Nets logoPCI Secure Software Standard
Wogwiritsa NtchitoNets PCI Secure Software StandardMalingaliro a kampani Nets Denmark A/S
PCI-Secure Software Standard
Malangizo Othandizira Ogulitsa Mapulogalamu
kwa Viking terminal 1.02.0
Mtundu wa 1.2

Zamkatimu kubisa
1 Chiyambi ndi Kuchuluka
2 Secure Payment Application
3 Chitetezo cha Mapulogalamu Akutali
4 Kufufutidwa Motetezedwa kwa Sensitive Data ndi Chitetezo cha Zosungidwa Zosunga Makhadi
5 Kutsimikizira ndi Kulowa Zowongolera
6 Kudula mitengo
7 Ma Networks opanda zingwe
8 Gawo la Network
9 Kufikira Kwakutali
10 Kutumiza kwa Sensitive data
11 Viking Versioning Methodology
12 Malangizo okhudza Kuyika Motetezedwa kwa Zigamba ndi Zosintha.
13 Zosintha Zotulutsidwa za Viking
14 Zofunikira zosagwiritsidwa ntchito
15 PCI Secure Software Standard Requirements Reference
16 Kalozera wa Terms
17 Document Control
18 Zolemba / Zothandizira
18.1 Maumboni

Chiyambi ndi Kuchuluka

1.1 Mawu Oyamba
Cholinga cha Bukhuli la PCI-Secure Software Standard Software Vendor Implementation Guide ndikupereka malangizo omveka bwino komanso omveka bwino a pulogalamu ya Viking yotetezedwa, kasinthidwe, ndi kagwiritsidwe ntchito ka pulogalamu ya Viking. Bukuli limalangiza Ogulitsa momwe angagwiritsire ntchito ma Nets 'Viking m'malo awo motsatira PCI Secure Software Standard. Ngakhale, sichinapangidwe kukhala chiwongolero chokwanira chokhazikitsa. Kugwiritsa ntchito kwa Viking, ngati kuyikidwa molingana ndi malangizo omwe alembedwa pano, kuyenera kuthandizira, ndikuthandizira kutsata kwa PCI kwa wamalonda.
1.2 Software Security Framework (SSF)
PCI Software Security Framework (SSF) ndi mndandanda wamiyezo ndi mapulogalamu amapangidwe otetezedwa ndikukhazikitsa mapulogalamu olipira. SSF ilowa m'malo mwa Payment Application Data Security Standard (PA-DSS) ndi zofunikira zamakono zomwe zimathandizira mndandanda wamitundu yolipira ya mapulogalamu, umisiri, ndi njira zotukula. Amapereka mavenda miyezo yachitetezo monga PCI Secure Software Standard popanga ndi kusunga mapulogalamu olipira kuti ateteze zomwe amalipira ndi data, amachepetsa chiopsezo, ndikuteteza ku ziwopsezo.
1.3 Maupangiri Othandizira Ogulitsa Mapulogalamu - Kugawa ndi Zosintha
Bukuli la PCI Secure Software Standard Implementation Guide liyenera kufalitsidwa kwa ogwiritsa ntchito onse oyenerera kuphatikiza amalonda. Iyenera kusinthidwa chaka ndi chaka komanso pambuyo pa kusintha kwa mapulogalamu. The pachaka review ndipo zosintha ziyenera kuphatikizapo kusintha kwa mapulogalamu atsopano komanso kusintha kwa Secure Software Standard.
Nets imasindikiza zambiri pazomwe zalembedwa webtsamba ngati pali zosintha mu kalozera wokhazikitsa.
Webtsamba: https://support.nets.eu/
Za Eksample: Nets PCI-Secure Software Standard Software Vendor Implementation Guide idzagawidwa kwa makasitomala onse, ogulitsa, ndi ophatikiza. Makasitomala, Ogulitsanso, ndi Ophatikiza adzadziwitsidwa kuchokera ku reviews ndi zosintha. Zosintha pa PCI-Secure Software Standard Software Vendor Implementation Guide zitha kupezeka polumikizana ndi Nets mwachindunji, komanso.
PCI-Secure Software Standard Software Vendor Implementation Guide imatchula zonse zofunika pa PCI-Secure Software Standard ndi PCI. Mabaibulo otsatirawa adatchulidwa mu bukhuli.

  • PCI-Secure-Software-Standard-v1_1

Secure Payment Application

2.1 Kugwiritsa ntchito S/W
Mapulogalamu olipira a Viking sagwiritsa ntchito pulogalamu yakunja kapena zida zomwe sizili za pulogalamu ya Viking. Zochita zonse za S/W za pulogalamu yolipira ya Viking zimasainidwa ndi digito ndi zida zosayina za Tetra zoperekedwa ndi Ingenico.

  • The terminal imalumikizana ndi Nets Host pogwiritsa ntchito TCP/IP, mwina kudzera pa Ethernet, GPRS, Wi-Fi, kapena kudzera pa PC-LAN yomwe ikuyendetsa pulogalamu ya POS. Komanso, terminal imatha kulumikizana ndi wolandirayo kudzera pa foni yam'manja ndi Wi-Fi kapena GPRS yolumikizira.

Ma terminal a Viking amayendetsa kulumikizana konse pogwiritsa ntchito gawo la Ingenico link layer. Chigawo ichi ndi pulogalamu yoyikidwa mu terminal. Link Layer imatha kuyang'anira mauthenga angapo nthawi imodzi pogwiritsa ntchito zotumphukira zosiyanasiyana (modemu ndi serial port for ex.ample).
Pakali pano imathandizira ma protocol awa:

  • Thupi: RS232, modemu yamkati, modemu yakunja (kudzera RS232), USB, Efaneti, Wi-Fi, Bluetooth, GSM, GPRS, 3G ndi 4G.
  • Ulalo wa data: SDLC, PPP.
  • Network: IP.
  • Transport: TCP.

Ma terminal nthawi zonse amatengapo gawo pakukhazikitsa kulumikizana kwa Nets Host. Palibe TCP/IP seva S/W mu terminal, ndipo terminal S/W simayankha mafoni obwera.
Mukaphatikizidwa ndi pulogalamu ya POS pa PC, terminal imatha kukhazikitsidwa kuti ilumikizane kudzera pa PC-LAN yomwe ikuyendetsa pulogalamu ya POS pogwiritsa ntchito RS232, USB, kapena Bluetooth. Komabe magwiridwe antchito onse a pulogalamu yolipira akugwira ntchito mu terminal S/W.
Protocol yogwiritsira ntchito (ndi encryption yogwiritsidwa ntchito) imakhala yowonekera komanso yodziyimira pawokha pamtundu wa kulumikizana.
2.1.1 Malipiro Host kulankhulana TCP/IP parameter kukhazikitsa Nets PCI Secure Software Standard - kukhazikitsa
2.1.2 Kulumikizana kwa ECR

  • RS232 siriyo
  • Kugwirizana kwa USB
  • TCP/IP parameter setup, yomwe imadziwikanso kuti ECR over IP
    Nets PCI Secure Software Standard - kukhazikitsa1
  • Njira zoyankhulirana za Host/ECR mu Viking Payment Application
    Mtundu wa Host COMM Mtundu wa Terminal
    Efaneti SeIf4000, Move3500, Desk3500, La n e3000
    BT iOS Link2500, Link2500i
    BT Android Move3500, Link2500, Link2500i
    kudzera pa ECR SeIf4000, Move3500, Link2500, Link2500i, Desk3500,
    Njira 3000
    GPRS Sungani 3500
    'Gwirizanani Move3500, Link2500
    Mtengo wa ECR COMM Mtundu wa Terminal
    IP Ethernet SeIf4000, Move3500, Desk3500, Lane3000
    BT iOS Link2500, Link2500i
    BT Android Move3500, Link2500, Link2500i
    USB SeIf4000, Move3500, Link2500, Link2500i, Desk3500, Lane3000
    Mtengo wa RS232 SeIf4000, Desk3500, Lane3000
    GPRS Sungani 3500
    IP Will Move3500, Link2500
  • Kusintha kwa magawo a Nets Cloud ECR (Connect Cloud).
    Adilesi ya IP ya ECR 212.226.157.243
    Kulumikizana kwa TCP-IP PORT 6001

2.1.3 Kulankhulana kuchititsa kudzera pa ECR

Host IP adilesi 91.102.24142
Kulumikizana TCP-IP PORT (NORWAY) 9670

Zindikirani: Onaninso "2.1.1- Payment Host communication TCP/IP parameter set" pamadoko a TCP/IP akumayiko ena.
2.2 Zida zothandizira terminal
Kugwiritsa ntchito kulipira kwa Viking kumathandizidwa pazida zosiyanasiyana za PTS (PIN transaction security) zida zovomerezeka za Ingenico.
Mndandanda wa zida zomaliza pamodzi ndi nambala yawo yovomerezeka ya PTS zaperekedwa pansipa.

