Clover point of sale HTTPS security concern - Techist - Tech Forum

Go Back   Techist - Tech Forum > Security | Computer, Devices, Software and Systems > General Security Topics
Click Here to Login
Reply
 
Thread Tools Display Modes
 
Old 12-30-2016, 10:12 PM   #1 (permalink)
Newb Techie
 
Join Date: Dec 2016
Location: USA
Posts: 2
Default Clover point of sale HTTPS security concern

Have a client who failed a PCI security audit through Bank of America due to Clover point of sale login credentials being transmitted in plain text. Needs to be switched over to HTTPS.

This is a small business and I'm walking in blind to the problem. Don't even think they have a business class ISP plan. Just a simple modem/router setup. So I doubt there are many options to address this via firewall settings, nor should that even be required given this product is marketed to mom and pops.

Their customer support has been of limited help and they have scant support documentation.

Anyone have experience with Clover POS products that could offer some advice?
__________________

equalmenace is offline   Reply With Quote
Old 12-31-2016, 10:55 AM   #2 (permalink)
Grandfather of Techist

¯\_(ツ)_/¯
 
Trotter's Avatar
 
Join Date: Jan 2005
Location: The South
Posts: 31,121
Default Re: Clover point of sale HTTPS security concern

I work for a company that sells and supports cash registers and POS, but we handle ISS45, IBM ACE, and Scanmaster. I am totally unfamiliar with Clover POS. I work in the field and not in support, but I do know that getting a system PCI compliant is a real PITA. I would say to contact my company but I doubt they would give advice but would probably try to sell them our system/services.

Are they through Fist Data? What pinpads are they using?
__________________

__________________


My Rig: SABLE
Antec 300 Illusion / Antec EarthWatts EA650 650W / ASUS GeForce GTX 960 GTX960-DC2OC-2GD5
AMD FX 8320 x8 Black Edition / Gelid Tranquillo / MSI 970A-G43
Sandisk Ultra Plus 128GB / Samsung 840 120GB / WD Black 750GB / WD Green 1TB
2x4GB DDR3 1600 - 2x2GB DDR3 1600
Win10 Ent 64-bit - Func MS3 Mouse - CM Storm QuickFire Rapid Mech Keyboard


R.I.P. Danny L. Trotter ... 14 Nov 1945 - 4 Sept 2009
Trotter is online now   Reply With Quote
Old 12-31-2016, 12:13 PM   #3 (permalink)
Newb Techie
 
Join Date: Dec 2016
Location: USA
Posts: 2
Default Re: Clover point of sale HTTPS security concern

I don't think they're through First Data and that's the first time I've heard of the company. Here's Clover's business page: https://www.clover.com/

The POS device is actually a modified android tablet with a card slide reader, so there's no pin pad or anything of that nature.

I appreciate the reply. It's an unusual problem for me and I haven't received much feedback from anyone I've asked, including Clover.
equalmenace is offline   Reply With Quote
Old 12-31-2016, 01:45 PM   #4 (permalink)
Grandfather of Techist

¯\_(ツ)_/¯
 
Trotter's Avatar
 
Join Date: Jan 2005
Location: The South
Posts: 31,121
Default Re: Clover point of sale HTTPS security concern

https://www.clover.com/get-paid/security

The details are skimpy but it looks like they need to up their service to Clover Security Plus. The very first bullet point is PCI compliance. I understand that they are just a mom and pop shop but non-compliance will sink them in a heartbeat should there be a data breach. There is basically nothing you can do yourself to get them compliant unless their hardware is not up to snuff, but the Clover system looks to be new enough to be up to the task outside of additional services needed to pull it off.
__________________


My Rig: SABLE
Antec 300 Illusion / Antec EarthWatts EA650 650W / ASUS GeForce GTX 960 GTX960-DC2OC-2GD5
AMD FX 8320 x8 Black Edition / Gelid Tranquillo / MSI 970A-G43
Sandisk Ultra Plus 128GB / Samsung 840 120GB / WD Black 750GB / WD Green 1TB
2x4GB DDR3 1600 - 2x2GB DDR3 1600
Win10 Ent 64-bit - Func MS3 Mouse - CM Storm QuickFire Rapid Mech Keyboard


R.I.P. Danny L. Trotter ... 14 Nov 1945 - 4 Sept 2009
Trotter is online now   Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Clover 2: Another Multitab Explorer Program KSoD Tips, Tricks & Tutorials 1 11-28-2012 09:56 AM
'Intel 'Clover Trail' Atom processors won't support Linux' danhodge Linux and Open Source 3 09-18-2012 08:36 AM
SSD Security Concern Experts Osiris New Technology and Products 1 08-23-2008 06:35 PM
Point-to-Point Protocol over Ethernet jesspren6 Computer Networking and Internet Hardware 4 03-09-2007 07:33 AM
Point to Point T1 SooprmanX Monitors, Printers and Peripherals 3 10-10-2003 02:38 PM


Our Communities

Our communities encompass many different hobbies and interests, but each one is built on friendly, intelligent membership.

» More about our Communities

Automotive Communities

Our Automotive communities encompass many different makes and models. From U.S. domestics to European Saloons.

» More about our Automotive Communities

Marine Communities

Our Marine websites focus on Cruising and Sailing Vessels, including forums and the largest cruising Wiki project on the web today.

» More about our Marine Communities


Copyright 2002- Social Knowledge, LLC All Rights Reserved.

All times are GMT -5. The time now is 02:42 PM.


Powered by vBulletin® Version 3.8.8 Beta 1
Copyright ©2000 - 2017, vBulletin Solutions, Inc.