Nets logoPCI Chengetedza Software Standard
User GuideNets PCI Yakachengeteka Software StandardNets Denmark A/S:
PCI-Secure Software Standard
Software Vendor Implementation Guide
yeViking terminal 1.02.0
Shanduro 1.2

Zviri mukati hide
1 Nhanganyaya uye Chikamu
2 Chengetedza Kubhadhara Chikumbiro
3 Chengetedza Remote Software Update
4 Chengetedza Kudzimwa kweSensitive Dhata uye Dziviriro yeAkachengetwa Kadhi Muridzi Dhata
5 Authentication uye Access Controls
6 Kutema miti
7 Wireless Networks
8 Network Segmentation
9 Remote Access
10 Kuendesa Sensitive data
11 Viking Versioning Methodology
12 Mirayiridzo nezve Yakachengeteka Kuiswa kwePatches uye Zvidzoreso.
13 Viking Release Updates
14 Kwete-Inoshanda zvinodiwa
15 PCI Chengetedza Software Standard Zvinodiwa Reference
16 Tsanangudzo yeMatemu
17 Document Control
18 Zvinyorwa / Zvishandiso
18.1 References

Nhanganyaya uye Chikamu

1.1 Sumo
Chinangwa cheiyi PCI-Secure Software Standard Software Vendor Implementation Guide ndechekupa vanobatana negwara rakajeka uye rakakwana pakuitwa kwakachengeteka, kumisikidzwa, uye kushanda kweViking software. Nhungamiro inoraira Vatengesi nezve mashandisiro eNets 'Viking application munzvimbo yavo nenzira inoenderana nePCI Secure Software Standard. Kunyangwe, haina kuitirwa kuve yakakwana yekuisa gwara. Viking application, kana ikaiswa zvinoenderana negwara rakanyorwa pano, inofanirwa kufambisa, uye kutsigira kutevedza kwePCI yemutengesi.
1.2 Software Security Framework (SSF)
Iyo PCI Software Security Framework (SSF) muunganidzwa wezviyero uye zvirongwa zveyakachengeteka dhizaini uye kusimudzira kwekubhadhara application software. Iyo SSF inotsiva iyo Payment Application Data Security Standard (PA-DSS) nezvinodiwa zvemazuva ano zvinotsigira huwandu hwakawanda hwekubhadhara software mhando, matekinoroji, uye nzira dzekusimudzira. Inopa vatengesi zviyero zvekuchengetedza sePCI Secure Software Standard yekugadzira uye kuchengetedza yekubhadhara software kuitira kuti idzivirire kubhadhara kwekubhadhara uye data, kuderedza kusasimba, uye kudzivirira pakurwiswa.
1.3 Software Vendor Implementation Guide – Distribution and Updates
Iyi PCI Yakachengeteka Software Standard Software Vendor Implementation Guide inofanira kuparadzirwa kune vese vakakodzera vashandisi vekushandisa kusanganisira vatengesi. Inofanirwa kuvandudzwa kanenge gore negore uye mushure mekuchinja mune software. The year review uye yekuvandudza inofanirwa kusanganisira shanduko nyowani dzesoftware pamwe neshanduko muSecure Software Standard.
Nets inoburitsa ruzivo pane zvakanyorwa websaiti kana paine zvigadziriso mugwaro rekushandisa.
Websaiti: https://support.nets.eu/
For Example: Nets PCI-Secure Software Standard Software Vendor Implementation Guide ichagoverwa kune vese vatengi, vatengesi, uye vanobatanidza. Vatengi, Vatengesi, uye Vanobatanidza vanozoziviswa kubva ku reviews uye zvigadziriso. Zvigadziriso kuPCI-Secure Software Standard Software Vendor Implementation Guide inogona kuwanikwa nekubata maNet zvakananga, zvakare.
Iyi PCI-Secure Software Standard Software Vendor Implementation Guide inonongedza ese PCI-Secure Software Standard uye PCI zvinodiwa. Mavhezheni anotevera akataurwa mugwaro rino.