Mitundu ya Tetra Terminal

Pokwerera hardware Chithunzi cha PTS Nambala yovomerezeka ya PTS PTS Hardware Version PTS Firmware Version
Njira ya 3000 5.x 4-30310 LAN30AN LAN30BA LAN30BN LAN30CA LAN30DA LAN30EA LAN30EN LAN30FA LAN30FN LAN30GA LAN30HA LAN30AA 820547v01.xx

820561v01.xx
Desk 3500 5.x 4-20321 DES32BB DES32BC DES32CB DES32DB DES32DC DES35AB DES35BB DES35BC DES35CB DES35DB DES35DC DES32AB 820376v01.xx
820376v02.xx
820549v01.xx
820555v01.xx
820556v01.xx
820565v01.xx
820547v01.xx
Kusuntha 3500 5.x 4-20320 MOV35AC MOV35AQ MOV35BB MOV35BC MOV35BQ MOV35CB MOV35CC MOV35CQ MOV35DB MOV35DC MOV35DQ MOV35EB MOV35FB MOV35JB
Chithunzi cha MOV35AB		 820376v01.xx
820376v02.xx
820547v01.xx
820549v01.xx
820555v01.xx
820556v01.xx
820565v01.xx
820547v01.xx
820565v01.xx
Link2500 4.x 4-30230 LIN25BA LIN25BB LIN25CA LIN25DA LIN25DB LIN25EA LIN25FA 820555v01.xx
820556v01.xx
820547v01.xx
LIN25FB LIN25GA LIN25HA LIN25HB LIN25IA LIN25JA LIN25JB LIN25KA LIN25LA LIN25MA LIN25NA LIN25AA
Link2500 5.x 4-30326 LIN25BA LIN25BB LIN25CA LIN25DA LIN25DB LIN25EA LIN25FA LIN25FB LIN25GA LIN25HA LIN25HB LIN25IA LIN25JA LIN25JB LIN25KA LIN25LA LIN25MA LIN25NA 25BB 820547v01.xx
Mwini4000 5.x 4-30393 Chithunzi cha SEL40BA 820547v01.xx

2.3 Ndondomeko Zachitetezo
Kufunsira kulipira kwa Viking kumatsatira mfundo zonse zachitetezo zomwe zafotokozedwa ndi Ingenico. Kuti mumve zambiri, awa ndi maulalo a mfundo zachitetezo pamateshoni osiyanasiyana a Tetra:

Mtundu wa Terminal Chikalata cha Security Policy
Link2500 (v4) Link/2500 PCI PTS Security Policy (pcisecuritystandards.org)
Link2500 (v5) PCI PTS Security Policy (pcisecuritystandards.org)
Desk3500 https://listings.pcisecuritystandards.org/ptsdocs/4-20321ICO-OPE-04972-EN- V12_PCI_PTS_Security_Policy_Desk_3200_Desk_3500-1650663092.33407.pdf
Sungani 3500 https://listings.pcisecuritystandards.org/ptsdocs/4-20320ICO-OPE-04848-EN- V11_PCI_PTS_Security_Policy_Move_3500-1647635765.37606.pdf
Njira 3000 https://listings.pcisecuritystandards.org/ptsdocs/4-30310SP_ICO-OPE-04818-EN- V16_PCI_PTS_Security_Policy_Lane_3000-1648830172.34526.pdf
Mwini4000 Self/4000 PCI PTS Security Policy (pcisecuritystandards.org)

Chitetezo cha Mapulogalamu Akutali

3.1 Kugwiritsa Ntchito Malonda

Nets imapereka zosintha zamapulogalamu a Viking mosatetezeka patali. Zosinthazi zimachitika panjira yolumikizirana yofanana ndi njira zolipirira zotetezedwa, ndipo wamalonda sakufunika kuti asinthe njira iyi yolumikizirana kuti atsatire.
Kuti mudziwe zambiri, amalonda ayenera kupanga ndondomeko yovomerezeka yogwiritsira ntchito matekinoloje ovuta kwambiri ogwira ntchito, malinga ndi malangizo omwe ali pansipa a VPN, kapena maulumikizidwe ena othamanga kwambiri, zosintha zimalandiridwa kudzera pa firewall kapena firewall.
3.2 Ndondomeko Yovomerezeka Yogwiritsa Ntchito
Wogulitsa akuyenera kupanga mfundo zogwiritsira ntchito matekinoloje ofunikira kwambiri ogwira ntchito, monga ma modemu ndi zida zopanda zingwe. Ndondomeko zogwiritsira ntchito izi ziyenera kuphatikizapo:

  • Chilolezo choyang'anira momveka bwino kuti chigwiritsidwe ntchito.
  • Kutsimikizika kuti mugwiritse ntchito.
  • Mndandanda wa zida zonse ndi ogwira ntchito omwe ali ndi mwayi.
  • Kulemba zida ndi eni ake.
  • Zambiri ndi cholinga.
  • Kugwiritsa ntchito luso lovomerezeka.
  • Malo ovomerezeka a netiweki aukadaulo.
  • Mndandanda wazinthu zovomerezeka ndi kampani.
  • Kulola kugwiritsa ntchito ma modemu kwa ogulitsa pokhapokha pakufunika ndi kutsekedwa pambuyo pa ntchito.
  • Kuletsa kusungidwa kwa data yamwini makhadi pamawayilesi am'deralo mukalumikizidwa patali.

3.3 Zozimitsa Pawekha
Malumikizidwe aliwonse "okhazikika" kuchokera pakompyuta kupita ku VPN kapena kulumikizana kwina kothamanga kwambiri kuyenera kutetezedwa pogwiritsa ntchito chozimitsa moto. Firewall imapangidwa ndi bungwe kuti likwaniritse miyezo yeniyeni komanso yosasinthika ndi wogwira ntchito.
3.4 Njira Zosinthira Zakutali
Pali njira ziwiri zoyambitsira terminal kuti ilumikizane ndi pulogalamu ya Nets kuti isinthe:

  1. Mwina pamanja kudzera pa menyu mu terminal (swipuni khadi yamalonda, sankhani menyu 8 "Mapulogalamu", 1 "Tengani mapulogalamu"), kapena Host yakhazikitsidwa.
  2. Kugwiritsa ntchito njira yoyambira ya Host; terminal imangolandira lamulo kuchokera kwa Host pambuyo pochita malonda azachuma. Lamulo limauza terminal kuti ilumikizane ndi pulogalamu ya Nets kuti muwone zosintha.

Pambuyo pakusintha kwabwino kwa mapulogalamu, terminal yokhala ndi chosindikizira chokhazikika imasindikiza risiti yokhala ndi chidziwitso cha mtundu watsopano.
Ophatikiza ma terminal, othandizana nawo komanso/kapena gulu lothandizira zaukadaulo la Nets adzakhala ndi udindo wodziwitsa amalonda zakusintha, kuphatikiza ulalo wa kalozera kakukhazikitsidwa kosinthidwa ndi zolemba zotulutsidwa.
Kuphatikiza pa kulandila pambuyo pakusintha kwa pulogalamu, ntchito yolipira ya Viking imathanso kutsimikiziridwa kudzera pa Terminal Info podina kiyi ya 'F3' pa terminal.

