  31. Select Yes to systems and components on the internal network.
  32. Select No to a scan performed yet, no passing documentation in possession.
  33. Select Yes to all systems up to date.
  34. Select Yes to a process to identify security vulnerabilities.
  35. Select Yes to a wireless network.
  36. Select No to a written policy for wireless access. One will be provided.
  37. Select Yes to a wireless network implementation requirements.
  38. Select Yes to a perimeter firewall.
  39. Select Yes to WPA encryption.
  40. Select Yes to an inventory of wireless access points.
  41. Select No to a written policy for physical security. One will be provided.
  42. Select Yes to public network jack access restricted.
  43. Select Yes to a list of terminal devices.
  44. Select Yes to inpection of terminal devices.
  45. Select No to devices that connect with SSL.
  46. Select Yes to contractually require third parties.
  47. Select Yes to a list of PCI DSS requirements.
  48. Select Yes to reading the PCI DSS specification.
  49. Select Yes to isolating equipment.
  50. Select Yes to PCI DSS scope.
  51. Select Yes to penetration covers all conduits.
  52. Select Yes to penetration vefifies segmentation.
  53. Select No to implementation after Jan 1, 2017.

Tasks

  1. Download, review and implement all the policies in the tasks list. Mark as completed when done.
  2. Schedule a network scan using the 403Labs tool in the dashboard. Mark as completed when passed.
  3. Sign your name and position to attest to the successful PCI completion in step 5 in the dashboard.
  4. Download and read the PCI DSS specification: PCI_DSS_v3-2.pdf
  5. The 11 policies from the tasks list are also available here: pci_policies.zip