  • PCI-Secure-Software-Standard-v1_1

Chengetedza Kubhadhara Chikumbiro

2.1 Chishandiso S/W
Iwo maViking ekubhadhara maapplication haashandise chero software yekunze kana hardware isiri yeViking yakamisikidzwa application. Zvese zvinobatika zveS/W zveViking kubhadhara chikumbiro zvakasainwa nedhijitari neTetra kusaina kit yakapihwa neIngenico.

  • Iyo terminal inotaurirana neNets Host ichishandisa TCP/IP, kungave kuburikidza neEthernet, GPRS, Wi-Fi, kana kuburikidza nePC-LAN inomhanyisa POS application. Zvakare, iyo terminal inogona kutaurirana nemuiti kuburikidza nenharembozha neWi-Fi kana GPRS yekubatanidza.

Viking terminals inobata kutaurirana kwese uchishandisa Ingenico link layer chikamu. Ichi chikamu chishandiso chakaiswa mune terminal. Iyo Link Layer inogona kubata akati wandei kutaurirana panguva imwe chete uchishandisa akasiyana peripherals (modem uye serial port ye ex.ample).
Ikozvino inotsigira zvinotevera maprotocol:

  • Muviri: RS232, modem yemukati, yekunze modem (kuburikidza neRS232), USB, Ethernet, Wi-Fi, Bluetooth, GSM, GPRS, 3G uye 4G.
  • Data Link: SDLC, PPP.
  • Network: IP.
  • Kutakura: TCP.

Iyo terminal inogara ichitora danho rekumisikidza kutaurirana kwakanangana neNets Host. Iko hakuna TCP / IP server S / W mune terminal, uye iyo terminal S / W haina kumbopindura kune dzinopinda mafoni.
Kana yasanganiswa nePOS application paPC, iyo terminal inogona kusetwa kuti itaure kuburikidza nePC-LAN ichimhanyisa POS application uchishandisa RS232, USB, kana Bluetooth. Zvichiri kushanda kwese kwekushandisa kwekubhadhara kuri kushanda mune terminal S/W.
Iyo protocol protocol (uye yakashandiswa encryption) iri pachena uye yakazvimirira yerudzi rwekutaurirana.
2.1.1 Payment Host kutaurirana TCP/IP parameter setup Nets PCI Yakachengeteka Software Standard - setup
2.1.2 ECR kutaurirana

  • RS232 Seri
  • USB Connection
  • TCP/IP parameter setup, inozivikanwawo seECR pamusoro peIP
    Nets PCI Yakachengeteka Software Standard - setup1
  • Host/ECR kutaurirana sarudzo muViking Payment Application
    Host COMM Type Terminal Type
    Ethernet SeIf4000, Move3500, Desk3500, La n e3000
    BT iOS Link2500, Link2500i
    BT Android Move3500, Link2500, Link2500i
    kuburikidza neECR SeIf4000, Move3500, Link2500, Link2500i, Desk3500,
    Lane3000
    GPRS Fambisa3500
    'Align Move3500, Link2500
    Mhando yeECR COMM Terminal Type
    IP Ethernet SeIf4000, Move3500, Desk3500, Lane3000
    BT iOS Link2500, Link2500i
    BT Android Move3500, Link2500, Link2500i
    USB SeIf4000, Move3500, Link2500, Link2500i, Desk3500, Lane3000
    RS232 SeIf4000, Desk3500, Lane3000
    GPRS Fambisa3500
    IP Will Move3500, Link2500
  • Nets Cloud ECR (Batanidza Cloud) maparamita kumisikidzwa
    ECR IP kero 212.226.157.243
    Kukurukurirana TCP-IP PORT 6001

2.1.3 Hurukuro yekugamuchira kuburikidza neECR

Host IP kero 91.102.24142
Kukurukurirana TCP-IP PORT (NORWAY) 9670

Cherechedza: Tarisa "2.1.1- Payment Host communication TCP/IP parameter setup" kune dzimwe nyika TCP/IP ports.
2.2 Inotsigirwa terminal hardware (s)
Viking kubhadhara application inotsigirwa pane akasiyana PTS (PIN transaction chengetedzo) yakasimbiswa Ingenico zvishandiso.
Rondedzero yeterminal hardware pamwe nenhamba yavo yekubvumidza yePTS inopiwa pazasi.