Kufufutidwa Motetezedwa kwa Sensitive Data ndi Chitetezo cha Zosungidwa Zosunga Makhadi

4.1 Kugwiritsa Ntchito Malonda
Kulipira kwa Viking sikumasunga zidziwitso zilizonse zamaginito, makhadi otsimikizira kapena ma code, ma PIN kapena PIN block block, cryptographic key material, kapena cryptograms kuchokera kumitundu yake yakale.
Kuti agwirizane ndi PCI, wamalonda ayenera kukhala ndi mfundo yosunga deta yomwe imatanthawuza kuti deta ya mwini makhadi idzasungidwa nthawi yayitali bwanji. Ntchito yolipira ya Viking imasunga zambiri za omwe ali ndi makhadi komanso / kapena chidziwitso chotsimikizika cha zomwe wachitika komaliza kwambiri ndipo ngati pali zololeza zomwe zachitika pa intaneti kapena zomwe zachedwetsedwa ndikutsata kutsata kwa PCI-Secure Software Standard nthawi imodzi, chifukwa chake ikhoza kumasulidwa. ndondomeko yosunga deta ya wamalonda.
4.2 Chitetezo Chotsani Malangizo
The terminal sikusunga deta yotsimikizika yotsimikizika; track2 yathunthu, CVC, CVV kapena PIN, osati kale kapena pambuyo pa chilolezo; Kupatulapo zochitika za Deferred Authorization pomwe data yachinsinsi yotsimikizira (zonse za track2) imasungidwa mpaka chilolezo chitatha. Post chilolezo deta zichotsedwa motetezedwa.
Chitsanzo chilichonse cha mbiri yakale yoletsedwa yomwe ilipo mu terminal idzachotsedwa pokhapokha pulogalamu yolipira ya Viking ikasinthidwa. Kuchotsa kwa data yoletsedwa ndi data yomwe idasungidwa m'mbuyomu kudzachitika zokha.
4.3 Malo Osungira Makhadi Osungidwa
Zomwe zili ndi khadi zimasungidwa mu Flash DFS (Data File System) ya terminal. Deta siipezeka mwachindunji ndi wamalonda.

Data Store (file, table, etc.) Cardholder Data Elements zosungidwa
(PAN, kutha ntchito, zinthu zilizonse za SAD)		 Momwe sitolo ya data imatetezedwa
(kwa example, encryption, zowongolera zolowera, kudumpha, etc.)
File: kulakwa PAN, Tsiku Lomaliza Ntchito, Khodi Yautumiki PAN: Encrypted 3DES-DUKPT (112 bits)
File: storefwd.rsd PAN, Tsiku Lomaliza Ntchito, Khodi Yautumiki PAN: Encrypted 3DES-DUKPT (112 bits)
File: transoff.rsd PAN, Tsiku Lomaliza Ntchito, Khodi Yautumiki PAN: Encrypted 3DES-DUKPT (112 bits)
File: transorr.rsd PAN yodulidwa Kudulidwa (Oyamba 6, Otsiriza 4)
File: offlrep.dat PAN yodulidwa Kudulidwa (Oyamba 6, Otsiriza 4)
File: defauth.rsd PAN, Tsiku Lomaliza Ntchito, Khodi Yautumiki PAN: Encrypted 3DES-DUKPT (112 bits)
File: defauth.rsd Zambiri za track2 Zambiri za Track2: 3DES-DUKPT Yosungidwa kale (112 bits)

4.4 Kuyimitsidwa Kwachilolezo Choyimitsidwa
Chilolezo Choyimitsidwa chimachitika pamene wamalonda sangathe kumaliza chilolezo panthawi yomwe akugulitsa ndi mwini makhadi chifukwa cha kulumikizana, zovuta zamakina, kapena zolepheretsa zina, ndiyeno pambuyo pake amamaliza chilolezo akatha kutero.
Izi zikutanthauza kuti chilolezo chochedwetsedwa chimachitika pomwe chilolezo chapaintaneti chachitika khadi ikasowa. Pomwe chilolezo chapaintaneti chololeza chilolezo chochedwetsedwa chikuchedwetsedwa, zochitikazo zimasungidwa pa terminal mpaka zomwe zachitikazo zitavomerezedwa bwino pambuyo pake netiweki ikapezeka. Zochitazo zimasungidwa ndikutumizidwa pambuyo pake kwa wolandirayo, monga momwe ma Offline amasungidwira masiku ano muzolipira za Viking.
Merchant atha kuyambitsa malondawo ngati 'Deferred Authorization' kuchokera ku Electronic Cash Register (ECR) kapena kudzera pa menyu yama terminal.
Malonda Oyimitsidwa Oyimitsidwa akhoza kukwezedwa ku Nets host ndi wamalonda pogwiritsa ntchito njira zotsatirazi:

  1. ECR - Lamulo la Admin - Tumizani pa intaneti (0x3138)
  2. Pokwerera - Wogulitsa -> 2 EOT -> 2 yotumizidwa kwa alendo

4.5 Njira Zothetsera Mavuto
Thandizo la ma nets silingapemphe kutsimikizika kwachinsinsi kapena data yamwini makhadi pazifukwa zothetsera mavuto. Kugwiritsa ntchito kulipira kwa Viking sikungathe kusonkhanitsa kapena kuthetsa vuto lililonse.

Malo a 4.6 PAN - Owonetsedwa kapena Osindikizidwa
PAN Yophimbidwa:

  • Ma risiti okhudza zandalama:
    Masked PAN nthawi zonse amasindikizidwa pa risiti yamalonda kwa onse omwe ali ndi makhadi komanso amalonda. PAN yobisika nthawi zambiri imakhala ndi * pomwe manambala 6 oyamba ndi manambala 4 omaliza amakhala omveka bwino.
  • Lipoti la mndandanda wazochitika:
    Lipoti la mndandanda wazomwe zachitika zimawonetsa zomwe zachitika panthawi imodzi. Zambiri zomwe zachitika zikuphatikiza Masked PAN, dzina lopereka khadi ndi ndalama zomwe mwachita.
  • Chiphaso chomaliza chamakasitomala:
    Kope la risiti lomaliza lamakasitomala litha kupangidwa kuchokera ku menyu yotsitsa. Lisiti yamakasitomala ili ndi PAN yobisika ngati risiti yoyambirira yamakasitomala. Ntchito yoperekedwayo imagwiritsidwa ntchito ngati terminal ikulephera kupanga kasitomala
    risiti panthawi yamalonda pazifukwa zilizonse.

PAN Yosungidwa:

• Lisiti yochitira zinthu popanda intaneti:
Mtundu wa risiti wamalonda wapaintaneti umaphatikizapo data yobisidwa yamakadi atatu DES 112-bit DUKPT (PAN, tsiku lotha ntchito ndi nambala ya Service).

