Clover Product Security FAQs
Securing your and your customers’ data is Clover’s top concern. This FAQ answers questions on how we secure your data, our software and hardware, certifications and our privacy policy
How secure is my data?
First Data’s Transarmor protects Clover devices throughout the entire transaction process. Your data is encrypted from the moment you dip, swipe, tap, sign or enter a PIN through transmission.
What are Clover’s product administration and management features?
The Clover Platform allows for tiered multi-level access permissions and multiple user logins with unique security access per user.
- Add and manage employees
- Set Passcodes, for users, groups, and roles
- Determine whether the employee is an Administrator, Manager, or Employee
- Restrict permissions as needed
- Set up each employee with a unique 4 or 6 digits Passcode
- Authenticate employee with their Passcode
What is Clover’s privacy policy?
Protecting your privacy is important to Clover. View our Privacy Policy at: http://help.clover.com/privacy-policy/
Is data encrypted?
Yes. Your data is secure. Clover uses two separate keys to encrypt and decrypt data.
How secure is Clover hardware?
Employee Access: You can add and manage employee access to any Clover device. Passcode entry enables only authorized employees to unlock and use the device. Unique 4-or 6-digits Passcodes, roles, and nicknames enable / restrict permissions as needed.
Payments: Your clients’ data is encrypted end-to-end in the transaction. Full-featured solution includes EMV chip cards, PIN entry, EMV contactless (NFC, Apple Pay, Android Pay), and swipe.
Tamper: Clover monitors and protects your devices from possible tampering. (see Clover Tampered Device FAQs)
How secure is Clover software?
Updates: Clover software is automatically updated on a weekly basis. 100% of our devices run on the latest version of software with antivirus / malware device standards in place.
Compliance: Clover Mobile software implements PCI security requirements for authenticated applications, checking the integrity and authenticity of the software. No external developers are permitted to touch unencrypted payment data.
Do third-party apps go through the same scrutiny as Clover apps?
All third-party apps are reviewed to ensure they perform as expected. In addition, all third-party developers building these apps undergo thorough checks prior to launching an approved app in the Clover App Market.
Are Clover devices PCI certified?
Yes. We are PCI PTS Certified.
Is my data backed up?
Clover cloud data centers are designed to be highly secure and continuously available. We have redundant servers located at separate sites with private direct connections for backup and recovery.
What tamper protection mechanisms are in place?
Clover devices come with sensors that are used to detect tampering, misuse, or harm of your device. (see Clover Tampered Device FAQs)
What else can I do to increase the security of my devices?
We suggest that you
- Use two-factor authentication (see Two-factor Authentication)
- Check for signs of tampering (see Clover Tampered Device FAQs)
- Enable Passcodes (see Enable / Disable logging into without a Passcode)
What should I do if I believe there is a security issue with my Clover device?
If there is a security issue with your Clover device, please email security@clover.com and include a detailed report of how the product is behaving or if any event occurred that raises your concerns.