Tetra Terminal Types

Terminal hardware PTS shanduro PTS mvumo nhamba PTS Hardware Version PTS Firmware Version
Nzira ye3000 5.x 4-30310 LAN30AN LAN30BA LAN30BN LAN30CA LAN30DA LAN30EA LAN30EN LAN30FA LAN30FN LAN30GA LAN30HA LAN30AA 820547v01.xx

820561v01.xx
Desk 3500 5.x 4-20321 DES32BB DES32BC DES32CB DES32DB DES32DC DES35AB DES35BB DES35BC DES35CB DES35DB DES35DC DES32AB 820376v01.xx
820376v02.xx
820549v01.xx
820555v01.xx
820556v01.xx
820565v01.xx
820547v01.xx
Fambisa 3500 5.x 4-20320 MOV35AC MOV35AQ MOV35BB MOV35BC MOV35BQ MOV35CB MOV35CC MOV35CQ MOV35DB MOV35DC MOV35DQ MOV35EB MOV35FB MOV35JB
MOV35AB		 820376v01.xx
820376v02.xx
820547v01.xx
820549v01.xx
820555v01.xx
820556v01.xx
820565v01.xx
820547v01.xx
820565v01.xx
Link2500 4.x 4-30230 LIN25BA LIN25BB LIN25CA LIN25DA LIN25DB LIN25EA LIN25FA 820555v01.xx
820556v01.xx
820547v01.xx
LIN25FB LIN25GA LIN25HA LIN25HB LIN25IA LIN25JA LIN25JB LIN25KA LIN25LA LIN25MA LIN25NA LIN25AA
Link2500 5.x 4-30326 LIN25BA LIN25BB LIN25CA LIN25DA LIN25DB LIN25EA LIN25FA LIN25FB LIN25GA LIN25HA LIN25HB LIN25IA LIN25JA LIN25JB LIN25KA LIN25LA LIN25MA LIN25NA LIN25NA 25BB 820547v01.xx
Self4000 5.x 4-30393 SEL40BA 820547v01.xx

2.3 Mitemo yekuchengetedza
Viking yekubhadhara chikumbiro inonamatira kune ese anoshanda ekuchengetedza marongero anotsanangurwa neIngenico. Kuti uwane ruzivo rwakakwana, aya ndiwo anongedzo kumitemo yekuchengetedza yeTetra terminals dzakasiyana:

Terminal Type Security Policy gwaro
Link2500 (v4) Link/2500 PCI PTS Chengetedzo Policy (pcisecuritystandards.org)
Link2500 (v5) PCI PTS Chengetedzo Policy (pcisecuritystandards.org)
Desk3500 https://listings.pcisecuritystandards.org/ptsdocs/4-20321ICO-OPE-04972-EN- V12_PCI_PTS_Security_Policy_Desk_3200_Desk_3500-1650663092.33407.pdf
Fambisa3500 https://listings.pcisecuritystandards.org/ptsdocs/4-20320ICO-OPE-04848-EN- V11_PCI_PTS_Security_Policy_Move_3500-1647635765.37606.pdf
Lane3000 https://listings.pcisecuritystandards.org/ptsdocs/4-30310SP_ICO-OPE-04818-EN- V16_PCI_PTS_Security_Policy_Lane_3000-1648830172.34526.pdf
Self4000 Self/4000 PCI PTS Chengetedzo Policy (pcisecuritystandards.org)

Chengetedza Remote Software Update

3.1 Mutengesi Kushanda

Nets inoendesa zvakachengeteka Viking kubhadhara application zvigadziriso kure. Aya magadzirirwo anoitika pane imwecheteyo nzira yekutaurirana seyakachengeteka kubhadhara kutengeserana, uye mutengesi haafanirwe kuita chero shanduko kune iyi nzira yekutaurirana kuti itevedzwe.
Kuti uwane ruzivo rwese, vatengesi vanofanirwa kugadzira mutemo unogamuchirika wekushandisa matekinoroji akatarisana nevashandi, maererano negwara riri pazasi reVPN, kana kumwe kumhanyisa-kumhanya, zvigadziriso zvinogamuchirwa kuburikidza nefirewall kana firewall yako.
3.2 Gwaro Rekushandisa Rinogamuchirwa
Mutengesi anofanirwa kugadzira marongero ekushandisa akakosha-akatarisana nevashandi matekinoroji, senge modem nemidziyo isina waya. Iyi mitemo yekushandiswa inofanira kusanganisira:

  • Yakajeka manejimendi mvumo yekushandisa.
  • Authentication yekushandisa.
  • Rondedzero yezvishandiso zvese uye vashandi vane mukana.
  • Kuisa mazita pamidziyo ine muridzi.
  • Bata ruzivo uye chinangwa.
  • Kushandiswa kwakagamuchirwa kwehunyanzvi.
  • Nzvimbo dzenetiweki dzinogamuchirwa dzetekinoroji.
  • Rondedzero yezvigadzirwa zvakatenderwa nekambani.
  • Kubvumira kushandiswa kwemamodemu kune vatengesi chete kana zvichidikanwa uye kudzima mushure mekushandisa.
  • Kurambidzwa kwekuchengetwa kwedata revaridzi makadhi pane zvemuno media kana yakabatana kure.

3.3 Personal Firewall
Chero "nguva dzose-pa" yekubatanidza kubva pakombuta kuenda kuVPN kana kumwe kumhanyisa-kumhanya kunofanirwa kuchengetedzwa nekushandisa wega firewall chigadzirwa. Iyo firewall inogadziriswa nesangano kuti isangane nematanho chaiwo uye isingachinjike nemushandi.
3.4 Remote Update Procedures
Pane nzira mbiri dzekukonzeresa terminal kuti ubate neNets software centre yekuvandudza:

  1. Pamwe nemaoko kuburikidza nesarudzo yemenyu mune terminal (swipe merchant kadhi, sarudza menyu 8 "Software", 1 "Tora software"), kana Host yakatangwa.
  2. Kushandisa Host yakatanga nzira; iyo terminal inogashira murairo kubva kune Host mushure mekunge yaita kutengeserana kwemari. Murairo unoudza terminal kuti ibate neNets software centre kuti itarise zvigadziriso.

Mushure mekubudirira kwesoftware update, terminal ine yakavakirwa-mukati printer inodhinda risiti ine ruzivo rweiyo vhezheni itsva.
Terminal integrators, vadyidzani uye/kana maNets technical support team ichava nebasa rekuzivisa vatengesi nezvekuvandudzwa, kusanganisira chinongedzo chegwaro rekushandisa rakagadziridzwa uye zvinyorwa zvekuburitsa.
Pamusoro pekugamuchira mushure mekuvandudza software, Viking yekubhadhara application inogona zvakare kusimbiswa kuburikidza neTerminal Info pakudzvanya 'F3' kiyi pane terminal.

Chengetedza Kudzimwa kweSensitive Dhata uye Dziviriro yeAkachengetwa Kadhi Muridzi Dhata

4.1 Mutengesi Kushanda
Viking yekubhadhara application haichengete chero magineti mitsetse data, kadhi yekusimbisa kukosha kana makodhi, maPIN kana PIN block data, cryptographic kiyi zvinhu, kana cryptograms kubva kune ayo apfuura shanduro.
Kuti uve zvinoenderana nePCI, mutengesi anofanira kunge aine mutemo wekuchengeta-data uyo unotsanangura kuti data rine makadhi richachengetwa kwenguva yakareba sei. Viking yekubhadhara application inochengeta data rine makadhi uye / kana inonzwisisika yechokwadi dhata rekupedzisira kutengeserana uye kana paine kunze kwenyika kana kudzoreredzwa mvumo yekutengeserana uku uchitevedzera PCI-Secure Software Standard kutevedzera panguva imwe chete, saka inogona kuregererwa kubva mutemo wekuchengeta dhata remutengesi.
4.2 Chengetedza Delete Mirayiridzo
Iyo terminal haichengete inonzwisisika yechokwadi data; full track2, CVC, CVV kana PIN, kwete pamberi kana mushure memvumo; kunze kweDeferred Authorization transactions iyo nyaya yakavharidzirwa inonzwisisika yechokwadi data (yakazara track2 data) inochengetwa kusvika mvumo yaitwa. Tumira mvumo iyo data inobviswa zvakachengeteka.
Chero chiitiko chenhoroondo yakarambidzwa data iripo mune terminal inozodzimwa zvakachengeteka kana iyo terminal Viking yekubhadhara application yakwidziridzwa. Kudzimwa kwedata rakarambidzwa rekare uye dhata rakapfuura rekuchengetedza mutemo zvinozoitika zvoga.
4.3 Nzvimbo Dzakachengetwa Kadhi Data
Kadhi data rakachengetwa muFlash DFS (Data File System) yeiyo terminal. Iyo data haiwanikwe zvakananga nemutengesi.