BAX: 71448400-714484
12/08/2022 10:39
Visa
Zopanda contactless
********* 3439-0
107A47458AE773F3A84DF977
553E3D93FFFF9876543210E0
Mtengo wa 15F3
Thandizo: A0000000031010
TVR: 0000000000
Zithunzi za 123461
Chithunzi: 000004 000000 KC3
Chithunzi: Y1
Nthawi: 782
GULUTSA
NKHANI 12,00
ZOVOMEREZEKA
RETAILER KOPI
Chitsimikizo:
Ntchito yolipira ya Viking nthawi zonse imabisa zomwe zili ndi makhadi mwachisawawa kuti zisungidwe popanda intaneti, kutumiza kwa olandila a NETS ndikusindikiza zidziwitso zamakhadi obisika pa risiti ya ogulitsa kuti achitepo pa intaneti.
Komanso, kuwonetsa kapena kusindikiza khadi PAN, ntchito yolipira ya Viking nthawi zonse imabisa manambala a PAN okhala ndi nyenyezi '*' yokhala ndi manambala 6 + Omaliza 4 momveka bwino ngati osasintha. Makhadi osindikizira a nambala amawongoleredwa ndi kasamalidwe ka terminal komwe mawonekedwe osindikizira angasinthidwe popempha kudzera panjira yoyenera ndikupereka chosowa chovomerezeka chabizinesi, komabe pakugwiritsa ntchito kulipira kwa Viking, palibe choncho.
Example ya PAN yophimba:
PAN: 957852181428133823-2
Zambiri: **************3823-2
Zambiri: 957852******** 3823-2
4.7 Yambitsani files
Kufunsira kulipira kwa Viking sikumapereka chidziwitso chosiyana files.
Kufunsira kwa ma Viking kufunsira zolowetsa omwe ali ndi makhadi kudzera pazowonetsa zomwe ndi gawo la mauthenga omwe ali mkati mwa pulogalamu yolipira ya Viking yosainidwa.
Zidziwitso za PIN, kuchuluka, ndi zina zambiri zimawonetsedwa pa terminal, ndipo zolowa zamwini makhadi zikuyembekezeredwa. Zolowa kuchokera kwa mwini makhadi sizisungidwa.
4.8 Kasamalidwe kofunikira
Pamitundu yosiyanasiyana ya Tetra, magwiridwe antchito onse achitetezo amachitidwa pamalo otetezeka a chipangizo cha PTS chotetezedwa ku pulogalamu yolipira.
Kubisa kumachitidwa mkati mwa malo otetezedwa pomwe kumasulira kwa data yosungidwa kumatha kuchitidwa ndi makina a Nets Host. Kusinthana konse kofunikira pakati pa Nets host, Key/Inject tool (kwa ma terminals a Tetra) ndi PED zimachitika mwachinsinsi.
Njira za Key Management zimayendetsedwa ndi Nets malinga ndi dongosolo la DUKPT pogwiritsa ntchito 3DES encryption.
Makiyi onse ndi zigawo zikuluzikulu zomwe zimagwiritsidwa ntchito ndi ma Nets terminals amapangidwa pogwiritsa ntchito njira zovomerezeka mwachisawawa kapena zabodza. Makiyi ndi zigawo zikuluzikulu zomwe zimagwiritsidwa ntchito ndi ma Nets terminals amapangidwa ndi Nets key management system, yomwe imagwiritsa ntchito mayunitsi ovomerezeka a Thales Pay Shield HSM kuti apange makiyi a cryptographic.
Kuwongolera kofunikira sikudalira magwiridwe antchito. Kutsegula pulogalamu yatsopano sikufuna kusintha kwa makiyi. Malo opangira ma terminal adzathandizira kuzungulira 2,097,152 zochitika.
Malo achinsinsi akatha, Viking terminal imasiya kugwira ntchito ndikuwonetsa uthenga wolakwika, kenako terminal iyenera kusinthidwa.
4.9 '24 HR' Yambitsaninso
Malo onse a Viking ndi PCI-PTS 4.x ndi pamwambapa ndipo amatsatira lamulo loti PCI-PTS 4.x terminal iyambitsenso osachepera kamodzi maola 24 aliwonse kuti afufute RAM ndi kutetezedwa kopitilira muyeso HW kuti asagwiritsidwe ntchito kuti alandire malipiro. data kadi.
Ubwino wina wa '24hr' woyambitsanso boot ndikuti kudontha kwa kukumbukira kumachepetsedwa komanso kukhala ndi zotsatira zochepa kwa wamalonda (osati kuti tiyenera kuvomereza zovuta zokumbukira.
Wogulitsa amatha kukhazikitsa nthawi yoyambiranso kuchokera pamenyu yomaliza kupita ku 'Reboot Time'. Nthawi yoyambitsanso imakhazikitsidwa pa wotchi ya '24hr' ndipo itenga mtundu wa HH:MM.
Makina a Reset adapangidwa kuti atsimikizire kukhazikitsidwanso kamodzi pa maola 24 akuthamanga. Kuti mukwaniritse chofunikira ichi, nthawi, yotchedwa "reset interval" yoimiridwa ndi Temin ndi Tmax yafotokozedwa. Nthawiyi ikuyimira nthawi yomwe kukonzanso kumaloledwa. Kutengera bizinesi, "nthawi yokonzanso" imasinthidwa nthawi yoyika terminal. Mwa kupanga, nthawi iyi singakhale yochepera mphindi 30. Panthawi imeneyi, kukonzanso kumachitika tsiku lililonse mphindi 5 m'mbuyomo (pa T3) monga momwe tafotokozera m'chithunzichi:Nets PCI Secure Software Standard - 'Yambitsaninso

4.10 Kulembetsa
Whitelisting ndi njira yodziwira kuti ma PAN omwe adalembedwa ngati ovomerezeka amaloledwa kuwonetsedwa m'mawu omveka bwino. Viking imagwiritsa ntchito minda itatu kuti idziwe ma PAN ovomerezeka omwe amawerengedwa kuchokera pamasinthidwe omwe adatsitsidwa kuchokera kumakina oyang'anira ma terminal.
Pamene 'Mbendera ya Compliance' mu Nets host yakhazikitsidwa kukhala Y, uthenga wochokera ku Nets Host kapena Terminal management system amatsitsidwa kutheminali, pomwe poyambira ayamba. Mbendera ya Kutsatira iyi ikugwiritsidwa ntchito pozindikira ma PAN ovomerezeka omwe amawerengedwa kuchokera mu dataset.
Mbendera ya 'Track2ECR' imatsimikizira ngati deta ya Track2 ikuloledwa kugwiridwa (kutumizidwa/kulandiridwa) ndi ECR kwa wopereka wina. Kutengera mtengo wa mbendera iyi, zimadziwikiratu ngati track2 ikuyenera kuwonetsedwa mumayendedwe amderali pa ECR.
'Print format format' imatsimikizira momwe PAN idzasonyezedwe. Makhadi omwe ali mu PCI onse adzakhala ndi mawonekedwe osindikizira kuti awonetse PAN mu mawonekedwe odulidwa / ophimbidwa.

Kutsimikizira ndi Kulowa Zowongolera

5.1 Kulamulira
Ntchito yolipira ya Viking ilibe maakaunti a ogwiritsa ntchito kapena mapasiwedi ofananira chifukwa chake, ntchito yolipira ya Viking ilibe zofunikira izi.

  • Kukonzekera kwa ECR Integrated:
    Sizingatheke kupeza mitundu yamalonda monga Kubwezera, Kusungitsa ndi Kubwerera kuchokera ku menyu yotsiriza kuti ntchitozi zikhale zotetezeka kuti zisagwiritsidwe ntchito molakwika. Izi ndi mitundu yamalonda pomwe ndalama zimachokera ku akaunti yamalonda kupita ku akaunti ya mwini makhadi. Ndi udindo wa wamalonda kuonetsetsa kuti ECR ikugwiritsidwa ntchito ndi anthu ovomerezeka okha.
  • Kupanga koyima:
    Kuwongolera kwamakhadi amalonda ndikokhazikika komwe kumatha kupeza mitundu yamalonda monga Kubweza, Deposit ndi Kubwerera kuchokera ku menyu yama terminal kuti izi zitetezeke kuti zisagwiritsidwe ntchito molakwika.
    The Viking terminal imapangidwa mwachisawawa kuti iteteze zosankha za menyu, kuteteza mwayi wosaloleka. Magawo okonzekera chitetezo cha menyu akugwera pansi pa Merchant Menu (yopezeka ndi Merchant card) -> Parameters -> Security

Nets PCI Secure Software Standard - 'Kukhazikitsa kwa Standalone

Kuteteza menyu - Khazikitsani ku 'Inde' mwachisawawa.
Batani la menyu pa terminal limatetezedwa pogwiritsa ntchito Kuteteza menyu kasinthidwe. Menyu imatha kupezeka kokha ndi Wamalonda pogwiritsa ntchito khadi lamalonda. Nets PCI Secure Software Standard - 'Standalone setup1

Tetezani kubwereranso - Khazikitsani ku 'Inde' mwachisawawa.
Kusintha kwamalonda kungatheke kokha ndi wamalonda pogwiritsa ntchito khadi lamalonda kuti apeze menyu yobwerera. Nets PCI Secure Software Standard - ' Tetezani kusintha

Kuteteza mgwirizano - Khazikitsani ku 'Inde' mwachisawawa
Option for Reconciliation ingapezeke ndi wogulitsa yekha ndi khadi lamalonda pamene chitetezo ichi chakhazikitsidwa kukhala chowona. Nets PCI Secure Software Standard - ' Tetezani kusintha 1

Tetezani Njira Yachidule - Khazikitsani ku 'Inde' mwachisawawa
Menyu yachidule yokhala ndi zosankha za viewing Terminal Info ndi njira yosinthira magawo a Bluetooth ipezeka kwa wamalonda pokhapokha khadi lamalonda lasinthidwa.Nets PCI Secure Software Standard - Tetezani

5.2 Kuwongolera mawu achinsinsi
Ntchito yolipira ya Viking ilibe maakaunti a ogwiritsa ntchito kapena mapasiwedi ofanana; chifukwa chake, kugwiritsa ntchito Viking sikumafunikira izi.

