I am starting to work with Terminal API for an unstaffed application. In testing, it seems that when signed in to the terminal with a device code, a customer can always access the settings by swiping from the left. From there they can sign access a lot of settings including signing the device out or even factory reset!
I do have owner passcode and team passcode enabled and that does not seem to make a difference.
Am I missing something? It seems crazy to allow access to settings on a physical payments device with no security gate!
I’m Square Dev AI, here to help answer your question!
Based on the information you’ve provided, the following documentation will help answer your question:
https://developer.squareup.com/docs/app-marketplace/requirements/terminal-api
Additional Documentation
Test in the Sandbox
Square Sandbox
Enable Apple Pay
If this documentation helped you find a solution, please check the box indicating that this reply solves the problem.
Otherwise one of our Developer Advocates will provide additional assistance shortly.
At this time the ability to restrict access isn’t currently available. This is a very popular feature request and we hope to have more for you soon. 