Data Store (file, tafura, zvichingodaro) Cardholder Data Elements yakachengetwa
(PAN, kupera, chero zvinhu zveSAD)		 Kuti data store inochengetedzwa sei
(semuenzanisoample, encryption, kuwana zvidzoreso, truncation, nezvimwewo)
File: kudarika PAN, Zuva rekupera, Service Code PAN: Yakavharidzirwa 3DES-DUKPT (112 bits)
File: storefwd.rsd PAN, Zuva rekupera, Service Code PAN: Yakavharidzirwa 3DES-DUKPT (112 bits)
File: transoff.rsd PAN, Zuva rekupera, Service Code PAN: Yakavharidzirwa 3DES-DUKPT (112 bits)
File: transorr.rsd Truncated PAN Yakadimburwa (Chekutanga 6, Yekupedzisira 4)
File: offlrep.dat Truncated PAN Yakadimburwa (Chekutanga 6, Yekupedzisira 4)
File: defauth.rsd PAN, Zuva rekupera, Service Code PAN: Yakavharidzirwa 3DES-DUKPT (112 bits)
File: defauth.rsd Yakazara track2 data Yakazara Track2 data: pre-Encrypted 3DES-DUKPT (112 bits)

4.4 Deferred Authorization Transaction
Mvumo Yakamisikidzwa inoitika kana mutengesi asingakwanise kupedzisa mvumo panguva yekutengeserana nemubati wekadhi nekuda kwekubatana, nyaya dzemasisitimu, kana zvimwe zvipimo, obva apedzisa mvumo kana achinge akwanisa kuzviita.
Izvi zvinoreva kuti mvumo yakadzoserwa inoitika kana mvumo yepamhepo yaitwa mushure mekunge kadhi risisipo. Sezvo mvumo yepamhepo yekudzoserwa mvumo yekutengeserana inonokerwa, matransferensi acho achachengetwa pane terminal kudzamara ma transaction apihwa mvumo gare gare kana network yavepo. Matekisheni anochengetwa uye anotumirwa gare gare kumugadziri, senge machengeterwo eOffline transaction kubva nhasi muViking kubhadhara application.
Mutengesi anogona kutanga kutengeserana se 'Deferred Authorization' kubva kuElectronic Cash Rejista (ECR) kana kuburikidza neyekupedzisira menyu.
Deferred Authorization transactions inogona kuiswa kuNets host nemutengesi uchishandisa pazasi sarudzo:

  1. ECR - Admin kuraira - Tumira kunze kwenyika (0x3138)
  2. Terminal - Mutengesi -> 2 EOT -> 2 yakatumirwa kune muenzi

4.5 Matanho ekugadzirisa matambudziko
Tsigiro yeNets haikumbire kutendeseka kwechokwadi kana kadhi data rekugadzirisa matambudziko. Viking yekubhadhara application haigone kuunganidza kana kugadzirisa iyo inonzwisa dhata chero ipi zvayo.

