Nets logoPCI Secure Software Standard
Cov neeg siv phau ntawv qhiaNets PCI Secure Software StandardNets Denmark A/S:
PCI-Secure Software Standard
Software Vendor Implementation Guide
Viking davhlau ya nyob twg 1.02.0
Version 1.2

Cov ntsiab lus zais
1 Taw qhia thiab Scope
2 Daim Ntawv Thov Kev Them Nyiaj Secure
3 Ruaj ntseg Tej thaj chaw deb Software Hloov tshiab
4 Ruaj ntseg tshem tawm cov ntaub ntawv rhiab heev thiab tiv thaiv cov ntaub ntawv khaws cia hauv daim npav
5 Authentication thiab Access Controls
6 Kev sau npe
7 Wireless Networks
8 Network Segmentation
9 Chaw taws teeb Access
10 Kev xa cov ntaub ntawv rhiab heev
11 Viking Versioning Methodology
12 Cov lus qhia txog Kev Ruaj Ntseg Txhim Kho ntawm Patches thiab Hloov Kho Tshiab.
13 Viking tso tawm tshiab
14 Cov kev cai tsis siv
15 PCI Secure Software Standard Requirements Reference
16 Glossary of Terms
17 Cov Ntaub Ntawv Tswj
18 Cov ntaub ntawv / Cov ntaub ntawv
18.1 Cov ntaub ntawv

Taw qhia thiab Scope

1.1 Kev Taw Qhia
Lub hom phiaj ntawm PCI-Secure Software Standard Software Vendor Implementation Guide yog muab cov neeg muaj feem nrog cov lus qhia meej thiab meej txog kev nyab xeeb, kev teeb tsa, thiab kev ua haujlwm ntawm Viking software. Phau ntawv qhia qhia cov tub lag luam yuav ua li cas siv Nets 'Viking daim ntawv thov rau hauv lawv ib puag ncig hauv PCI Kev Nyab Xeeb Software Standard raws li txoj cai. Txawm hais tias, nws tsis yog npaj los ua ib daim ntawv qhia kev teeb tsa tiav. Daim ntawv thov Viking, yog tias tau teeb tsa raws li cov lus qhia tau sau tseg ntawm no, yuav tsum pab txhawb, thiab txhawb nqa cov tub lag luam raws li PCI.
1.2 Software Security Framework (SSF)
PCI Software Security Framework (SSF) yog ib qho kev sau ntawm cov qauv thiab cov kev pab cuam rau kev ruaj ntseg tsim thiab txhim kho kev them nyiaj daim ntawv thov software. SSF hloov pauv Daim Ntawv Thov Kev Nyab Xeeb Cov Qauv (PA-DSS) nrog cov kev xav tau niaj hnub no uas txhawb nqa ntau qhov kev them nyiaj software hom, thev naus laus zis, thiab cov txheej txheem kev txhim kho. Nws muab cov neeg muag khoom nrog cov qauv kev nyab xeeb xws li PCI Secure Software Standard rau kev tsim thiab tswj kev them nyiaj software kom nws tiv thaiv kev them nyiaj thiab cov ntaub ntawv, txo qis qhov tsis zoo, thiab tiv thaiv kev tawm tsam.
1.3 Software Vendor Implementation Guide – Distribution and Updates
Qhov PCI Secure Software Standard Software Vendor Implementation Guide yuav tsum tau tshaj tawm rau txhua tus neeg siv daim ntawv thov suav nrog cov tub lag luam. Nws yuav tsum tau hloov kho yam tsawg kawg ib xyoos ib zaug thiab tom qab hloov pauv hauv software. Lub xyoo review thiab kev hloov tshiab yuav tsum suav nrog cov kev hloov pauv tshiab software nrog rau cov kev hloov pauv hauv Secure Software Standard.
Nets tshaj tawm cov ntaub ntawv ntawm cov npe website yog tias muaj kev hloov kho tshiab hauv phau ntawv qhia kev siv.
Webqhov chaw: https://support.nets.eu/
Rau Example: Nets PCI-Secure Software Standard Software Vendor Implementation Guide yuav muab faib rau txhua tus neeg muas zaub, resellers, thiab integrators. Cov neeg muas zaub, Resellers, thiab Integrators yuav raug ceeb toom los ntawm reviews thiab hloov tshiab. Kev hloov tshiab rau PCI-Secure Software Standard Software Vendor Implementation Guide tuaj yeem tau txais los ntawm kev tiv tauj Nets ncaj qha, ib yam nkaus.
Qhov PCI-Secure Software Standard Software Vendor Implementation Guide qhia txog ob qho tib si PCI-Secure Software Standard thiab PCI cov cai. Cov versions hauv qab no tau hais txog hauv phau ntawv qhia no.

  • PCI-Secure-Software-Standard-v1_1

Daim Ntawv Thov Kev Them Nyiaj Secure

2.1 Daim ntawv thov S/W
Daim ntawv thov kev them nyiaj Viking tsis siv cov software sab nraud lossis kho vajtse tsis koom nrog Viking daim ntawv thov. Tag nrho cov S/W executables uas yog nyob rau hauv daim ntawv thov them nqi Viking yog digitally kos npe nrog Tetra kos npe cov khoom muab los ntawm Ingenico.

  • Lub davhlau ya nyob twg sib txuas lus nrog Nets Host siv TCP / IP, tsis hais los ntawm Ethernet, GPRS, Wi-Fi, lossis ntawm PC-LAN khiav daim ntawv thov POS. Tsis tas li ntawd, lub davhlau ya nyob twg tuaj yeem sib txuas lus nrog tus tswv ntawm lub xov tooj ntawm tes nrog Wi-Fi lossis GPRS txuas.

Viking terminals tswj tag nrho cov kev sib txuas lus siv Ingenico txuas txheej txheej. Cov khoom no yog ib daim ntawv thov loaded nyob rau hauv lub davhlau ya nyob twg. Cov Txheej Txheem Txuas tuaj yeem tswj hwm ntau qhov kev sib txuas lus tib lub sijhawm siv cov khoom siv sib txawv (modem thiab serial chaw nres nkoj rau example) ua.
Nws tam sim no txhawb cov kev cai hauv qab no:

  • Lub cev: RS232, sab hauv modem, sab nraud modem (ntawm RS232), USB, Ethernet, Wi-Fi, Bluetooth, GSM, GPRS, 3G thiab 4G.
  • Cov ntaub ntawv txuas: SDLC, PPP.
  • Network: IP.
  • Tsheb thauj mus los: TCP.

Lub davhlau ya nyob twg ib txwm siv lub tswv yim los tsim kev sib txuas lus ntawm Nets Host. Tsis muaj TCP/IP neeg rau zaub mov S/W hauv lub davhlau ya nyob twg, thiab lub davhlau ya nyob twg S/W yeej tsis teb rau cov xov tooj.
Thaum koom ua ke nrog POS daim ntawv thov hauv PC, lub davhlau ya nyob twg tuaj yeem teeb tsa los sib txuas lus ntawm PC-LAN khiav POS daim ntawv thov siv RS232, USB, lossis Bluetooth. Tseem tag nrho cov haujlwm ntawm daim ntawv thov kev them nyiaj tab tom khiav hauv lub davhlau ya nyob twg S/W.
Daim ntawv thov raws tu qauv (thiab siv encryption) yog pob tshab thiab ywj siab ntawm hom kev sib txuas lus.
2.1.1 Kev them nyiaj tus tswv kev sib txuas lus TCP/IP parameter teeb Nets PCI Secure Software Standard - teeb tsa
2.1.2 ECR kev sib txuas lus

  • RS232 Tus lej
  • Kev sib txuas USB
  • TCP/IP parameter teeb, tseem hu ua ECR tshaj IP
    Nets PCI Ruaj Ntseg Software Standard - setup1
  • Lub party / ECR xaiv kev sib txuas lus hauv Viking Payment Application
    Host COMM Hom Terminal Hom
    Ethernet SeIf4000, Move3500, Desk3500, La n e3000
    BT iOS Link 2500, Link 2500i
    BT Android Move3500, Link 2500, Link 2500i
    ntawm ECR SeIf4000, Move3500, Link2500, Link2500i, Desk3500,
    Txoj kab 3000
    GPRS Tsiv 3500
    'Txhim kho Txav mus 3500, Txuas 2500
    ECR COMM Hom Terminal Hom
    IP Ethernet SeIf4000, Move3500, Desk3500, Txoj kab 3000
    BT iOS Link 2500, Link 2500i
    BT Android Move3500, Link 2500, Link 2500i
    USB SeIf4000, Move3500, Link2500, Link2500i, Desk3500, Txoj kab 3000
    TSI RS232 SeIf4000, Desk3500, Txoj kab 3000
    GPRS Tsiv 3500
    IP Yuav Txav mus 3500, Txuas 2500
  • Nets Cloud ECR (Connect Cloud) parameters configuration
    ECR IP chaw nyob 212.226.157.243
    Kev sib txuas lus TCP-IP PORT 6001

2.1.3 Kev sib txuas lus los tuav ntawm ECR

Tus IP chaw nyob 91.102.24142
Kev sib txuas lus TCP-IP PORT (NORWAY) 9670

Nco tseg: Xa mus rau "2.1.1- Kev Them Nqi Kev Sib Tham TCP / IP parameter teeb tsa" rau lub teb chaws tshwj xeeb TCP / IP chaw nres nkoj.
2.2 Txhawb lub davhlau ya nyob twg hardware(s)
Daim ntawv thov kev them nyiaj Viking tau txais kev txhawb nqa ntawm ntau yam PTS (PIN kev ruaj ntseg kev nyab xeeb) siv tau Ingenico li.
Cov npe ntawm cov khoom siv davhlau ya nyob twg nrog rau lawv tus lej pom zoo PTS tau muab hauv qab no.

