User Manual

M600 Security Overview ---Last revised 11-Sep-18

M600 Security Overview

Physical - Inside Locked Compartment

Port

Description

Network

Ethernet connection to the store network.

Microsoft Firewall is enabled as follows:

• Block all incoming ports, except ping

• Block all outbound ports from all applications, except the EFI client

applications

WiFi and Bluetooth are not present.

Copier

Foreign Interface connection, used for copy interface to the MFP.

Client

Additional Ethernet connection, used only for ‘direct printing’ where the printer is

connected directly to this Ethernet port.

USB1/USB2

Allows certified card terminals only. Additional USB devices are disabled within

the OS.

Serial

RS-232 port, used for copy with Vendor 2 interface only.

Payment security

The M600 device processes credit cards using a validated point-to-point encryption (P2PE) solution. A P2PE

solution is defined by the PCI Security Standards council as follows:

“A combination of secure devices, applications, and processes that encrypt cardholder data from a PCI-

approved point-of-interaction (POI) device through to decryption, assessed in accordance with PCI’s P2PE

standard and included on PCI’s list of Validated P2PE Solutions.”

The M600 uses as its POI a card terminal that is PCI PTS certified, ensuring secure data management and

secure electronic transactions. The card terminal encrypts credit card data when the card is inserted or

swiped, and the data remains encrypted until it reaches the P2PE solution provider’s gateway for processing.

The M600 does not require PA-DSS validation.

References:

https://www.pcisecuritystandards.org/documents/P2PE_At_a_Glance_v2.pdf

https://www.pcisecuritystandards.org/documents/P2PE_Program_Guide_v2.0.pdf

https://www.pcisecuritystandards.org/documents/PCI_PED_General_FAQs.pdf

PCI P2PE Glossary of Terms, Abbreviations, and Acronyms Version 2.0, published by the PCI Standards Council, June 2015