ATM/POS Network Security Compliance Reviews

• Does your financial institution drive the processor's ATM/POS devices?
• Does your financial institution do PIN validation?
• Does your financial institution load the keys/key components?

If you answered yes to any of these questions, you are required to have an ATM/POS Network Security Compliance review. Security compliance reviews are required by the networks to insure that guidelines are followed by financial institutions that own, operate or control terminals, or are direct or indirect processors. These reviews are required every other year, with annual security compliance affirmations required in the non-review year. The review includes documenting the flow of PIN's, PIN blocks, and Encryption Keys from the processors through the ATM/POS to the network, including key storage and loading in the ATM/POS devices. Procedures insuring proper PIN and key security are reviewed and processes are observed for compliance with the procedures.

 

A qualified auditor who has completed a course in network security compliance for PIN and key management must do the network security compliance review. Witt Mares has qualified staff that can perform the compliance review and report the findings to the appropriate networks.

 

For more information or to request a written proposal to complete the compliance review for your institution, contact Jim Poti at (804) 323-0022.