4.6 PAN nzvimbo - Kuratidzwa kana kudhindwa
Masked PAN:

  • Marisiti Yekutengeserana Kwemari:
    Masked PAN inogara yakadhindwa parisiti rekutengesa kune vese vane makadhi uye mutengesi. Iyo PAN yakafukidzwa mune mazhinji emakesi ine * apo yekutanga manhamba matanhatu uye yekupedzisira manhamba mana ari mumavara akajeka.
  • Transaction list report:
    Transaction list report inoratidza kutengeserana kwakaitwa muchikamu. Tsanangudzo yekutengeserana inosanganisira Masked PAN, Kadhi rinoburitsa zita uye huwandu hwekutengesa.
  • Risiti yekupedzisira yemutengi:
    Iyo kopi yekupedzisira risiti yemutengi inogona kugadzirwa kubva kune terminal kopi menyu. Risiti yemutengi ine PAN yakavharidzirwa serisiti rekutanga revatengi. Basa rakapihwa rinoshandiswa kana terminal ikatadza kugadzira mutengi
    risiti panguva yekutengeserana chero chikonzero.

Encrypted PAN:

• Risiti yekutengeserana pasina Indaneti:
Retailer risiti yekutengeserana pasina Indaneti inosanganisira Triple DES 112-bit DUKPT data yakavharidzirwa yevaridzi makadhi (PAN, Expiry date uye Service code).

BAX: 71448400-714484
12/08/2022 10:39
Visa
Contactless
************3439-0
107A47458AE773F3A84DF977
553E3D93FFFF9876543210E0
15F3
AID: A0000000031010
TVR: 0000000000
StoreID: 123461
Ref.: 000004 000000 KC3
Mhinduro: Y1
Chikamu: 782
TENGA
NOK 12,00
AKABVUMA
RETAILER COPY
Simbiso
Viking yekubhadhara application inogara ichivharidzira iyo data remune makadhi nekusarudzika kuti ichengeterwe kunze kwepamhepo transaction, kuendesa kune NETS host uye kudhinda yakavharidzirwa kadhi data parisiti yemutengesi yekutengeserana kunze kwenyika.
Zvakare, kuratidza kana kuprinda kadhi PAN, Viking kubhadhara application inogara yakavharisa iyo PAN manhamba neasterisk '*' ine Yekutanga 6 + Yekupedzisira manhamba mana akajeka sekumisikidzwa. Iyo kadhi nhamba yekudhinda fomati inodzorwa neiyo terminal manejimendi system uko kudhinda fomati inogona kuchinjwa nekukumbira kuburikidza neyakakodzera chiteshi uye nekupa bhizinesi zviri pamutemo zvinodiwa, zvisinei neViking kubhadhara application, hapana zvakadaro.
Example yePAN yakafukidzwa:
PAN: 957852181428133823-2
Ruzivo rudiki: **************3823-2
Ruzivo rwepamusoro: 957852 ******** 3823-2
4.7 Kurumidza files
Viking yekubhadhara chikumbiro haipe chero yakaparadzana kukurumidza files.
Viking chikumbiro chekubhadhara chikumbiro chekupinza makadhi kuburikidza nekuratidzira zvinokurudzira izvo zviri chikamu chekutumira mameseji mukati meiyo yakasainwa yekubhadhara Viking chikumbiro.
Kurudziro yekuratidzira yePIN, huwandu, nezvimwe zvinoratidzwa pane terminal, uye zvemukati memakadhi zvakamirirwa. Izvo zvakagamuchirwa kubva kumubati wemakadhi hazvina kuchengetwa.
4.8 Kutungamira kwakakosha
Kune iyo Tetra mhando yemamodhi ekupedzisira, mashandiro ese ekuchengetedza anoitwa munzvimbo yakachengeteka yePTS mudziyo wakadzivirirwa kubva kune yekubhadhara application.
Encryption inoitwa mukati menzvimbo yakachengeteka nepo decryption yeiyo encryption data inogona kuitwa chete neNets Host masisitimu. Yese kiyi yekutsinhana pakati peNets host, Kiyi / Inject tool (yeTetra terminals) uye iyo PED inoitwa mu encrypted fomu.
Matanho eKiyi Management anoitwa neNets zvinoenderana neDUKPT chirongwa uchishandisa 3DES encryption.
Ese makiyi uye makiyi ezvikamu anoshandiswa neNets terminals anogadzirwa uchishandisa zvakabvumidzwa zvisina kujairika kana pseudorandom maitiro. Makiyi uye zvinhu zvakakosha zvinoshandiswa neNets zviteshi zvinogadzirwa neNets kiyi manejimendi system, iyo inoshandisa yakatenderwa Thales Pay nhovo HSM zvikamu kugadzira cryptographic kiyi.
Iyo yakakosha manejimendi yakazvimirira pane yekubhadhara kushanda. Kurodha application nyowani hakudi shanduko kune kiyi mashandiro. Iyo terminal kiyi nzvimbo inotsigira yakatenderedza 2,097,152 kutengeserana.
Kana iyo kiyi nzvimbo yapera, Viking terminal inomira kushanda uye inoratidza meseji yekukanganisa, uye ipapo iyo terminal inofanira kutsiviwa.
4.9 '24 HR' Reboot
Ese maViking materminal PCI-PTS 4.x uye pamusoro uye nekudaro anotevera zvinodiwa kuti PCI-PTS 4.x terminal itangezve zvishoma kamwe chete maawa makumi maviri nemana ega ega kupukuta RAM uye nekuwedzera chengetedzo terminal HW kubva kushandiswa kuwana mubhadharo. kadhi data.
Imwe bhenefiti yeiyo '24hr' re-boot kutenderera ndeyekuti kudonha kwendangariro kunodzikiswa uye kuve nekushomeka kune mushambadzi (kwete kuti isu tinofanirwa kugamuchira ndangariro leak nyaya.
Mutengesi anogona kuseta iyo reboot nguva kubva kune terminal Menu sarudzo kuenda 'Reboot Nguva'. Nguva yekudzokorodza inosetwa zvichibva pa'24hr' wachi uye inotora iyo fomati HH:MM.
Iyo Reset michina yakagadzirirwa kuve nechokwadi chekugadzirisazve terminal kanokwana kamwechete pamaawa makumi maviri nemana achimhanya. Kuzadzisa ichi chinodiwa nguva, inonzi "reset interval" inomiririrwa naTemin uye Tmax yakatsanangurwa. Iyi nguva inomiririra nguva yenguva iyo kugadzirisa zvakare kunobvumirwa. Zvichienderana nekesi yebhizinesi, iyo "reset interval" inogadziriswa panguva yekupedzisira yekuisa chikamu. Nekugadzira, nguva iyi haigone kupfupika kupfuura maminitsi makumi matatu. Munguva iyi, kugadziridza kunoitika zuva rega rega 24 maminetsi apfuura (paT30) sekutsanangurwa kwazvino nemufananidzo uri pazasi:Nets PCI Yakachengeteka Software Standard - 'Reboot