Tetra Terminal Hom

Terminal kho vajtse PTS version PTS tso cai naj npawb PTS Hardware Version PTS Firmware Version
Txoj kab 3000 5.x ib 4-30310 : kuv LAN30AN LAN30BA LAN30BN LAN30CA LAN30DA LAN30EA LAN30EN LAN30FA LAN30FN LAN30GA LAN30HA LAN30AA 820547 01v

820561 01v
Desk 3500 5.x ib 4-20321 : kuv DES32BB DES32BC DES32CB DES32DB DES32DC DES35AB DES35BB DES35BC DES35CB DES35DB DES35DC DES32AB 820376 01v
820376 02v
820549 01v
820555 01v
820556 01v
820565 01v
820547 01v
Txav mus 3500 5.x ib 4-20320 : kuv MOV35AC MOV35AQ MOV35BB MOV35BC MOV35BQ MOV35CB MOV35CC MOV35CQ MOV35DB MOV35DC MOV35DQ MOV35EB MOV35FB MOV35JB
MOV 35 AB		 820376 01v
820376 02v
820547 01v
820549 01v
820555 01v
820556 01v
820565 01v
820547 01v
820565 01v
Txuas 2500 4.x ib 4-30230 : kuv LIN25BA LIN25BB LIN25CA LIN25DA LIN25DB LIN25EA LIN25FA 820555 01v
820556 01v
820547 01v
LIN25FB LIN25GA LIN25HA LIN25HB LIN25IA LIN25JA LIN25JB LIN25KA LIN25LA LIN25MA LIN25NA LIN25AA
Txuas 2500 5.x ib 4-30326 : kuv LIN25BA LIN25BB LIN25CA LIN25DA LIN25DA LIN25DB LIN25EA LIN25FA LIN25FB LIN25GA LIN25HA LIN25HB LIN25IA LIN25JA LIN25JB LIN25KA LIN25KA LIN25MA LIN25NA LIN25NA 820547 01v
Self 4000 5.x ib 4-30393 : kuv SEL40 IB 820547 01v

2.3 Txoj Cai Kev Nyab Xeeb
Daim ntawv thov kev them nyiaj Viking ua raws tag nrho cov cai tswj kev nyab xeeb uas tau teev tseg los ntawm Ingenico. Rau cov ntaub ntawv dav dav, cov no yog cov kev txuas mus rau txoj cai ruaj ntseg rau Tetra terminals sib txawv:

Terminal Hom Cov ntaub ntawv kev ruaj ntseg
Link 2500 (v4) Txuas / 2500 PCI PTS Txoj Cai Kev Nyab Xeeb (pcisecuritystandards.org)
Link 2500 (v5) PCI PTS Txoj Cai Kev Nyab Xeeb (pcisecuritystandards.org)
Desk3500 https://listings.pcisecuritystandards.org/ptsdocs/4-20321ICO-OPE-04972-EN- V12_PCI_PTS_Security_Policy_Desk_3200_Desk_3500-1650663092.33407.pdf
Tsiv 3500 https://listings.pcisecuritystandards.org/ptsdocs/4-20320ICO-OPE-04848-EN- V11_PCI_PTS_Security_Policy_Move_3500-1647635765.37606.pdf
Txoj kab 3000 https://listings.pcisecuritystandards.org/ptsdocs/4-30310SP_ICO-OPE-04818-EN- V16_PCI_PTS_Security_Policy_Lane_3000-1648830172.34526.pdf
Self 4000 Tus kheej / 4000 PCI PTS Txoj Cai Kev Nyab Xeeb (pcisecuritystandards.org)

Ruaj ntseg Tej thaj chaw deb Software Hloov tshiab

3.1 Kev Ua Lag Luam Ua Lag Luam

Nets ruaj ntseg xa cov ntawv thov kev them nyiaj Viking hloov tshiab nyob deb. Cov kev hloov tshiab no tshwm sim ntawm tib txoj kev sib txuas lus raws li kev nyab xeeb kev them nyiaj, thiab tus tub lag luam tsis tas yuav hloov pauv txoj kev sib txuas lus no kom ua raws.
Rau cov ntaub ntawv dav dav, cov tub lag luam yuav tsum tsim txoj cai siv tau rau cov neeg ua haujlwm tseem ceeb-ntsib thev naus laus zis, raws li cov lus qhia hauv qab no rau VPN, lossis lwm yam kev sib txuas ceev ceev, cov kev hloov tshiab tau txais los ntawm firewall lossis firewall ntawm tus kheej.
3.2 Txoj Cai Siv Tau Txais
Cov tub lag luam yuav tsum tsim cov cai siv rau cov neeg ua haujlwm tseem ceeb-ntsib thev naus laus zis, xws li modems thiab cov khoom siv wireless. Cov cai siv cov cai no yuav tsum muaj xws li:

  • Kev tswj xyuas meej pom zoo rau kev siv.
  • Kev lees paub rau kev siv.
  • Ib daim ntawv teev npe ntawm txhua yam khoom siv thiab cov neeg ua haujlwm nrog kev nkag.
  • Labeling cov khoom siv nrog tus tswv.
  • Tiv tauj cov ntaub ntawv thiab lub hom phiaj.
  • Kev siv cov cuab yeej siv tau zoo.
  • Txais tau qhov chaw network rau cov technologies.
  • Ib daim ntawv teev npe ntawm tuam txhab pom zoo cov khoom.
  • Tso cai siv cov modems rau cov neeg muag khoom tsuas yog thaum xav tau thiab deactivation tom qab siv.
  • Kev txwv tsis pub khaws cov ntaub ntawv ntawm tus tuav daim npav mus rau hauv xov xwm hauv zos thaum txuas nrog remotely.

3.3 Tus Kheej Firewall
Txhua qhov kev sib txuas "ib txwm-rau" los ntawm lub khoos phis tawj mus rau VPN lossis lwm yam kev sib txuas ceev yuav tsum tau ruaj ntseg los ntawm kev siv cov khoom siv hluav taws xob ntawm tus kheej. Lub firewall tau teeb tsa los ntawm lub koom haum kom ua tau raws li cov qauv tshwj xeeb thiab tsis hloov pauv los ntawm tus neeg ua haujlwm.
3.4 Cov txheej txheem hloov kho tej thaj chaw deb
Muaj ob txoj hauv kev los ua kom lub davhlau ya nyob twg hu rau Nets software chaw rau kev hloov tshiab:

  1. Ob leeg manually los ntawm kev xaiv zaub mov hauv lub davhlau ya nyob twg (los so daim npav ua lag luam, xaiv cov ntawv qhia zaub mov 8 "Software", 1 "Fetch software"), lossis tus tswv pib pib.
  2. Siv tus tswv tsev pib txoj kev; lub davhlau ya nyob twg cia li tau txais cov lus txib los ntawm Lub Tswv Cuab tom qab nws tau ua kev lag luam nyiaj txiag. Cov lus txib qhia rau lub davhlau ya nyob twg hu rau Nets software chaw kuaj xyuas qhov hloov tshiab.

Tom qab kev txhim kho software ua tiav, lub davhlau ya nyob twg nrog lub tshuab luam ntawv built-in yuav luam ib daim ntawv txais nyiaj nrog cov ntaub ntawv ntawm tus tshiab version.
Terminal integrators, cov neeg koom tes thiab / lossis Nets technical support team yuav muaj lub luag haujlwm ntawm kev qhia cov tub lag luam ntawm qhov hloov tshiab, suav nrog qhov txuas mus rau cov ntawv qhia kev hloov kho tshiab thiab cov ntawv tso tawm.
Ntxiv rau qhov tau txais tom qab hloov kho software, Viking daim ntawv thov kev them nyiaj kuj tuaj yeem siv tau los ntawm Chaw Nres Nkoj ntawm kev nias 'F3' tus yuam sij ntawm lub davhlau ya nyob twg.