Kudula mitengo

6.1 Kugwiritsa Ntchito Malonda
Pakadali pano, pakulipira kwa Nets Viking, palibe wogwiritsa ntchito, zosintha zosinthika za PCI.
6.2 Konzani makonda a Log
Ntchito yolipira ya Viking ilibe maakaunti a ogwiritsa ntchito, chifukwa chake kudula mitengo motsatana ndi PCI sikugwira ntchito. Ngakhale pakudula mitengo ya verbose kwambiri, ntchito yolipira ya Viking siyimalemba zidziwitso zilizonse zotsimikizika kapena zosunga makhadi.
6.3 Kudula mitengo yapakati
The terminal ili ndi generic log mechanism. Makinawa amaphatikizanso kudula mitengo ndikupanga ndikuchotsa kwa S/W komwe kungathe kuchitika.
Zochita zotsitsa za S/W zalowetsedwa ndipo zitha kusamutsidwa ku Host pamanja posankha menyu mu terminal kapena ngati mwapempha kuchokera kwa wolandirayo yemwe ali ndi mbiri yamagalimoto wamba. Ngati kutsitsa kwa S/W kukanika chifukwa cha siginecha yolakwika ya digito pa zomwe mwalandira files, chochitikacho chimalowetsedwa ndikusamutsidwa ku Host basi ndipo nthawi yomweyo.
6.3.1 Yambitsani kutsatira Logging pa terminal
Kuti mutsegule trace logging:

  1. Swipe Merchant khadi.
  2. Kenako sankhani "9 System menyu".
  3. Kenako pitani ku menyu "2 System Log".
  4. Lembani khodi ya akatswiri, yomwe mungapeze poyimbira thandizo la Nets Merchant Service.
  5. Sankhani "8 Parameters".
  6. Kenako yambitsani "Logging" kuti "Inde".

6.3.2 Tumizani Logs kwa olandira
Kutumiza zipika:

  1. Dinani batani la Menyu pa terminal kenako Swipe Merchant khadi.
  2. Kenako sankhani "7 Operator menyu".
  3. Kenako sankhani "5 Send Trace Logs" kuti mutumize zipika kuti mulandire.

6.3.3 Kudula mitengo yakutali
Parameter imayikidwa mu Nets Host (PSP) yomwe imathandizira / kuletsa ntchito yodula mitengo ya Terminal patali. Nets Host idzatumiza Trace yambitsani / kuletsa zodula mitengo ku Terminal mu Data yokhazikitsidwa pamodzi ndi nthawi yomwe Terminal idzakwezera zolemba za Trace. Terminal ikalandira chizindikiro cha Trace monga momwe yayatsira, imayamba kugwira zipika za Trace ndipo panthawi yomwe idakonzedwa idzakweza zipika zonse ndikuyimitsa ntchito yodula mitengo pambuyo pake.
6.3.4 Kulowetsa zolakwika zakutali
Zolemba zolakwika nthawi zonse zimayatsidwa pa terminal. Monga kusaka mitengo, parameter imayikidwa mu Nets Host yomwe imathandizira / kuletsa ntchito yodula mitengo ya Terminal kutali. Nets Host idzatumiza Trace yambitsani / kuletsa zodula mitengo ku Terminal mu Data yokhazikitsidwa pamodzi ndi nthawi yomwe Terminal idzakwezera zolemba Zolakwika. Terminal ikalandira zolakwitsa zodula mitengo monga momwe zathandizira, imayamba kujambula zolemba Zolakwika ndipo panthawi yomwe idakonzedwa idzakweza zipika zonse ndikuletsa ntchito yodula mitengo pambuyo pake.

Ma Networks opanda zingwe

7.1 Kugwiritsa Ntchito Malonda

Malo olipira a Viking - MOVE 3500 ndi Link2500 ali ndi kuthekera kolumikizana ndi netiweki ya Wi-Fi. Chifukwa chake, kuti Wireless akhazikitsidwe motetezeka, kuyenera kuganiziridwa pakukhazikitsa ndikusintha ma netiweki opanda zingwe monga tafotokozera pansipa.
7.2 Analimbikitsa Opanda zingwe Zosintha
Pali malingaliro ambiri ndi masitepe oti mutenge pokonza ma netiweki opanda zingwe omwe amalumikizidwa ndi netiweki yamkati.
Pang'ono ndi pang'ono, makonda ndi masinthidwe otsatirawa ayenera kukhalapo:

  • Maukonde onse opanda zingwe ayenera kugawidwa pogwiritsa ntchito firewall; ngati kulumikizana pakati pa ma netiweki opanda zingwe ndi malo a data omwe ali ndi makhadi akufunika, mwayiwo uyenera kuyendetsedwa ndikutetezedwa ndi firewall.
  • Sinthani SSID yokhazikika ndikuletsa kuwulutsa kwa SSID
  • Sinthani mapasiwedi osakhazikika pamalumikizidwe opanda zingwe komanso malo olowera opanda zingwe, izi zimaphatikizapo mwayi wofikira komanso zingwe zamagulu a SNMP
  • Sinthani zosintha zina zilizonse zachitetezo zoperekedwa kapena zokhazikitsidwa ndi ogulitsa
  • Onetsetsani kuti malo opanda zingwe asinthidwa kukhala firmware yatsopano
  • Gwiritsani ntchito WPA kapena WPA2 yokhala ndi makiyi amphamvu okha, WEP ndiyoletsedwa ndipo siyenera kugwiritsidwa ntchito
  • Sinthani makiyi a WPA/WPA2 pakuyika komanso pafupipafupi komanso nthawi zonse munthu wodziwa makiyiwo akachoka pakampani.

Gawo la Network

8.1 Kugwiritsa Ntchito Malonda
Ntchito yolipira ya Viking si ntchito yolipira yochokera pa seva ndipo imakhala pa terminal. Pachifukwa ichi, ntchito yolipira sifunikira kusintha kulikonse kuti ikwaniritse izi.
Kuti mudziwe zambiri zamalonda, data ya kirediti kadi sichingasungidwe pamakina olumikizidwa mwachindunji ndi intaneti. Za example, web ma seva ndi ma seva a database sayenera kuyikidwa pa seva yomweyo. Demilitarized zone (DMZ) iyenera kukhazikitsidwa kuti igawane netiweki kuti makina a DMZ okha ndi omwe amapezeka pa intaneti.

Kufikira Kwakutali

9.1 Kugwiritsa Ntchito Malonda
Ntchito yolipirira ya Viking siyingapezeke patali. Thandizo lakutali limapezeka kokha pakati pa wogwira ntchito pa Nets ndi wogulitsa pa foni kapena ndi ma Nets omwe ali pafupi ndi wamalonda.

Kutumiza kwa Sensitive data

10.1 Kutumiza kwa Sensitive Data
Ntchito yolipira ya Viking imateteza deta yodziwika bwino komanso/kapena zosunga makhadi podutsa pogwiritsa ntchito kubisa kwamtundu wa uthenga pogwiritsa ntchito 3DES-DUKPT (112 bits) potumiza zonse (kuphatikiza ma network a anthu onse). Ma Protocol achitetezo a mauthenga a IP kuchokera ku pulogalamu ya Viking kupita ku Host sifunikanso chifukwa kubisa kwa mulingo wa uthenga kumakhazikitsidwa pogwiritsa ntchito 3DES-DUKPT (112-bits) monga tafotokozera pamwambapa. Ndondomeko ya encryption iyi imatsimikizira kuti ngakhale malonda atsekedwa, sangathe kusinthidwa kapena kusokonezedwa mwanjira ina iliyonse ngati 3DES-DUKPT (112-bits) ikadali kuonedwa ngati kubisa kolimba. Monga pa chiwembu choyang'anira makiyi a DUKPT, kiyi ya 3DES yomwe imagwiritsidwa ntchito ndi yapadera pazochitika zilizonse.
10.2 Kugawana zomvera pa mapulogalamu ena
Ntchito yolipira ya Viking siyimapereka mawonekedwe/ma API omveka bwino kuti athe kugawana deta ya akaunti ya cleartext mwachindunji ndi mapulogalamu ena. Palibe chidziwitso chachinsinsi kapena data ya akaunti ya cleartext yomwe imagawidwa ndi mapulogalamu ena kudzera mu ma API owonekera.