4.10 Whitelisting
Whitelisting inzira yekuona kuti maPAN akanyorwa sevachena anotenderwa kuratidzwa mumavara akajeka. Viking inoshandisa minda mitatu yekuona maPAN akacheneswa ayo anoverengwa kubva kune zvigadziriso zvakatorwa kubva kune terminal manejimendi system.
Kana 'mureza wekuteerera' muNets host waiswa kuY, ruzivo kubva kuNets Host kana Terminal management system inodhaunirodwa kuterminal, kana terminal yatanga. Mureza weCompliance uyu uri kushandiswa kuona maPAN akacheneswa ayo anoverengwa kubva mudataset.
Mureza we'Track2ECR' unotarisisa kana data reTrack2 richitenderwa kubatwa (kutumirwa/kugamuchirwa) neECR kune anenge apihwa. Zvichienderana nekukosha kwemureza uyu, zvinotariswa kana iyo track2 data ichifanira kuratidzwa mune yemuno modhi paECR.
'Print fomati ndima' inotara kuti PAN icharatidzwa sei. Iwo makadhi ari muPCI chiyero achave ese akadhinda fomati akaiswa kuratidza iyo PAN mune truncated/masked fomu.

Authentication uye Access Controls

5.1 Kupinda Kudzora
Iyo Viking yekubhadhara application haina maakaundi evashandisi kana mapassword anoenderana saka, iyo Viking yekubhadhara application inoburitswa pane ichi chinodiwa.