Ruaj ntseg tshem tawm cov ntaub ntawv rhiab heev thiab tiv thaiv cov ntaub ntawv khaws cia hauv daim npav

4.1 Kev Ua Lag Luam Ua Lag Luam
Daim ntawv thov kev them nyiaj Viking tsis khaws cov ntaub ntawv sib nqus hlau nplaum, daim npav pov thawj qhov tseem ceeb lossis cov lej, PINs lossis PIN thaiv cov ntaub ntawv, cov ntaub ntawv tseem ceeb cryptographic, lossis cryptograms los ntawm nws cov ntawv dhau los.
Yuav kom ua tau raws li PCI, tus tub lag luam yuav tsum muaj txoj cai tuav cov ntaub ntawv uas txhais tau tias yuav khaws cov ntaub ntawv khaws cia ntev npaum li cas. Daim ntawv thov kev them nyiaj Viking khaws khaws cov ntaub ntawv pov thawj thiab / lossis cov ntaub ntawv pov thawj muaj txiaj ntsig ntawm qhov kev hloov pauv zaum kawg thiab yog tias muaj offline lossis ncua kev tso cai kev lag luam thaum ua raws li PCI-Secure Software Standard ua raws tib lub sijhawm, yog li nws tuaj yeem raug zam los ntawm tus tub lag luam daim npav tuav ntaub ntawv-txheej txoj cai.
4.2 Ruaj ntseg Rho tawm cov lus qhia
Lub davhlau ya nyob twg tsis khaws cov ntaub ntawv txheeb xyuas qhov tseeb; tag nrho track2, CVC, CVV lossis PIN, tsis ua ntej lossis tom qab kev tso cai; tshwj tsis yog rau Deferred Authorization muas nyob rau hauv cov ntaub ntawv encrypted rhiab heev authentication cov ntaub ntawv (tag nrho track2 ntaub ntawv) yog muab khaws cia kom txog rau thaum kev tso cai tiav. Post tso cai cov ntaub ntawv yog deleted securely.
Ib qho piv txwv ntawm cov ntaub ntawv keeb kwm txwv tsis pub muaj nyob hauv lub davhlau ya nyob twg yuav raug muab tshem tawm kom ruaj ntseg thaum lub davhlau ya nyob twg Viking daim ntawv thov them nqi kho dua. Kev tshem tawm cov ntaub ntawv keeb kwm txwv tsis pub thiab cov ntaub ntawv uas yog txoj cai tuav tseg yav dhau los yuav tshwm sim tau.
4.3 Qhov chaw ntawm cov ntaub ntawv khaws cia hauv daim npav
Cov ntaub ntawv pov thawj yog khaws cia hauv Flash DFS (Cov ntaub ntawv File System) ntawm lub davhlau ya nyob twg. Cov ntaub ntawv yog tsis ncaj qha mus saib tau los ntawm cov tub lag luam.

Cov Ntaub Ntawv Khw (file, table, etc.) Cov Ntaub Ntawv Cov Ntaub Ntawv khaws cia
(PAN, tas sij hawm, txhua yam ntawm SAD)		 Yuav khaws cov ntaub ntawv li cas thiaj ruaj ntseg
(rau example, encryption, access controls, truncation, etc.)
File: kev txhaum PAN, Hnub Kawg, Service Code PAN: Encrypted 3DES-DUKPT (112 ntsis)
File: storefwd.rsd PAN, Hnub Kawg, Service Code PAN: Encrypted 3DES-DUKPT (112 ntsis)
File: transoff.rsd ib PAN, Hnub Kawg, Service Code PAN: Encrypted 3DES-DUKPT (112 ntsis)
File: transorr.rsd ib Nthuav PAN Txiav tawm (thawj 6, kawg 4)
File: offlrep.dat ib Nthuav PAN Txiav tawm (thawj 6, kawg 4)
File: defuth.rsd PAN, Hnub Kawg, Service Code PAN: Encrypted 3DES-DUKPT (112 ntsis)
File: defuth.rsd Full track2 data Cov ntaub ntawv tag nrho Track2: pre-Encrypted 3DES-DUKPT (112 ntsis)

4.4 Deferred Tso Cai Transaction
Kev tso cai ncua sij hawm tshwm sim thaum tus tub lag luam tsis tuaj yeem ua tiav daim ntawv tso cai thaum lub sijhawm ua lag luam nrog tus neeg tuav daim npav vim muaj kev sib txuas, cov teeb meem hauv lub cev, lossis lwm yam kev txwv, thiab tom qab ntawd ua tiav daim ntawv tso cai thaum nws muaj peev xwm ua tau.
Qhov ntawd txhais tau hais tias kev tso cai ncua sij hawm tshwm sim thaum muaj kev tso cai hauv online tom qab daim npav tsis muaj lawm. Raws li kev tso cai online ntawm kev tso cai ncua sij hawm ncua sij hawm, cov kev hloov pauv yuav raug muab khaws cia rau hauv lub davhlau ya nyob twg kom txog thaum cov kev hloov pauv tau tso cai tiav tom qab thaum lub network muaj. Cov kev hloov pauv tau khaws cia thiab xa mus rau tus tswv tsev tom qab, zoo li yuav ua li cas cov kev lag luam Offline khaws cia rau hnub no hauv Viking daim ntawv thov nyiaj.
Cov tub lag luam tuaj yeem pib qhov kev hloov pauv raws li 'Kev Tso Cai Txiav Txim' los ntawm Kev Sau Npe Nyiaj Txiag Hauv Hluav Taws Xob (ECR) lossis los ntawm cov ntawv qhia zaub mov.
Kev tso cai ncua sij hawm tuaj yeem xa mus rau Nets tus tswv tsev los ntawm cov tub lag luam siv cov kev xaiv hauv qab no:

  1. ECR - Admin hais kom ua - Xa offline (0x3138)
  2. Terminal - Tub lag luam -> 2 EOT -> 2 xa mus rau tus tswv

4.5 Cov txheej txheem daws teeb meem
Nets kev txhawb nqa yuav tsis thov kom muaj kev lees paub tseeb lossis cov ntaub ntawv pov thawj rau kev daws teeb meem. Daim ntawv thov kev them nyiaj Viking tsis muaj peev xwm sau lossis teeb meem cov ntaub ntawv rhiab nyob rau hauv txhua rooj plaub.

4.6 PAN qhov chaw - Tso tawm lossis luam tawm
Masked PAN:

  • Cov ntawv txais nyiaj txiag:
    Masked PAN ib txwm luam tawm ntawm daim ntawv txais nyiaj rau ob tus neeg tuav daim npav thiab cov tub lag luam. Lub npog ntsej muag PAN feem ntau yog nrog * qhov twg thawj 6 tus lej thiab 4 tus lej kawg yog nyob rau hauv cov ntawv ntshiab.
  • Daim ntawv teev kev lag luam:
    Daim ntawv tshaj tawm kev lag luam qhia tau hais tias cov kev lag luam tau ua hauv kev sib tham. Cov ntsiab lus ntawm kev ua lag luam suav nrog Masked PAN, Daim npav rho tawm lub npe thiab tus nqi pauv nyiaj.
  • Cov neeg siv khoom kawg tau txais:
    Daim ntawv theej ntawm daim ntawv txais nyiaj kawg ntawm cov neeg siv khoom tuaj yeem tsim los ntawm cov ntawv theej ntawm lub davhlau ya nyob twg. Daim ntawv txais nyiaj ntawm cov neeg siv khoom muaj lub npog ntsej muag PAN raws li daim ntawv txais nyiaj thawj tus neeg siv khoom. Lub luag haujlwm muab yog siv nyob rau hauv rooj plaub yog tias lub davhlau ya nyob twg tsis ua rau tus neeg siv khoom
    daim ntawv txais nyiaj thaum lub sijhawm ua lag luam rau ib qho laj thawj.

Encrypted PAN:

• Daim ntawv txais nyiaj offline:
Tus neeg muag khoom tau txais daim ntawv lees paub ntawm kev lag luam offline suav nrog Triple DES 112-ntsis DUKPT encrypted cardholder cov ntaub ntawv (PAN, Hnub Kawg thiab Service code).

