Credit Card Terminal Security Checklist (Quarterly) - PCI Compliance
Ensure PCI compliance & protect customer data! Download our free Credit Card Terminal Security Checklist for Retail businesses. Quarterly security audits made easy - reduce risk & avoid fines.
This Template was installed 4 times.
Physical Security of Terminals
Ensures terminals are physically protected from theft, tampering, and unauthorized access.
Terminal Location Security Assessment
Physical Security Controls in Place (Check all that apply)
Number of Terminals Locked/Secured
Notes on Physical Security Observations
Terminal Location (GPS Coordinates - If Applicable)
Terminal Mobility Risk Assessment
Software and Firmware Updates
Confirms terminals are running the latest approved software and firmware versions.
Last Firmware Update Date
Firmware Version Installed
Update Source Verification
If 'Other' selected above, please specify update source:
Software Version Installed
Upload Screenshot of Terminal Software Version (Optional)
Is Automated Update Enabled?
If automated updates are disabled, describe the manual update process:
Network Security & Connectivity
Verifies secure network connections and configurations for terminal communication.
Terminal Connection Type
Wireless Encryption Protocol (if applicable)
Firewall Rule Review Frequency (in days)
Description of any VPN configurations (if applicable)
Network Segmentation
Last Network Scan Date
Details of any network intrusion detection/prevention systems (IDS/IPS) in place
Public Wi-Fi Usage
Merchant Account & Configuration
Validates correct merchant account settings, PIN truncation settings, and other critical configurations.
Confirm Merchant Category Code (MCC) is Accurate
Confirm Maximum Transaction Limit (if applicable)
PIN Truncation Enabled?
Verify Correct MID(s) are Active
Document Any Merchant Account Configuration Changes
Is Address Verification System (AVS) Enabled?
Employee Training & Awareness
Confirms employee training covers secure card handling and terminal operation procedures.
Which of the following topics were covered in the employee's card terminal security training?
What is the employee's understanding of the importance of never leaving a terminal unattended?
Briefly describe the employee’s understanding of how to identify and respond to potential skimming devices.
Number of employees who received card terminal security training this quarter.
Date of employee's last card terminal security training.
Does the employee understand the policy on verifying cardholder identification?
Data Encryption & Tokenization
Reviews encryption methods used and verifies correct implementation of tokenization (if applicable).
Encryption Method Used (e.g., EMV, SSL/TLS, HCE)
Encryption Key Rotation Frequency (in days)
Is Encryption at Rest Implemented?
Description of encryption key management practices. (Who manages, storage, rotation process)
Is Tokenization Used for Sensitive Cardholder Data?
Tokenization Implementation Documentation (e.g., vendor agreements, configuration details)
Describe how cardholder data is protected during transmission (e.g., Transport Layer Security (TLS) version)
Terminal Configuration & Settings
Covers specific terminal settings and configurations that impact security.
Terminal Timeout (Idle Time) in Minutes
PIN Truncation Enabled?
Dual-Swipe/Chip Enabled?
ECR Integration Method (if applicable)
Maximum Transaction Amount Limit (if applicable)
Cardholder Verification Method (CVM) List Configuration
Notes/Comments Regarding Terminal Settings
Incident Response & Reporting
Ensures procedures are in place for reporting and responding to security incidents.
Date of Last Incident Response Drill
Briefly describe the incident response plan for card terminal compromise.
Who is responsible for initial incident reporting?
Estimated Time to Recover from a Compromised Terminal (in hours)
Which reporting entities are included in the incident response plan?
Describe the process for securing physical evidence following a suspected breach.
Method of documentation of incident details (e.g. paper log, electronic system)
Retail Management Solution Screen Recording
Streamline your retail operations with ChecklistGuro! This screen recording demonstrates how our Business Process Management (BPM) solution can simplify tasks, improve efficiency, and boost your bottom line. See how easy it is to manage orders, inventory, and more. #retailmanagement #bpm #checklistguro #screenrecording #retailtech #inventorymanagement #ordermanagement #retailoperations
Related Checklist Templates
Music Store Instrument Inventory Checklist Template
Pet Store Inventory Stock Level Checklist Template
Bookstore Inventory Reordering Checklist Template
Music Store Instrument Inventory Checklist
Furniture Store Inventory Damage Assessment Checklist
Pet Store Inventory Expiration Date Checklist
Bookstore Inventory Shrinkage Audit Checklist
Cart Corral Maintenance Checklist (Weekly)
Meat & Seafood Display Inspection Checklist (Daily) - Temperature, freshness, thawing
Fire Extinguisher Inspection Checklist (Annual/Bi-Annual)
We can do it Together
Need help with Checklists?
Have a question? We're here to help. Please submit your inquiry, and we'll respond promptly.