10.3 Imelo ndi Sensitive data
Ntchito yolipira ya Viking sichirikiza kutumiza imelo.
10.4 Non-Console Administrative Access
Viking sichirikiza mwayi wotsogolera wosakhala wa Console.
Komabe, kuti adziwe zambiri zamalonda, njira zoyang'anira zosagwiritsa ntchito Console ziyenera kugwiritsa ntchito SSH, VPN, kapena TLS pobisalira zonse zomwe sizili ndi makhonsolo a seva omwe ali ndi makhadi. Telnet kapena njira zina zosabisika siziyenera kugwiritsidwa ntchito.

Viking Versioning Methodology

Njira yosinthira ya Nets imakhala ndi magawo atatu a S/W nambala ya mtundu: a.bb.c
kumene 'a' idzachulukidwa pamene kusintha kwakukulu kukuchitika malinga ndi PCI-Secure Software Standard.
a - mtundu waukulu (chiwerengero chimodzi)
'bb' idzachulukitsidwa pamene zosintha zochepa zomwe zakonzedwa zikachitika malinga ndi PCI-Secure Software Standard.
bb - mtundu wocheperako (ma manambala 2)
'c' idzawonjezeka pamene kusintha kwachigamba kochepa kuchitidwa malinga ndi PCI-Secure Software Standard.
c - mtundu wocheperako (chiwerengero chimodzi)
Nambala ya mtundu wa S/W ya Viking yolipirira ikuwonetsedwa motere pawindo la terminal pomwe terminal imayatsidwa: 'abbc'

  • Zosintha kuchokera ku mwachitsanzo, 1.00.0 mpaka 2.00.0 ndizosintha kwambiri. Zingaphatikizepo zosintha zomwe zimakhudza chitetezo kapena zofunikira za PCI Secure Software Standard.
  • Kusintha kuchokera ku mwachitsanzo, 1.00.0 mpaka 1.01.0 ndikusintha kosafunikira kwenikweni. Sizingaphatikizepo zosintha zokhudzana ndi chitetezo kapena zofunikira za PCI Secure Software Standard.
  • Kusintha kuchokera ku mwachitsanzo, 1.00.0 mpaka 1.00.1 ndikusintha kosafunikira kwenikweni. Sizingaphatikizepo zosintha zokhudzana ndi chitetezo kapena zofunikira za PCI Secure Software Standard.

Zosintha zonse zimayimiridwa motsatira manambala.

Malangizo okhudza Kuyika Motetezedwa kwa Zigamba ndi Zosintha.

Nets imapereka zosintha zamapulogalamu akutali motetezeka. Zosinthazi zimachitika panjira yolumikizirana yofanana ndi njira zolipirira zotetezedwa, ndipo wamalonda sakufunika kuti asinthe njira iyi yolumikizirana kuti atsatire.
Pakakhala chigamba, Nets isintha mtundu wa chigamba pa Nets Host. Wogulitsa amatha kupeza zigambazo kudzera pa pempho lotsitsa la S/W, kapena wamalonda atha kuyambitsanso kutsitsa mapulogalamu kuchokera pamenyu yotsitsa.
Kuti mudziwe zambiri, amalonda ayenera kupanga ndondomeko yovomerezeka yogwiritsira ntchito matekinoloje ofunika kwambiri ogwira ntchito, malinga ndi malangizo omwe ali pansipa a VPN kapena maulumikizidwe ena othamanga kwambiri, zosintha zimalandiridwa kudzera pa firewall kapena firewall ya antchito.
The Nets host imapezeka kudzera pa intaneti pogwiritsa ntchito njira zotetezeka kapena kudzera pa netiweki yotsekedwa. Ndi netiweki yotsekedwa, opereka ma netiweki ali ndi kulumikizana kwachindunji ku malo omwe timakhala nawo omwe amaperekedwa kuchokera kwa omwe amapereka maukonde. Ma terminal amayendetsedwa kudzera pa Nets terminal management services. The terminal management service imatanthauzira mwachitsanzoampndi chigawo chomwe terminal ndi yake komanso wopeza omwe akugwiritsidwa ntchito. Kasamalidwe ka ma terminal alinso ndi udindo wokweza pulogalamu yama terminal patali pamaneti. Nets amaonetsetsa kuti pulogalamu yomwe idakwezedwa ku terminal yamaliza ziphaso zofunikira.
Ma Nets amalimbikitsa macheke kwa makasitomala ake onse kuti atsimikizire kuti malipiro achitetezo ndi otetezeka monga momwe zalembedwera pansipa:

  1. Sungani mndandanda wa zolipirira zonse zogwirira ntchito ndikujambula zithunzi kuchokera kumitundu yonse kuti mudziwe momwe ziyenera kukhalira.
  2. Yang'anani zizindikiro zoonekeratu za tampzosindikizira monga zosindikizira zosweka pa mbale zovundikira kapena zomangira, ma cabling osamvetseka kapena osiyana kapena chida chatsopano cha hardware chomwe simungachizindikire.
  3. Tetezani materminal anu kuti asafike kwa kasitomala akapanda kugwiritsidwa ntchito. Yang'anani malo olipirako tsiku lililonse ndi zida zina zomwe zimatha kuwerenga makadi olipirira.
  4. Muyenera kuyang'ana anthu ogwira ntchito yokonza ngati mukuyembekezera kukonzedwanso kulikonse.
  5. Imbani ma Nets kapena banki yanu nthawi yomweyo ngati mukukayikira kuti pali zochitika zosadziwikiratu.
  6. Ngati mukukhulupirira kuti chipangizo chanu cha POS chili pachiwopsezo cha kubedwa, ndiye kuti pali zoyikapo ntchito ndi zolumikizira zotetezedwa ndi zolumikizira zogulira malonda. Kungakhale koyenera kuganizira kagwiritsidwe ntchito kawo.

Zosintha Zotulutsidwa za Viking

Pulogalamu ya Viking imatulutsidwa mumayendedwe otsatirawa (kutengera kusintha):

  • 2 zazikulu zotulutsidwa pachaka
  • 2 zotulutsidwa zazing'ono pachaka
  • Zigamba zamapulogalamu, momwe zingafunikire, (mwachitsanzo, chifukwa cha vuto lililonse/chiwopsezo). Ngati kumasulidwa kukugwira ntchito ndipo zovuta zina zanenedwa, ndiye kuti pulogalamu ya pulogalamu yomwe ili ndi kukonza ikuyembekezeka kutulutsidwa mkati mwa mwezi umodzi.

Ogulitsa azidziwitsidwa za zomwe zatulutsidwa (zazikulu/ zazing'ono/chigamba) kudzera pamaimelo omwe angatumizidwe mwachindunji ku ma adilesi awo a imelo. Imelo idzakhalanso ndi mfundo zazikuluzikulu za kumasulidwa ndi zolemba zomasulidwa.
Ogulitsa athanso kupeza zolemba zomwe zidzakwezedwa pa: Mapulogalamu otulutsa mapulogalamu (nets.eu)
Kutulutsa kwa Viking Software kumasainidwa pogwiritsa ntchito chida choimbira cha Ingenico cha Tetra terminals. Mapulogalamu osayinidwa okha ndi omwe angakwezedwe pa terminal.

Zofunikira zosagwiritsidwa ntchito

Gawoli lili ndi mndandanda wazofunikira mu PCI-Secure Software Standard yomwe idawunikidwa ngati 'Nonapplicable' ku ntchito yolipira ya Viking ndi zifukwa zake.