PIB: 71448400-714484
12/08/2022 10:39
Visa
Contactless
************ 3439-0
107A47458AE773F3A84DF977
553E3D93FFFF9876543210E0
15f3 ua
AID: A0000000031010
TVR: 0000000000
PIB: 123461
No.: 000004 000000 KC3
lus :y1
kev: 782
MUAS
12,00 Nws
Pom zoo
RETAILER COPY
Kev lees paub:
Daim ntawv thov kev them nyiaj Viking ib txwm encrypts cov ntaub ntawv tuav pov hwm los ntawm lub neej ntawd rau kev lag luam offline khaws cia, xa mus rau NETS tus tswv tsev thiab luam tawm cov ntaub ntawv encrypted ntawm daim npav muag khoom rau kev lag luam offline.
Tsis tas li ntawd, txhawm rau tso saib lossis luam daim npav PAN, Viking daim ntawv thov them nyiaj ib txwm npog tus lej PAN nrog lub hnub qub '*' nrog Thawj 6 + Xeem 4 tus lej hauv qhov tseeb raws li lub neej ntawd. Daim npav naj npawb luam tawm yog tswj los ntawm lub davhlau ya nyob twg tswj qhov system uas luam tawm tuaj yeem hloov pauv los ntawm kev thov los ntawm cov channel tsim nyog thiab los ntawm kev nthuav qhia kev lag luam tsim nyog, txawm li cas los xij rau Viking daim ntawv thov them nyiaj, tsis muaj qhov xwm txheej zoo li no.
Example for masked PAN:
PIB: 957852181428133823-2
Cov ntaub ntawv tsawg kawg nkaus: **************** 3823-2
Cov ntaub ntawv ntau tshaj: 957852**********3823-2
4.7 Lus ceeb toom files
Daim ntawv thov them nyiaj Viking tsis muab ib qho kev qhia tshwj xeeb files.
Daim ntawv thov them nqi Viking thov rau cov neeg tuav daim npav nkag los ntawm cov lus qhia uas yog ib feem ntawm kev xa xov hauv daim ntawv thov kev them nyiaj Viking kos npe.
Cov lus ceeb toom rau tus lej PIN, tus lej, thiab lwm yam muaj nyob rau ntawm lub davhlau ya nyob twg, thiab cov ntaub ntawv pov thawj tau tos. Cov ntaub ntawv tau txais los ntawm tus neeg tuav daim npav tsis raug khaws cia.
4.8 Kev tswj hwm qhov tseem ceeb
Rau Tetra ntau yam ntawm cov qauv davhlau ya nyob twg, txhua yam kev ruaj ntseg ua haujlwm tau ua nyob rau hauv thaj chaw ruaj ntseg ntawm PTS ntaus ntawv tiv thaiv los ntawm daim ntawv thov them nyiaj.
Encryption yog ua nyob rau hauv qhov chaw ruaj ntseg thaum decryption ntawm cov ntaub ntawv encrypted tsuas yog ua tau los ntawm Nets Host systems. Txhua qhov kev sib pauv tseem ceeb ntawm Nets party, Cov Ntsiab Lus / Txhaj Tshuaj (rau Tetra terminals) thiab PED yog ua tiav hauv daim ntawv encrypted.
Cov txheej txheem rau Kev Tswj Xyuas Qhov Tseem Ceeb yog siv los ntawm Nets raws li DUKPT lub tswv yim siv 3DES encryption.
Tag nrho cov yuam sij thiab cov khoom tseem ceeb siv los ntawm Nets terminals yog tsim los siv cov txheej txheem random lossis pseudorandom. Cov yuam sij thiab cov khoom tseem ceeb siv los ntawm Nets terminals yog tsim los ntawm Nets qhov kev tswj hwm qhov tseem ceeb, uas siv tau pom zoo Thales Them thaiv HSM units los tsim cov yuam sij cryptographic.
Cov kev tswj xyuas tseem ceeb yog ywj siab ntawm kev them nyiaj ua haujlwm. Kev thauj khoom ib daim ntawv thov tshiab yog li tsis tas yuav muaj kev hloov pauv rau lub luag haujlwm tseem ceeb. Qhov chaw tseem ceeb ntawm lub davhlau ya nyob twg yuav txhawb nqa ib puag ncig 2,097,152 kev lag luam.
Thaum qhov chaw tseem ceeb tas lawm, Viking lub davhlau ya nyob twg nres ua haujlwm thiab qhia cov lus yuam kev, thiab tom qab ntawd lub davhlau ya nyob twg yuav tsum tau hloov.
4.9 '24 HR' Reboot
Tag nrho cov Viking terminals yog PCI-PTS 4.x thiab siab dua thiab yog li ua raws li qhov yuav tsum tau ua raws li PCI-PTS 4.x davhlau ya nyob twg yuav tsum reboot yam tsawg kawg nkaus ib zaug txhua 24 teev los so RAM thiab txuas ntxiv ruaj ntseg davhlau ya nyob twg HW los ntawm kev siv los tuav cov nyiaj them poob haujlwm. daim npav cov ntaub ntawv.
Lwm qhov txiaj ntsig ntawm '24hr' rov pib lub voj voog yog tias lub cim xeeb xau yuav raug txo qis thiab muaj kev cuam tshuam tsawg dua rau cov tub lag luam (tsis yog tias peb yuav tsum lees txais cov teeb meem nco qab.
Cov tub lag luam tuaj yeem teem sijhawm rov pib dua los ntawm lub davhlau ya nyob twg Menu xaiv rau 'Reboot Time'. Lub sijhawm reboot yog teem raws li '24 teev' moos thiab yuav siv hom HH: MM.
Lub Reset mechanism yog tsim los xyuas kom meej lub davhlau ya nyob twg rov pib dua tsawg kawg ib zaug hauv 24 teev khiav. Txhawm rau ua tiav qhov kev xav tau no lub sijhawm, hu ua "rov pib dua lub sijhawm" sawv cev los ntawm Temin thiab Tmax tau raug txhais. Lub sijhawm no sawv cev rau lub sijhawm luv uas tso cai rov pib dua. Nyob ntawm cov ntaub ntawv ua lag luam, "rov pib dua lub sijhawm" raug kho thaum lub sijhawm teeb tsa lub davhlau ya nyob twg. Los ntawm kev tsim, lub sijhawm no tsis tuaj yeem luv dua 30 feeb. Nyob rau lub sijhawm no, qhov rov pib dua tshwm sim txhua hnub 5 feeb ua ntej (ntawm T3) raws li tau piav qhia los ntawm daim duab hauv qab no:Nets PCI Ruaj Ntseg Software Standard - 'Reboot

4.10 Cov npe dawb
Whitelisting yog txheej txheem los txiav txim siab tias PANs tau teev tseg raws li daim ntawv teev npe dawb tau tso cai kom pom hauv cov ntawv ntshiab. Viking siv 3 daim teb rau kev txiav txim siab cov npe dawb PANs uas tau nyeem los ntawm kev teeb tsa rub tawm los ntawm lub davhlau ya nyob twg tswj hwm.
Thaum 'Ua raws li tus chij' hauv Nets tus tswv tau teeb tsa rau Y, cov ntaub ntawv los ntawm Nets Host lossis Terminal tswj qhov system raug rub mus rau lub davhlau ya nyob twg, thaum lub davhlau ya nyob twg pib. Tus chij ua raws cai no yog siv los txiav txim siab cov npe dawb PANs uas tau nyeem los ntawm cov ntaub ntawv.
'Track2ECR' chij txiav txim siab seb cov ntaub ntawv Track2 puas raug tso cai ua haujlwm (xa / tau txais) los ntawm ECR rau ib tus neeg tawm tswv yim. Nyob ntawm tus nqi ntawm tus chij no, nws tau txiav txim siab yog tias cov ntaub ntawv track2 yuav tsum tau qhia hauv hom hauv zos ntawm ECR.
'Print format field' txiav txim siab li cas PAN yuav tshwm sim. Cov ntawv teev lus hauv PCI yuav muaj tag nrho cov ntawv luam tawm los tso saib PAN hauv daim ntawv truncated/masked.

Authentication thiab Access Controls

5.1 Kev Nkag Mus Saib
Daim ntawv thov kev them nyiaj Viking tsis muaj cov neeg siv nyiaj lossis tus password sib raug yog li ntawd, daim ntawv thov them nyiaj Viking raug zam los ntawm qhov yuav tsum tau ua.

  • ECR Integrated teeb:
    Nws tsis tuaj yeem nkag mus rau hom kev lag luam xws li Cov Nyiaj Them Rov Qab, Deposit thiab Rov Qab Los ntawm cov ntawv qhia zaub mov kom ua rau cov haujlwm no ruaj ntseg los ntawm kev siv tsis raug. Cov no yog hom kev lag luam uas cov nyiaj ntws tau tshwm sim los ntawm cov tub lag luam tus account mus rau tus neeg tuav daim npav tus account. Nws yog tus tub luam lub luag haujlwm los xyuas kom meej tias ECR tsuas yog siv los ntawm cov neeg siv tau tso cai xwb.
  • Kev teeb tsa standalone:
    Cov tub lag luam daim npav nkag mus tswj yog lub neej ntawd ua rau nkag mus rau hom kev lag luam xws li Nyiaj Rov Qab, Tso Nyiaj thiab Rov Qab Los ntawm cov ntawv qhia zaub mov kom ua rau cov haujlwm no ruaj ntseg los ntawm kev siv tsis raug.
    Lub Viking davhlau ya nyob twg tau teeb tsa los ntawm lub neej ntawd kom ruaj ntseg cov ntawv qhia zaub mov, los tiv thaiv kev nkag tsis tau. Cov kev txwv rau kev teeb tsa cov ntawv qhia zaub mov kev ruaj ntseg poob rau hauv Merchant Menu (siv tau nrog daim npav tub lag luam) -> Parameters -> Kev Ruaj Ntseg

Nets PCI Ruaj Ntseg Software Standard - ' Standalone teeb

Tiv thaiv cov ntawv qhia zaub mov – Teem rau 'Yog' los ntawm lub neej ntawd.
Cov ntawv qhia zaub mov khawm ntawm lub davhlau ya nyob twg muaj kev tiv thaiv siv Protect menu configuration. Cov ntawv qhia zaub mov tuaj yeem nkag tau los ntawm Tub Lag Luam tsuas yog siv daim npav ua lag luam. Nets PCI Ruaj Ntseg Software Standard - ' Standalone teeb1

Tiv thaiv kev thim rov qab - Teem rau 'Yog' los ntawm lub neej ntawd.
Kev thim rov qab ntawm kev hloov pauv tsuas yog ua tau los ntawm cov tub lag luam uas siv daim npav ua lag luam nkag mus rau cov ntawv qhia thim rov qab. Nets PCI Secure Software Standard - ' Tiv thaiv kev thim rov qab

Tiv thaiv kev sib haum xeeb - Teem rau 'Yog' los ntawm lub neej ntawd
Kev xaiv rau Reconciliation tuaj yeem nkag tau tsuas yog los ntawm cov tub lag luam nrog daim npav ua lag luam thaum qhov kev tiv thaiv no tau teeb tsa rau qhov tseeb. Nets PCI Ruaj Ntseg Software Standard - ' Tiv thaiv kev thim rov qab 1

Tiv thaiv Shortcut - Teem rau 'Yog' los ntawm lub neej ntawd
Shortcut zaub mov nrog cov kev xaiv rau viewing Terminal Info thiab kev xaiv rau kev hloov kho Bluetooth tsis muaj peev xwm yuav muaj rau cov tub lag luam tsuas yog thaum daim npav ua lag luam yog swiped.Nets PCI Secure Software Standard - Tiv thaiv

5.2 Tswj Password
Daim ntawv thov kev them nyiaj Viking tsis muaj cov neeg siv nyiaj lossis tus password sib xws; yog li ntawd, daim ntawv thov Viking raug zam los ntawm qhov yuav tsum tau ua.

