• Smart PayPhone
  • Android SmartPOS
  • Android SmartTablet
  • Integrated SmartECR
  • Unattended Payment
  • Facial Recognition
  • Classic POS
  • Industrial PDA

PAX Vulnerability Disclosure Program

Purpose

PAX Technology is truly dedicated to protecting data safety and security. This expanded program is intended to give security researchers terms and conditions for conducting vulnerability discovery activities directed at publicly accessible related department at PAX, including any product, system, or asset belonging discovered vulnerabilities. We're committed to ensuring the safety and security of our systems, products, services, and customers. If questions arise, please take no action until that action is discussed with the VDP lead at PAX.

Submitting a Report

Please provide a detailed summary of the vulnerability, including type of issue, product, version, and configuration of software containing the bug. You shall be aware that you cannot compromise the privacy or safety of our customers and the operation of our services. Such activity will be treated as illegal. We support acts taken in good faith to discover and report vulnerabilities and commit to working with you to understand, confirm, and appropriately solve the vulnerability.

Submission Instructions

If you would like to disclose a vulnerability to PAX, send a report to VulnerabilityDisclosure@paxsz.com with the word [VULNERABILITY] in the subject line. However, it is important that the email contains the following information:

  • Subject line [VULNERABILITY]
  • Summary of the vulnerability, including type of issue; product, version, and configuration of software containing the bug
  • Steps to Reproduce
  • Any attachments or proof of concept material