Malingaliro a kampani PCI Secure Software Standard CO Zochita Kulungamitsidwa kukhala 'Osagwiritsidwa ntchito'
5.3 Njira zotsimikizira (kuphatikiza zidziwitso za gawo) ndi zamphamvu mokwanira komanso zolimba kuti ziteteze zotsimikizika kuti zisapangike, zisapusitsidwe, zitsikidwe, zongopeka, kapena kupotozedwa. Ntchito yolipira ya Viking imayenda pa chipangizo cha PCI chovomerezeka cha PTS POI.
Kugwiritsa ntchito kulipira kwa Viking sikumapereka mwayi wamba, osakhotakhota kapena kutali, kapena mwayi, chifukwa chake palibe zidziwitso zotsimikizika mu chipangizo cha PTS POI.
Ntchito yolipira ya Viking siyimapereka zoikamo kuti muzitha kuyang'anira kapena kupanga ma ID a ogwiritsa ntchito ndipo sapereka mwayi uliwonse wapafupi, osagwiritsa ntchito console kapena kutali ndi zinthu zofunika kwambiri (ngakhale kusakatula).
5.4 Mwachisawawa, mwayi wonse wopeza zinthu zofunika kwambiri umangopezeka ku maakaunti ndi ntchito zomwe zimafuna mwayi woterowo. Ntchito yolipira ya Viking imayenda pa chipangizo cha PCI chovomerezeka cha PTS POI.
Kugwiritsa ntchito kulipira kwa Viking sikumapereka zosintha zowongolera kapena kupanga maakaunti kapena ntchito.
7.3 Manambala onse osasinthika omwe amagwiritsidwa ntchito ndi pulogalamuyi amapangidwa pogwiritsa ntchito ma algorithms kapena malaibulale ovomerezeka ovomerezeka (RNG).
Ma algorithms ovomerezeka a RNG kapena malaibulale omwe amakwaniritsa miyezo yamakampani kuti asadziwike mokwanira (mwachitsanzo, NIST Special Publication 800-22).		 Ntchito yolipira ya Viking sigwiritsa ntchito RNG iliyonse (wopanga manambala mwachisawawa) pantchito zake zobisa.
Ntchito yolipira ya Viking simapanga kapena kugwiritsa ntchito manambala mwachisawawa pantchito za cryptographic.
7.4 Miyezo yosasinthika imakhala ndi entropy yomwe imakwaniritsa zofunikira zochepa zamphamvu za cryptographic primitives ndi makiyi omwe amadalira. Ntchito yolipira ya Viking sigwiritsa ntchito RNG iliyonse (wopanga manambala mwachisawawa) pantchito zake zobisa.
Ntchito yolipira ya Viking simapanga kapena kugwiritsa ntchito manambala mwachisawawa pantchito za cryptographic.
8.1 Kuyesera konse kofikira ndi kugwiritsa ntchito zinthu zofunikira kumatsatiridwa ndikutsatiridwa ndi munthu wapadera. Kugwiritsa ntchito kulipira kwa Viking kumayendera pazida zovomerezeka za PCI za PTS POI, komwe kusungitsa zinthu zonse zofunika kwambiri kumachitika, ndipo firmware ya PTS POI imatsimikizira chinsinsi komanso kukhulupirika kwa data yomwe yasungidwa mkati mwa chipangizo cha PTS POI.
Kusungidwa kwachinsinsi, kukhulupirika ndi kulimba mtima kwa ntchito yolipira ya Viking zimatetezedwa ndikuperekedwa ndi firmware ya PTS POI. Firmware ya PTS POI imalepheretsa mwayi uliwonse wopeza zinthu zofunika kwambiri kunja kwa terminal ndipo imadalira anti-t.ampmawonekedwe a ering.
Kufunsira kulipira kwa Viking sikumapereka mwayi wamba, osatsegula kapena mwayi wakutali, kapena mwayi, chifukwa chake palibe munthu kapena machitidwe ena omwe ali ndi mwayi wopeza zinthu zofunika kwambiri, ntchito yolipira ya Viking yokha ndiyomwe imatha kuthana ndi zinthu zovuta.
8.2 Zochita zonse zimajambulidwa mokwanira komanso zofunikira kuti zifotokoze bwino zomwe zidachitika, omwe adazichita, nthawi yomwe zidachitika, komanso zomwe zidakhudzidwa. Ntchito yolipira ya Viking imayenda pazida zovomerezeka za PCI za PTS POI. Kugwiritsa ntchito kulipira kwa Viking sikumapereka mwayi wamba, osatsegula kapena mwayi wakutali, kapena mwayi, chifukwa chake palibe munthu kapena machitidwe ena omwe ali ndi mwayi wopeza zinthu zofunika kwambiri, ntchito yolipira ya Viking yokha ndiyomwe imatha kuthana ndi zinthu zovuta.
• Kugwiritsa ntchito kulipira kwa Viking sikumapereka mwayi wogwira ntchito.
• Palibe ntchito kuletsa kubisa deta tcheru
• Palibe ntchito kwa decryption wa tcheru deta
• Palibe ntchito zotumizira deta tcheru ku machitidwe kapena njira zina
• Palibe mawonekedwe otsimikizira omwe amathandizidwa Kuwongolera kwachitetezo ndi magwiridwe antchito sangathe kuzimitsidwa kapena kuchotsedwa.
8.3 Pulogalamuyi imathandizira kusungidwa kotetezedwa kwatsatanetsatane
ntchito
zolemba.		 Ntchito yolipira ya Viking imayenda pazida zovomerezeka za PCI za PTS POI. Kugwiritsa ntchito kulipira kwa Viking sikumapereka mwayi wamba, osatsegula kapena mwayi wakutali, kapena mwayi, chifukwa chake palibe munthu kapena machitidwe ena omwe ali ndi mwayi wopeza zinthu zofunika kwambiri, ntchito yolipira ya Viking yokha ndiyomwe imatha kuthana ndi zinthu zovuta.
• Kugwiritsa ntchito kulipira kwa Viking sikumapereka mwayi wogwira ntchito.
• Palibe ntchito kuletsa kubisa deta tcheru
• Palibe ntchito kwa decryption wa tcheru deta
• Palibe ntchito zotumizira deta tcheru ku machitidwe kapena njira zina
• Palibe mawonekedwe otsimikizira omwe amathandizidwa Kuwongolera kwachitetezo ndi magwiridwe antchito sangathe kuzimitsidwa kapena kuchotsedwa.
8.4 Pulogalamuyi imayendetsa zolephera mu njira zotsatirira zochitika kuti kukhulupirika kwa zolemba zomwe zilipo kale zisungidwe. Ntchito yolipira ya Viking imayenda pazida zovomerezeka za PCI za PTS POI. Kugwiritsa ntchito kulipira kwa Viking sikumapereka mwayi wamba, osatsegula kapena mwayi wakutali, kapena mwayi, chifukwa chake palibe munthu kapena machitidwe ena omwe ali ndi mwayi wopeza zinthu zofunika kwambiri, ma Viking okha ndi omwe amatha kuthana ndi zinthu zovuta.
• Kugwiritsa ntchito kulipira kwa Viking sikumapereka mwayi wogwira ntchito.
• Palibe ntchito kuletsa kubisa deta tcheru
• Palibe ntchito kwa decryption wa tcheru deta |
• Palibe ntchito zotumizira deta tcheru ku machitidwe kapena njira zina
• Palibe mbali zotsimikizira zomwe zimathandizidwa
• Kuwongolera chitetezo ndi magwiridwe antchito achitetezo sangathe kuzimitsidwa kapena kuchotsedwa.
B.1.3 Wogulitsa mapulogalamu amasunga zolemba
zomwe zimafotokozera zosankha zonse zomwe zingatheke
zimakhudza chitetezo cha data tcheru.		 Ntchito yolipira ya Viking imayenda pazida zovomerezeka za PCI za PTS POI. Kugwiritsa ntchito kulipira kwa Viking sikumapereka chilichonse mwa izi kwa ogwiritsa ntchito:
• configurable njira kupeza tcheru deta
• njira configurable kusintha njira kuteteza deta tcheru
• kupeza kutali kwa ntchito
• zosintha zakutali za pulogalamuyi
• njira configurable kusintha makonda a ntchito
B.2.4 Pulogalamuyi imagwiritsa ntchito nambala yokha mwachisawawa
generation ntchito zophatikizidwa muzolipira
kuwunika kwa chipangizo cha terminal cha PTS pazithunzi zonse za cryptographic
machitidwe okhudzana ndi deta yodziwika bwino kapena zochitika zodziwikiratu zomwe zimayenera kusamalidwa ndipo sizigwiritsa ntchito zakezake
ntchito zopanga manambala mwachisawawa.		 Viking sagwiritsa ntchito RNG iliyonse (wopanga manambala mwachisawawa) pantchito zake zobisa.
Kugwiritsa ntchito kwa Viking sikumapanga kapena kugwiritsa ntchito manambala mwachisawawa pantchito za cryptographic.
B.2.9 Kutsimikizika kwa pulogalamu yam'manja files imatetezedwa molingana ndi Control Objective B.2.8. Zowonetsa zonse mwachangu pa terminal ya Viking zimayikidwa mu pulogalamuyo ndipo palibe mwachangu files alipo kunja kwa ntchito.
Palibe mwachangu files kunja kwa ntchito yolipira ya Viking ilipo, zidziwitso zonse zofunika zimapangidwa ndi pulogalamuyi.
B.5.1.5 Chitsogozo chokwaniritsira chimaphatikizapo malangizo kwa omwe akukhudzidwa kuti asayine mwachangu zonse files. Zidziwitso zonse zomwe zikuwonetsedwa pa terminal ya Viking zimayikidwa mu pulogalamuyo ndipo palibe mwachangu files alipo kunja kwa ntchito.
Palibe mwachangu files kunja kwa ntchito yolipira ya Viking ilipo, zidziwitso zonse zofunika zimapangidwa ndi pulogalamuyi