Kev sau npe

6.1 Kev Ua Lag Luam Ua Lag Luam
Tam sim no, rau daim ntawv thov kev them nyiaj Nets Viking, tsis muaj tus neeg siv kawg, kev teeb tsa PCI log teeb tsa.
6.2 Configure Log Settings
Daim ntawv thov kev them nyiaj Viking tsis muaj cov neeg siv nyiaj, yog li PCI raws li kev txiav txim siab tsis siv tau. Txawm hais tias nyob rau hauv feem ntau verbose kev txiav txim siab daim ntawv thov kev them nyiaj Viking tsis teev cov ntaub ntawv pov thawj tseeb lossis cov ntaub ntawv pov thawj.
6.3 Central Logging
Lub davhlau ya nyob twg muaj ib tug generic log mechanism. Cov txheej txheem tseem suav nrog kev txiav tawm ntawm kev tsim thiab tshem tawm S / W executable.
S / W rub tawm cov haujlwm tau nkag mus thiab tuaj yeem xa mus rau Tus Thawj Coj ntawm tus kheej ntawm cov ntawv qhia zaub mov xaiv hauv lub davhlau ya nyob twg lossis ntawm kev thov los ntawm tus tswv flagged hauv kev lag luam zoo tib yam. Yog tias S/W rub tawm ua tsis tiav vim tsis raug kos npe digital ntawm qhov tau txais files, qhov xwm txheej tau nkag thiab xa mus rau Tus Tswv tau txais thiab tam sim ntawd.
6.3.1 Pab kom taug qab Logging ntawm lub davhlau ya nyob twg
Txhawm rau pab kom taug qab logging:

  1. Swipe Merchant card.
  2. Tom qab ntawd hauv cov ntawv qhia zaub mov xaiv "9 System menu".
  3. Tom qab ntawd mus rau cov ntawv qhia zaub mov "2 System Log".
  4. Ntaus tus kws kho mob code, uas koj tuaj yeem tau txais los ntawm kev hu rau Nets Merchant Service kev txhawb nqa.
  5. Xaiv "8 Parameters".
  6. Tom qab ntawd qhib "Logging" rau "Yog".

6.3.2 Xa cov kab khiav mus rau tus tswv
Txhawm rau xa cov ntawv teev cia:

  1. Nias Menu key ntawm lub davhlau ya nyob twg thiab tom qab ntawd Swipe Merchant card.
  2. Tom qab ntawd hauv cov ntawv qhia zaub mov tseem ceeb xaiv "7 Operator menu".
  3. Tom qab ntawd xaiv "5 Xa Trace Logs" xa cov ntawv teev cia rau tus tswv.

6.3.3 Tej thaj chaw deb trace logging
Ib qho parameter yog teem rau hauv Nets Host (PSP) uas yuav pab tau / lov tes taw Terminal txoj kab kev nkag mus ua haujlwm nyob deb. Nets Host yuav xa Trace enable / disable logging parameter rau Terminal nyob rau hauv cov ntaub ntawv teem nrog rau lub sij hawm teem tseg thaum Terminal yuav upload Trace cav. Thaum lub davhlau ya nyob twg tau txais Trace parameter raws li tau qhib, nws yuav pib ntes Trace cav thiab nyob rau lub sijhawm teem tseg nws yuav upload tag nrho cov kab khiav tawm thiab lov tes taw kev ua haujlwm nkag tom qab ntawd.
6.3.4 Chaw taws teeb yuam kev logging
Cov ntaub ntawv yuam kev yeej ib txwm qhib rau ntawm lub davhlau ya nyob twg. Zoo li kev nkag mus rau hauv kab, ib qho kev ntsuas tau teeb tsa hauv Nets Host uas yuav pab tau / lov tes taw Terminal qhov yuam kev logging functionality remotely. Nets Host yuav xa Trace enable/disable logging parameter rau Terminal nyob rau hauv cov ntaub ntawv teem nrog rau lub sij hawm teem tseg thaum Terminal yuav upload yuam kev cav. Thaum lub davhlau ya nyob twg tau txais yuam kev logging parameter raws li enabled, nws yuav pib ntes yuam kev cav thiab nyob rau lub sij hawm teem nws yuav upload tag nrho cov ntaub ntawv yuam kev thiab lov tes taw lub loggging functionality tom qab ntawd.

Wireless Networks

7.1 Kev Ua Lag Luam Ua Lag Luam

Viking them nyiaj davhlau ya nyob twg - MOVE 3500 thiab Link2500 muaj peev xwm txuas nrog Wi-nkaus network. Yog li ntawd, rau kev siv wireless kom ruaj ntseg, yuav tsum xav txog thaum txhim kho thiab teeb tsa lub wireless network raws li cov lus qhia hauv qab no.
7.2 Pom zoo Wireless Configurations
Muaj ntau qhov kev txiav txim siab thiab cov kauj ruam uas yuav tsum tau ua thaum teeb tsa wireless network uas txuas nrog lub network sab hauv.
Yam tsawg kawg nkaus, cov kev teeb tsa thiab kev teeb tsa hauv qab no yuav tsum nyob hauv qhov chaw:

  • Tag nrho cov wireless network yuav tsum tau segmented siv firewall; yog tias kev sib txuas ntawm lub wireless network thiab daim npav cov ntaub ntawv ib puag ncig yuav tsum tau nkag mus yuav tsum tau tswj thiab ruaj ntseg los ntawm firewall.
  • Hloov lub neej ntawd SSID thiab lov tes taw SSID tshaj tawm
  • Hloov cov passwords qub rau ob qho tib si rau kev sib txuas wireless thiab cov ntsiab lus nkag wireless, qhov no suav nrog kev nkag mus rau console nrog rau SNMP cov hlua hauv zej zog
  • Hloov lwm yam kev ruaj ntseg defaults muab los yog teem los ntawm tus neeg muag khoom
  • Xyuas kom meej tias cov ntsiab lus nkag wireless tau hloov kho mus rau qhov tseeb firmware
  • Tsuas yog siv WPA lossis WPA2 nrog cov yuam sij muaj zog, WEP raug txwv thiab yuav tsum tsis txhob siv
  • Hloov WPA / WPA2 cov yuam sij ntawm kev teeb tsa thiab ua ntu zus thiab thaum twg tus neeg paub txog cov yuam sij tawm hauv lub tuam txhab

Network Segmentation

8.1 Kev Ua Lag Luam Ua Lag Luam
Daim ntawv thov kev them nyiaj Viking tsis yog daim ntawv thov them nyiaj raws li server thiab nyob ntawm lub davhlau ya nyob twg. Vim li no, daim ntawv thov kev them nyiaj tsis tas yuav muaj kev hloov kho kom tau raws li qhov yuav tsum tau ua.
Rau cov tub lag luam cov kev paub dav dav, cov ntaub ntawv credit card tsis tuaj yeem khaws cia rau hauv cov tshuab txuas ncaj qha rau Is Taws Nem. Rau example, web servers thiab database servers yuav tsum tsis txhob ntsia rau tib lub server. Ib cheeb tsam tsis muaj tub rog (DMZ) yuav tsum tau teeb tsa kom ntu ntu ntawm lub network kom tsuas yog cov tshuab ntawm DMZ tuaj yeem siv Internet.

Chaw taws teeb Access

9.1 Kev Ua Lag Luam Ua Lag Luam
Daim ntawv thov kev them nyiaj Viking tsis tuaj yeem nkag mus rau thaj chaw deb. Kev them nyiaj yug nyob deb tsuas yog tshwm sim ntawm Nets cov neeg ua haujlwm txhawb nqa thiab tus tub lag luam hauv xov tooj lossis los ntawm Nets ncaj qha rau ntawm qhov chaw nrog tus tub luam.

Kev xa cov ntaub ntawv rhiab heev

10.1 Kev xa cov ntaub ntawv rhiab heev
Daim ntawv thov kev them nyiaj Viking ruaj ntseg cov ntaub ntawv rhiab thiab / lossis cov ntaub ntawv tuav pov hwm hauv kev thauj mus los los ntawm kev siv cov lus-theem encryption siv 3DES-DUKPT (112 khoom) rau txhua qhov kev sib kis (xws li pej xeem network). Kev Ruaj Ntseg Kev Ruaj Ntseg rau IP kev sib txuas lus los ntawm daim ntawv thov Viking rau tus tswv tsev tsis tas yuav tsum tau vim tias cov lus-theem encryption yog siv los ntawm 3DES-DUKPT (112-ntsis) raws li tau piav qhia saum toj no. Cov txheej txheem encryption no ua kom ntseeg tau tias txawm tias kev lag luam raug cuam tshuam, lawv tsis tuaj yeem hloov kho lossis cuam tshuam rau txhua txoj hauv kev yog 3DES-DUKPT (112-ntsis) tseem suav tias yog kev encryption muaj zog. Raws li DUKPT lub tswv yim tswj qhov tseem ceeb, 3DES tus yuam sij siv yog qhov tshwj xeeb rau txhua qhov kev lag luam.
10.2 Muab cov ntaub ntawv rhiab heev rau lwm cov software
Daim ntawv thov kev them nyiaj Viking tsis muab ib qho kev sib txuas lus sib txuas lus / APIs los pab kom sib koom cov ntaub ntawv tus account cleartext ncaj qha nrog lwm cov software. Tsis muaj cov ntaub ntawv rhiab lossis cov ntaub ntawv tus account cleartext tau muab qhia rau lwm tus software los ntawm APIs raug.

10.3 Email thiab cov ntaub ntawv rhiab heev
Daim ntawv thov kev them nyiaj Viking tsis yog ib txwm txhawb nqa kev xa email.
10.4 Tsis yog-Console Administration Access
Viking tsis txhawb kev nkag mus rau kev tswj hwm tsis yog Console.
Txawm li cas los xij, rau cov tub lag luam cov kev paub dav dav, tsis yog Console thawj coj nkag yuav tsum siv SSH, VPN, lossis TLS rau kev nkag mus rau txhua qhov kev tswj hwm tsis yog kev tswj hwm rau cov servers hauv cov ntaub ntawv ib puag ncig. Telnet lossis lwm txoj kev nkag tsis tau nkag yuav tsum tsis txhob siv.

Viking Versioning Methodology

Nets versioning methodology muaj peb feem S/W version naj npawb: a.bb.c
qhov twg 'a' yuav raug nce ntxiv thaum muaj kev hloov pauv siab ua tiav raws li PCI-Secure Software Standard.
a – loj version (1 tus lej)
'bb' yuav raug nce ntxiv thaum qhov kev hloov pauv uas tsis tshua muaj kev npaj ua tiav raws li PCI-Secure Software Standard.
bb – me version (2 tug lej)
'c' yuav raug nce ntxiv thaum qhov kev hloov pauv hloov pauv qis ua tiav raws li PCI-Secure Software Standard.
c - minor version (1 tus lej)
Daim ntawv thov kev them nyiaj Viking S / W tus lej yog qhia zoo li qhov no ntawm lub vijtsam davhlau ya nyob twg thaum lub davhlau ya nyob twg muaj zog: 'abbc'

  • Kev hloov tshiab los ntawm piv txwv li, 1.00.0 txog 2.00.0 yog qhov hloov tshiab tseem ceeb. Nws yuav suav nrog cov kev hloov pauv uas cuam tshuam rau kev ruaj ntseg lossis PCI Kev Nyab Xeeb Software Standard cov cai.
  • Kev hloov tshiab los ntawm piv txwv li, 1.00.0 rau 1.01.0 yog qhov hloov tshiab tsis tseem ceeb. Nws yuav tsis suav nrog cov kev hloov pauv uas cuam tshuam rau kev nyab xeeb lossis PCI Kev Nyab Xeeb Software Standard cov cai.
  • Kev hloov tshiab los ntawm piv txwv li, 1.00.0 rau 1.00.1 yog qhov hloov tshiab tsis tseem ceeb. Nws yuav tsis suav nrog cov kev hloov pauv uas cuam tshuam rau kev nyab xeeb lossis PCI Kev Nyab Xeeb Software Standard cov cai.

Txhua qhov kev hloov pauv tau sawv cev hauv cov lej ua ntu zus.

Cov lus qhia txog Kev Ruaj Ntseg Txhim Kho ntawm Patches thiab Hloov Kho Tshiab.

Nets ruaj ntseg xa cov ntawv thov kev them nyiaj rau tej thaj chaw deb hloov tshiab. Cov kev hloov tshiab no tshwm sim ntawm tib txoj kev sib txuas lus raws li kev nyab xeeb kev them nyiaj, thiab tus tub lag luam tsis tas yuav hloov pauv txoj kev sib txuas lus no kom ua raws.
Thaum muaj ib thaj, Nets yuav hloov kho lub thaj version ntawm Nets Host. Cov tub lag luam yuav tau txais thaj ua rau thaj los ntawm kev thov S / W automated, lossis tus tub lag luam tuaj yeem pib rub tawm software los ntawm cov ntawv qhia zaub mov.
Rau cov ntaub ntawv dav dav, cov tub lag luam yuav tsum tsim txoj cai siv tau rau cov neeg ua haujlwm tseem ceeb-ntsib thev naus laus zis, raws li cov lus qhia hauv qab no rau VPN lossis lwm yam kev sib txuas ceev, tau txais cov kev hloov tshiab los ntawm firewall lossis cov neeg ua haujlwm firewall.
Tus tswv tsev Nets muaj nyob hauv internet siv kev nyab xeeb los yog ntawm lub network kaw. Nrog kaw lub network, tus neeg muab kev pabcuam network muaj kev sib txuas ncaj qha rau peb tus tswv tsev ib puag ncig uas tau muab los ntawm lawv tus neeg muab kev pabcuam network. Cov terminals raug tswj los ntawm Nets cov kev pabcuam tswj xyuas. Lub davhlau ya nyob twg tswj kev pabcuam txhais rau example lub cheeb tsam lub davhlau ya nyob twg belongs rau thiab cov acquirer nyob rau hauv kev siv. Terminal tswj kuj yog lub luag haujlwm rau kev kho dua tshiab davhlau ya nyob twg software remotely hla lub network. Nets xyuas kom meej tias cov software uploaded rau lub davhlau ya nyob twg tau ua tiav cov ntawv pov thawj xav tau.
Nets pom zoo xyuas cov ntsiab lus rau tag nrho nws cov neeg siv khoom kom ntseeg tau tias kev them nyiaj nyab xeeb thiab nyab xeeb raws li teev hauv qab no:

  1. Khaws ib daim ntawv teev npe ntawm txhua qhov chaw them nyiaj ua haujlwm thiab thaij duab los ntawm txhua qhov ntev kom koj paub tias lawv yuav tsum zoo li cas.
  2. Saib kom pom tseeb cov cim ntawm tampering xws li tawg cov ntsaws ruaj ruaj hla kev siv daim npog npog lossis cov ntsia hlau, khib lossis sib txawv cabling lossis cov cuab yeej kho vajtse tshiab uas koj tsis tuaj yeem paub.
  3. Tiv thaiv koj cov terminals los ntawm cov neeg siv khoom ncav cuag thaum tsis siv. Tshawb xyuas koj cov nyiaj them poob haujlwm txhua hnub thiab lwm yam khoom siv uas tuaj yeem nyeem daim npav them nyiaj.
  4. Koj yuav tsum txheeb xyuas tus kheej ntawm cov neeg ua haujlwm kho yog tias koj xav tias yuav kho qhov chaw them nqi kho mob.
  5. Hu rau Nets lossis koj lub txhab nyiaj tam sim yog tias koj xav tias muaj kev ua haujlwm tsis pom tseeb.
  6. Yog tias koj ntseeg tias koj lub cuab yeej POS yog qhov yooj yim rau tub sab, ces muaj cov kev pabcuam cradles thiab cov hlua ruaj ntseg thiab cov hlua khi muaj nyob rau kev yuav khoom lag luam. Tej zaum nws yuav tsim nyog xav txog lawv txoj kev siv.

Viking tso tawm tshiab

Viking software raug tso tawm hauv cov kab hauv qab no tso tawm (yuav hloov pauv):

  • 2 loj tshaj tawm txhua xyoo
  • 2 me me tso tawm txhua xyoo
  • Software thaj ua rau thaj, raws li thiab thaum xav tau, (xws li vim muaj teeb meem tseem ceeb / qhov tsis zoo). Yog tias qhov kev tso tawm tau ua haujlwm hauv thaj chaw thiab qee qhov teeb meem tseem ceeb tau tshaj tawm, tom qab ntawd software thaj nrog kev kho yuav tsum raug tso tawm hauv ib lub hlis.

Cov tub lag luam yuav raug ceeb toom txog kev tshaj tawm (loj / me / thaj) los ntawm email uas yuav xa ncaj qha mus rau lawv qhov chaw nyob email. Tus email tseem yuav muaj cov ntsiab lus tseem ceeb ntawm kev tso tawm thiab cov ntawv tso tawm.
Cov tub lag luam tseem tuaj yeem nkag mus rau cov ntawv tso tawm uas yuav muab tso rau ntawm: Software tso cov ntawv sau (nets. eu)
Viking Software tso tawm tau kos npe siv Ingenico cov cuab yeej hu nkauj rau Tetra terminals. Tsuas yog kos npe software tuaj yeem thauj khoom mus rau lub davhlau ya nyob twg.

Cov kev cai tsis siv

Tshooj lus no tuav cov npe ntawm cov kev xav tau hauv PCI-Secure Software Standard uas tau raug soj ntsuam raws li 'Tsis siv tau' rau daim ntawv thov them nqi Viking thiab qhov tseeb rau qhov no.