PCI Secure Software Standard Requirements Reference

Mitu mu chikalata ichi PCI Secure Software Standard Zofunikira Zofunikira za PCI DSS
2. Kugwiritsa Ntchito Malipiro Otetezedwa B.2.1 6.1
12.1
12.1.b		 2.2.3
3. Sungani Zosintha Zapulogalamu Zakutali 11.1
11.2
12.1		 1 ndi12.3.9
2, 8 ndi 10
4. Kuchotsa Motetezedwa kwa Sensitive Data ndi Chitetezo cha Makhadi Osungidwa 3.2
3.4
3.5
A.2.1
A.2.3
B.1.2a		 3.2
3.2
3.1
3.3
3.4
3.5
3.6
Kutsimikizira ndi Kulowa Zowongolera 5.1
5.2
5.3
5.4		 8.1 ndi8.2
8.1 ndi8.2
Kudula mitengo 3.6
8.1
8.3		 10.1
10.5.3
Wireless Network 4.1 1.2.3 ndi2.1.1
4.1.1
1.2.3, 2.1.1,4.1.1
Gawo la Network 4.1c 1.3.7
Kufikira Kwakutali B.1.3 8.3
Kutumiza kwa Wosunga Makhadi A.2.1
A.2.3		 4.1
4.2
2.3
8.3
Viking Versioning Methodology 11.2
12.1.b
Malangizo kwa makasitomala okhudza kukhazikitsa kotetezedwa kwa zigamba ndi zosintha. 11.1
11.2
12.1

Kalozera wa Terms

TERM TANTHAUZO
Zosunga makhadi Mzere wa maginito wathunthu kapena PAN kuphatikiza chilichonse mwa izi:
· Dzina la Mwini Khadi
· Tsiku lothera ntchito
· Kodi Service
DUKU Derived Unique Key Per Transaction (DUKPT) ndi ndondomeko yoyendetsera ntchito yomwe pazochitika zilizonse, chinsinsi chapadera chimagwiritsidwa ntchito chomwe chimachokera ku kiyi yokhazikika. Chifukwa chake, ngati kiyi yochokera ikusokonezedwa, zomwe zachitika zam'tsogolo ndi zam'mbuyomu zimatetezedwabe popeza makiyi otsatira kapena am'mbuyomu sangadziwike mosavuta.
3DES Mu cryptography, Triple DES (3DES kapena TDES), mwalamulo Triple Data Encryption Algorithm (TDEA kapena Triple DEA), ndi symmetric-key block cipher, yomwe imagwiritsa ntchito DES cipher algorithm katatu pa chipika chilichonse.
Wamalonda Wogwiritsa ntchito komanso wogula malonda a Viking.
SSF PCI Software Security Framework (SSF) ndi mndandanda wa miyezo ndi mapologalamu a kamangidwe kotetezedwa ndi kakulidwe ka mapulogalamu olipira. Chitetezo cha pulogalamu yolipira ndi gawo lofunikira kwambiri pamayendedwe olipira ndipo ndikofunikira kuti pakhale njira zolipirira zodalirika komanso zolondola.
PA-QSA Malipiro Oyenerera Oyesa Chitetezo. Kampani ya QSA yomwe imapereka chithandizo kwa ogulitsa ntchito zolipira kuti atsimikizire zolipira za ogulitsa.
ZAchisoni

(Sensitive Authentication Data)

 Zambiri zokhudzana ndi chitetezo (Makhodi / Makhalidwe Otsimikizira Khadi, deta yonse, ma PIN, ndi PIN Blocks) zomwe zimagwiritsidwa ntchito kutsimikizira omwe ali ndi makhadi, owonekera m'mawu osamveka kapena osatetezedwa. Kuwulura, kusinthidwa, kapena kuwononga chidziwitsochi kukhoza kusokoneza chitetezo cha makina obisika, makina azidziwitso, kapena chidziwitso cha omwe ali ndi makhadi kapena angagwiritsidwe ntchito mwachinyengo. Sensitive Authentication Data isasungidwe ntchito ikatha.
Viking Pulogalamu yamapulogalamu yomwe imagwiritsidwa ntchito ndi Nets pakukulitsa ntchito pamsika waku Europe.
HSM Hardware chitetezo module

Document Control

Wolemba Zolemba, Reviewers ndi Ovomereza

Kufotokozera Ntchito Dzina
PA-QSA Reviewer Claudio Adamic / Flavio Bonfiglio Shorans
Chitukuko Wolemba Aruna anachita mantha
Woyang'anira Kutsatira Reviewer & Wovomereza Arno Edstrom
System Architect Reviewer & Wovomereza Shamsher Singh
QA Reviewer & Wovomereza Varun Shukla
Mwini katundu Reviewer & Wovomereza Cecilia Jensen Tyldum / Arti Kangas
Product Manager Reviewer & Wovomereza May-Britt Dens ndi a Sanderson's
Woyang'anira Zomangamanga Mtsogoleri Tamely Vallone

Chidule cha Zosintha

Baibulo Nambala Baibulo Tsiku Chikhalidwe cha Kusintha Sinthani Wolemba Reviewer Kubwereza Tag Tsiku Lovomerezeka
1.0 03-08-2022 Mtundu Woyamba wa PCI-Secure
Software Standard		 Aruna anachita mantha Shamsher Singh 18-08-22
1.0 15-09-2022 Kusinthidwa ndime 14 ndi zolinga zosagwiritsidwa ntchito zowongolera ndi zawo
kulungamitsidwa		 Aruna anachita mantha Shamsher Singh 29-09-22
1.1 20-12-2022 Zasinthidwa zigawo 2.1.2 ndi
2.2 ndi Self4000. Yachotsedwa Link2500 (mtundu wa PTS 4.x) pamndandanda wama terminal omwe amathandizidwa		 Aruna anachita mantha Shamsher Singh  

 

23-12-22
1.1 05-01-2023 Gawo losinthidwa 2.2 ndi Link2500 (pts v4) kuti mupitilize kuthandizira izi.

mtundu wa terminal.

 Aruna anachita mantha Shamsher Singh 05-01-23
1.2 20-03-2023 Gawo losinthidwa 2.1.1 ndi Chilativiya ndi Chilithuania
terminal profiles. Ndipo 2.1.2 yokhala ndi chithandizo chamtundu wa BT-iOS		 Aruna anachita mantha Shamsher Singh

Mndandanda Wofalitsa

Dzina Ntchito
Dipatimenti ya Terminal Kukula, Kuyesa, Kuwongolera Ntchito, Kutsata
Kasamalidwe Kazinthu Gulu Loyang'anira Zogulitsa Zogulitsa, Woyang'anira Wotsatira - Zogulitsa

Kuvomereza Zolemba

Dzina Ntchito
Cecilia Jensen Tyldum Mwini katundu
Arti Kangas Mwini katundu

Document Review Mapulani
Chikalata ichi chidzakhala reviewkusinthidwa ndi kusinthidwa, ngati kuli kofunikira, monga momwe tafotokozera pansipa:

  • Monga momwe zimafunikira kukonza kapena kuwonjezera zomwe zili muzambiri
  • Kutsatira kusintha kulikonse kapena kukonzedwanso
  • Kutsatira chaka review
  • Kutsatira kugwiritsa ntchito chiwopsezo
  • Kutsatira zatsopano / zofunikira zokhudzana ndi chiopsezo

Nets logo

Zolemba / Zothandizira

Nets PCI Secure Software Standard [pdf] Buku Logwiritsa Ntchito
PCI Secure Software Standard, Secure Software Standard, Software Standard, Standard
Nets PCI Secure Software Standard [pdf] Buku Logwiritsa Ntchito
PCI Secure Software Standard, Secure Software Standard, Software Standard, Standard

Maumboni

Siyani ndemanga

Imelo yanu sisindikizidwa. Minda yofunikira yalembedwa *