PCI Secure Software Standard CO Kev ua si Kev txiav txim siab rau kev ua 'Tsis siv'
5.3 Cov txheej txheem kev lees paub (nrog rau cov ntawv pov thawj kev sib tham) muaj qhov muaj zog txaus thiab muaj zog los tiv thaiv cov ntaub ntawv pov thawj ntawm kev ua pov thawj los ntawm kev raug nyiag, spoofed, leaked, guessed, los yog circumvented. Daim ntawv thov them nyiaj Viking khiav ntawm PCI pom zoo PTS POI ntaus ntawv.
Daim ntawv thov kev them nyiaj Viking tsis muab rau hauv zos, tsis yog-con-sole lossis chaw taws teeb nkag, lossis qib ntawm cov cai, yog li tsis muaj kev lees paub qhov tseeb hauv PTS POI ntaus ntawv.
Daim ntawv thov kev them nyiaj Viking tsis muab kev teeb tsa los tswj lossis tsim cov neeg siv IDs thiab tsis muab ib qho chaw hauv zos, tsis yog lub console lossis chaw taws teeb nkag mus rau cov cuab tam tseem ceeb (txawm tias yog lub hom phiaj debug).
5.4 Los ntawm lub neej ntawd, tag nrho cov kev nkag mus rau cov cuab tam tseem ceeb tsuas yog txwv rau cov nyiaj thiab cov kev pabcuam uas xav tau kev nkag mus. Daim ntawv thov them nyiaj Viking khiav ntawm PCI pom zoo PTS POI ntaus ntawv.
Daim ntawv thov kev them nyiaj Viking tsis muab kev teeb tsa los tswj lossis tsim cov nyiaj lossis cov kev pabcuam.
7.3 Txhua tus lej random siv los ntawm software yog tsim los siv tsuas yog pom zoo random naj npawb tsim (RNG) algorithms lossis cov tsev qiv ntawv.
Pom zoo RNG algorithms lossis cov tsev qiv ntawv yog cov uas ua tau raws li cov qauv kev lag luam kom tsis muaj peev xwm txaus (piv txwv li, NIST Special Publication 800-22).		 Daim ntawv thov kev them nyiaj Viking tsis siv ib qho RNG (random tooj generator) rau nws txoj haujlwm encryption.
Daim ntawv thov kev them nyiaj Viking tsis tsim lossis siv cov lej random rau kev ua haujlwm cryptographic.
7.4 Random qhov tseem ceeb muaj entropy uas ua tau raws li qhov tsawg kawg nkaus muaj zog qhov yuav tsum tau muaj ntawm cryptographic primitives thiab cov yuam sij uas cia siab rau lawv. Daim ntawv thov kev them nyiaj Viking tsis siv ib qho RNG (random tooj generator) rau nws txoj haujlwm encryption.
Daim ntawv thov kev them nyiaj Viking tsis tsim lossis siv cov lej random rau kev ua haujlwm cryptographic.
8.1 Txhua qhov kev sim nkag mus thiab siv cov cuab yeej tseem ceeb yog taug qab thiab taug qab tau rau ib tus neeg tshwj xeeb. Daim ntawv thov kev them nyiaj Viking khiav ntawm PCI pom zoo PTS POI cov cuab yeej, qhov twg txhua qhov kev tuav pov hwm tseem ceeb tshwm sim, thiab PTS POI firmware ua kom tsis pub lwm tus paub thiab kev ncaj ncees ntawm cov ntaub ntawv rhiab thaum khaws cia hauv PTS POI ntaus ntawv.
Viking them nyiaj daim ntawv thov kev ua haujlwm tsis pub lwm tus paub tsis pub lwm tus paub, kev ncaj ncees thiab kev ua haujlwm tau zoo raug tiv thaiv thiab muab los ntawm PTS POI firmware. PTS POI firmware tiv thaiv kev nkag mus rau cov cuab tam tseem ceeb tawm ntawm lub davhlau ya nyob twg thiab tso siab rau kev tiv thaiv tampcov yam ntxwv.
Daim ntawv thov kev them nyiaj Viking tsis muaj kev nkag mus rau hauv zos, tsis yog console lossis chaw taws teeb, lossis qib ntawm cov cai, yog li tsis muaj ib tus neeg lossis lwm lub tshuab nrog kev nkag mus rau cov cuab tam tseem ceeb, tsuas yog Viking daim ntawv thov them nyiaj tuaj yeem tswj cov cuab tam tseem ceeb.
8.2 Txhua yam haujlwm raug ntes kom txaus thiab tsim nyog los piav qhia meej txog cov haujlwm tshwj xeeb tau ua, leej twg ua lawv, lub sijhawm lawv tau ua, thiab cov cuab yeej tseem ceeb twg raug cuam tshuam. Daim ntawv thov them nyiaj Viking khiav ntawm PCI pom zoo PTS POI cov khoom siv. Daim ntawv thov kev them nyiaj Viking tsis muaj kev nkag mus rau hauv zos, tsis yog console lossis chaw taws teeb, lossis qib ntawm cov cai, yog li tsis muaj ib tus neeg lossis lwm lub kaw lus nkag mus rau cov cuab yeej tseem ceeb, tsuas yog Viking daim ntawv thov them nyiaj tuaj yeem tswj cov cuab tam tseem ceeb.
• Daim ntawv thov kev them nyiaj Viking tsis muab txoj cai ntawm kev ua haujlwm.
• Tsis muaj lub luag haujlwm los lov tes taw encryption ntawm cov ntaub ntawv rhiab heev
• Tsis muaj lub luag haujlwm rau decryption ntawm cov ntaub ntawv rhiab heev
• Tsis muaj lub luag haujlwm rau kev xa tawm cov ntaub ntawv rhiab rau lwm lub tshuab lossis cov txheej txheem
• Tsis muaj kev lees paub qhov tseeb txhawb kev tswj hwm kev nyab xeeb thiab kev ruaj ntseg ua haujlwm tsis tuaj yeem raug kaw lossis tshem tawm.
8.3 Lub software txhawb kev ruaj ntseg khaws cov ncauj lus kom ntxaws
kev ua si
cov ntaub ntawv.		 Daim ntawv thov them nyiaj Viking khiav ntawm PCI pom zoo PTS POI cov khoom siv. Daim ntawv thov kev them nyiaj Viking tsis muaj kev nkag mus rau hauv zos, tsis yog console lossis chaw taws teeb, lossis qib ntawm cov cai, yog li tsis muaj ib tus neeg lossis lwm lub kaw lus nkag mus rau cov cuab yeej tseem ceeb, tsuas yog Viking daim ntawv thov them nyiaj tuaj yeem tswj cov cuab tam tseem ceeb.
• Daim ntawv thov kev them nyiaj Viking tsis muab txoj cai ntawm kev ua haujlwm.
• Tsis muaj lub luag haujlwm los lov tes taw encryption ntawm cov ntaub ntawv rhiab heev
• Tsis muaj lub luag haujlwm rau decryption ntawm cov ntaub ntawv rhiab heev
• Tsis muaj lub luag haujlwm rau kev xa tawm cov ntaub ntawv rhiab rau lwm lub tshuab lossis cov txheej txheem
• Tsis muaj kev lees paub qhov tseeb txhawb kev tswj hwm kev nyab xeeb thiab kev ruaj ntseg ua haujlwm tsis tuaj yeem raug kaw lossis tshem tawm.
8.4 Lub software tswj xyuas qhov ua tsis tiav hauv kev ua haujlwm-nrhiav cov txheej txheem xws li kev ncaj ncees ntawm cov ntaub ntawv ua haujlwm uas twb muaj lawm yog khaws cia. Daim ntawv thov them nyiaj Viking khiav ntawm PCI pom zoo PTS POI cov khoom siv. Daim ntawv thov kev them nyiaj Viking tsis muaj kev nkag mus rau hauv zos, tsis yog console lossis chaw taws teeb, lossis theem ntawm cov cai, yog li tsis muaj ib tus neeg lossis lwm lub kaw lus nrog kev nkag mus rau cov cuab tam tseem ceeb, tsuas yog daim ntawv thov Viking muaj peev xwm tswj tau cov cuab tam tseem ceeb.
• Daim ntawv thov kev them nyiaj Viking tsis muab txoj cai ntawm kev ua haujlwm.
• Tsis muaj lub luag haujlwm los lov tes taw encryption ntawm cov ntaub ntawv rhiab heev
• Tsis muaj zog rau decryption ntawm rhiab cov ntaub ntawv |
• Tsis muaj lub luag haujlwm rau kev xa tawm cov ntaub ntawv rhiab rau lwm lub tshuab lossis cov txheej txheem
• Tsis muaj qhov kev lees paub tseeb txhawb nqa
• Tswj kev ruaj ntseg thiab kev ruaj ntseg ua haujlwm tsis tuaj yeem raug kaw lossis tshem tawm.
B.1.3 Tus neeg muag khoom software tswj cov ntaub ntawv
uas piav qhia tag nrho cov kev xaiv configurable uas tuaj yeem ua tau
cuam ​​tshuam rau kev ruaj ntseg ntawm cov ntaub ntawv rhiab.		 Daim ntawv thov them nyiaj Viking khiav ntawm PCI pom zoo PTS POI cov khoom siv. Daim ntawv thov kev them nyiaj Viking tsis muab ib qho ntawm cov hauv qab no rau cov neeg siv kawg:
• configurable xaiv nkag mus rau cov ntaub ntawv rhiab heev
• configurable xaiv los hloov kho mechanisms los tiv thaiv cov ntaub ntawv rhiab heev
• tej thaj chaw deb nkag rau daim ntawv thov
• tej thaj chaw deb hloov tshiab ntawm daim ntawv thov
• kev xaiv configurable los hloov lub neej ntawd nqis ntawm daim ntawv thov
B.2.4 Lub software siv tsuas yog tus lej random
tiam muaj nuj nqi (s) suav nrog hauv kev them nyiaj
Terminal's PTS ntaus ntawv ntsuam xyuas rau tag nrho cov cryptographic
cov haujlwm uas muaj cov ntaub ntawv rhiab lossis cov haujlwm tseem ceeb uas yuav tsum muaj qhov tseem ceeb thiab tsis siv nws tus kheej
random naj npawb tiam muaj nuj nqi (s).		 Viking tsis siv ib qho RNG (random tooj generator) rau nws txoj haujlwm encryption.
Daim ntawv thov Viking tsis tsim lossis siv tus lej lej rau kev ua haujlwm cryptographic.
B.2.9 Kev ncaj ncees ntawm software sai files raug tiv thaiv raws li Kev Tswj Lub Hom Phiaj B.2.8. Tag nrho cov lus qhia tam sim ntawm Viking lub davhlau ya nyob twg yog encoded hauv daim ntawv thov thiab tsis muaj kev ceeb toom files muaj nyob sab nraum daim ntawv thov.
Tsis muaj lus nug files sab nraum daim ntawv thov kev them nyiaj Viking muaj nyob, tag nrho cov ntaub ntawv tsim nyog yog tsim los ntawm daim ntawv thov.
B.5.1.5 Kev taw qhia txog kev coj ua suav nrog cov lus qhia rau cov neeg muaj feem cuam tshuam rau kev kos npe kos npe rau txhua qhov sai files. Tag nrho cov lus ceeb toom qhia ntawm Viking lub davhlau ya nyob twg yog encoded hauv daim ntawv thov thiab tsis muaj kev ceeb toom files muaj nyob sab nraum daim ntawv thov.
Tsis muaj lus nug files sab nraum daim ntawv thov kev them nyiaj Viking muaj nyob, tag nrho cov ntaub ntawv tsim nyog yog tsim los ntawm daim ntawv thov

PCI Secure Software Standard Requirements Reference

Cov tshooj hauv daim ntawv no PCI Ruaj Ntseg Software Standard Requirements PCI DSS cov cai
2. Daim ntawv thov kev them nyiaj ruaj ntseg Ib. 2.1 6.1
12.1
12.1.b ib		 2.2.3
3. Txhim kho tej thaj chaw deb Software hloov tshiab 11.1
11.2
12.1		 1 & 12.3.9
2, 8, 10 ib
4. Ruaj ntseg tshem tawm cov ntaub ntawv rhiab heev thiab tiv thaiv cov ntaub ntawv khaws cia hauv daim npav 3.2
3.4
3.5
A.2.1
A.2.3
B.1.2 a		 3.2
3.2
3.1
3.3
3.4
3.5
3.6
Authentication thiab Access Controls 5.1
5.2
5.3
5.4		 8.1 & 8.2
8.1 & 8.2
Kev sau npe 3.6
8.1
8.3		 10.1
10.5.3
Wireless Network 4.1 1.2.3 & 2.1.1
4.1.1
1.2.3, 2.1.1,4.1.1
Network Segmentation 4.1c ua 1.3.7
Chaw taws teeb Access B.1.3 8.3
Kev xa cov ntaub ntawv pov thawj A.2.1
A.2.3		 4.1
4.2
2.3
8.3
Viking Versioning Methodology 11.2
12.1.b ib
Cov lus qhia rau cov neeg siv khoom txog kev ruaj ntseg installation ntawm thaj ua rau thaj thiab hloov tshiab. 11.1
11.2
12.1

Glossary of Terms

TERM DEFINITION
Cov ntaub ntawv pov thawj Tag nrho magnetic stripe los yog PAN ntxiv rau ib qho ntawm cov hauv qab no:
· Daim npav lub npe
· Hnub Kawg
· Service Code
DUKPT Derived Unique Key Per Transaction (DUKPT) yog ib lub tswv yim tswj xyuas qhov tseem ceeb uas rau txhua qhov kev sib pauv, tus yuam sij tshwj xeeb yog siv uas tau muab los ntawm tus yuam sij ruaj. Yog li ntawd, yog tias tus yuam sij tau txais raug cuam tshuam, yav tom ntej thiab yav dhau los cov ntaub ntawv hloov pauv tseem raug tiv thaiv vim cov yuam sij tom ntej lossis ua ntej tsis tuaj yeem txiav txim siab yooj yim.
3 DES Hauv cryptography, Triple DES (3DES lossis TDES), ua tiav Triple Data Encryption Algorithm (TDEA lossis Triple DEA), yog ib qho kev sib txuam-tus yuam sij thaiv cipher, uas siv DES cipher algorithm peb zaug rau txhua cov ntaub ntawv thaiv.
Tub lag luam Cov neeg siv kawg thiab yuav khoom ntawm Viking khoom.
SSF PCI Software Security Framework (SSF) yog ib qho kev sau ntawm cov qauv thiab cov kev pab cuam rau kev ruaj ntseg tsim thiab tsim cov software them nyiaj. Kev ruaj ntseg ntawm kev them nyiaj software yog ib feem tseem ceeb ntawm kev them nyiaj khiav lag luam thiab yog qhov tseem ceeb los pab txhawb kev lag luam kev them nyiaj kom ntseeg tau thiab raug.
PA-QSA Daim Ntawv Thov Kev Them Nyiaj Tsim Nyog Cov Kws Ntsuam Xyuas Kev Ruaj Ntseg. QSA lub tuam txhab uas muab kev pabcuam rau cov neeg muag khoom daim ntawv thov them nyiaj kom lees paub cov neeg muag khoom daim ntawv thov kev them nyiaj.
SAD

(Sensitive Authentication Data)

 Cov ntaub ntawv ntsig txog kev ruaj ntseg (Daim npav Validation Codes/Tus nqi, ua tiav cov ntaub ntawv taug qab, PINs, thiab PIN Blocks) siv los txheeb xyuas cov neeg tuav daim npav, tshwm hauv cov ntawv dawb lossis lwm yam tsis muaj kev tiv thaiv. Kev kaw, kev hloov kho, lossis kev puas tsuaj ntawm cov ntaub ntawv no tuaj yeem cuam tshuam kev ruaj ntseg ntawm cov cuab yeej cryptographic, cov ntaub ntawv kaw lus, lossis cov ntaub ntawv tuav pov hwm lossis tuaj yeem siv rau hauv kev dag ntxias. Sensitive Authentication Cov ntaub ntawv yuav tsum tsis txhob muab khaws cia thaum kev sib pauv tiav.
Viking Lub software platform siv los ntawm Nets rau daim ntawv thov kev loj hlob rau European lag luam.
HSM Kho vajtse ruaj ntseg module

Cov Ntaub Ntawv Tswj

Document Author, Reviewers thiab Approvers

Kev piav qhia Muaj nuj nqi Lub npe
PA-QSA Reviewer Claudio Adamic / Flavio Bonfiglio Shorans
Kev loj hlob Tus sau Aruna Panicked
Ua Raws Cai Tus Thawj Tswj Reviewyog & Approver Arno Edstrom
System Architect Reviewyog & Approver Shamsher Singh
QA Reviewyog & Approver Varun Shukla
Tus tswv khoom Reviewyog & Approver Cecilia Jensen Tyldum / Arti Kangas
Product Manager Reviewyog & Approver May-Britt Dens tad Sanderson's
Tus Thawj Tswj Xyuas Hluav Taws Xob Tus thawj tswj Tamely Vallon

Cov ntsiab lus ntawm Kev Hloov

Version Tus lej Version Hnub tim Xwm ntawm Kev Hloov Hloov Tus Sau Reviewer Kev kho dua Tag Hnub Pom Zoo
1.0 03-08-2022 Ib Thawj Version rau PCI-Secure
Software Standard		 Aruna Panicked Shamsher Singh 18-08-22 Ib
1.0 15-09-2022 Ib Hloov kho ntu 14 nrog rau cov hom phiaj tswj tsis tau nrog lawv
kev ncaj ncees		 Aruna Panicked Shamsher Singh 29-09-22 Ib
1.1 20-12-2022 Ib Hloov kho ntu 2.1.2 thiab
2.2 nrog Self4000. Tshem tawm Link2500 (PTS version 4.x) los ntawm daim ntawv teev npe chaw nres nkoj		 Aruna Panicked Shamsher Singh  

 

23-12-22 Ib
1.1 05-01-2023 Ib Hloov kho ntu 2.2 nrog Link2500 (pts v4) rau kev txhawb nqa rau qhov no

hom davhlau ya nyob twg.

 Aruna Panicked Shamsher Singh 05-01-23 Ib
1.2 20-03-2023 Ib Hloov kho ntu 2.1.1 nrog Latvian thiab Lithuanian
davhlau ya nyob twg profiles. Thiab 2.1.2 nrog BT-iOS kev sib txuas lus hom kev txhawb nqa		 Aruna Panicked Shamsher Singh

Cov Npe Faib

Lub npe Muaj nuj nqi
Terminal Department Kev tsim kho, kev xeem, kev tswj xyuas qhov project, kev ua raws cai
Kev Tswj Xyuas Khoom Terminal Product Management Team, Tus Thawj Saib Xyuas Kev Ua Raws Cai - Khoom

Cov ntaub ntawv pom zoo

Lub npe Muaj nuj nqi
Cecilia Jensen Tyldum Tus tswv khoom
Arti Kangas Tus tswv khoom

Document Review Kev npaj
Cov ntaub ntawv no yuav rovviewed thiab kho tshiab, yog tias tsim nyog, raws li tau hais hauv qab no:

  • Raws li qhov yuav tsum tau kho lossis txhim kho cov ntsiab lus ntawm cov ntaub ntawv
  • Ua raws li kev hloov pauv lossis hloov kho lub koom haum
  • Tom qab ib xyoos review
  • Tom qab exploitation ntawm qhov tsis zoo
  • Ua raws li cov ntaub ntawv tshiab / cov cai hais txog qhov muaj feem cuam tshuam

Nets logo

Cov ntaub ntawv / Cov ntaub ntawv

Nets PCI Secure Software Standard [ua pdf] Cov neeg siv phau ntawv qhia
PCI Secure Software Standard, Secure Software Standard, Software Standard, Standard
Nets PCI Secure Software Standard [ua pdf] Cov neeg siv phau ntawv qhia
PCI Secure Software Standard, Secure Software Standard, Software Standard, Standard

Cov ntaub ntawv

Cia ib saib

Koj email chaw nyob yuav tsis raug luam tawm. Cov teb uas yuav tsum tau muaj yog cim *