  • ECR Integrated setup:
    Izvo hazvigoneke kuwana marudzi ekutengeserana akadai seKudzosera, Dhipatimendi uye Reversal kubva kune terminal menyu kuita kuti mabasa aya achengeteke kubva mukushandiswa zvisizvo. Aya ndiwo marudzi ekutengeserana uko kuyerera kwemari kunoitika kubva kuaccount yemutengesi kuenda kuaccount yemuridzi wemakadhi. Ibasa remutengesi kuona kuti ECR inoshandiswa chete nevashandisi vane mvumo.
  • Standalone setup:
    Mutengesi kadhi yekuwana kutonga ndeye default inogoneswa kuwana ma transaction marudzi seRefund, Deposit uye Reversal kubva kune terminal menyu kuita kuti mabasa aya achengeteke kubva mukusashandiswa zvisizvo.
    Iyo Viking terminal inogadziriswa nekusarudzika kuchengetedza menyu sarudzo, kudzivirira kupinda kusingatenderwe. Iwo maparamita ekugadzirisa iyo menyu chengetedzo inowira pasi peMerchant Menu (inowanikwa neMerchant kadhi) -> Parameters -> Chengetedzo.

Nets PCI Secure Software Standard - 'Standalone setup

Chengetedza menyu - Gadzirisa ku 'Hongu' nekusingaperi.
Bhatani remenu pane terminal rinodzivirirwa uchishandisa Dzivirira menyu kumisikidza. Menyu inogona kuwanikwa chete neMutengesi uchishandisa kadhi remutengesi. Nets PCI Yakachengeteka Software Standard - 'Standalone setup1

Dzivirira kudzokera shure - Gadzirisa ku 'Hongu' nekusingaperi.
Kudzosera kumashure kutengeserana kunogona kuitwa chete nemutengesi achishandisa kadhi remutengesi kuwana menyu inodzoserwa. Nets PCI Chengetedza Software Standard - ' Dzivirira kudzoserwa

Chengetedza kuyanana - Gadzirisa ku 'Hongu' nekusingaperi
Sarudzo yeKuyananisa inogona kuwanikwa chete nemutengesi ane kadhi remutengesi kana dziviriro iyi yaiswa kuti ichokwadi. Nets PCI Yakachengeteka Software Standard - ' Dzivirira kudzoserwa 1

Dzivirira Shortcut - Gadzirisa ku 'Hongu' nekusarudzika
Shortcut menyu ine sarudzo dze viewing Terminal Info uye sarudzo yekuvandudza Bluetooth paramita ichave iripo kumutengesi chete kana kadhi remutengesi rikatsvaira.Nets PCI Yakachengeteka Software Standard - Dzivirira

5.2 Password Controls
Iyo Viking yekubhadhara application haina mushandisi maakaundi kana anoenderana mapassword; saka, iyo Viking application haina kuregererwa pane ichi chinodiwa.

Kutema miti

6.1 Mutengesi Kushanda
Parizvino, yeNets Viking yekubhadhara application, hapana yekupedzisira-mushandisi, inogadziriswa PCI log marogi.
6.2 Gadzirisa Rogi Settings
Iyo Viking yekubhadhara application haina mushandisi maakaundi, saka PCI inopindirana nematanda haishande. Kunyangwe mune yakanyanya verbose transaction yekutema iyo Viking yekubhadhara application haitore chero yakavanzika yechokwadi data kana kadhi data.
6.3 Central Logging
Iyo terminal ine generic log mechanism. Iyo meshini inosanganisirawo kutema matanda ekugadzira uye kudzima kweS / W inogoneka.
S/W kurodha zviitiko zvakarogwa uye zvinogona kuendeswa kune Host mawoko kuburikidza nemenu-sarudzo mune terminal kana pakukumbira kubva kumugadziri akamisikidzwa mune zvakajairika transaction traffic. Kana S/W kudhawunirodha activation ikatadza nekuda kwekusaina masiginecha edhijitari pane yakagamuchirwa files, chiitiko chinorogwa uye choendeswa kune Host otomatiki uye nekukasira.
6.3.1 Gonesa trace Logging pane terminal
Kugonesa trace logging:

  1. Swipe Merchant kadhi.
  2. Wobva wasarudza "9 System menyu".
  3. Wobva waenda kumenyu "2 System Log".
  4. Nyora iyo tekinoroji kodhi, iyo yaunogona kuwana nekufonera Nets Merchant Service rutsigiro.
  5. Sarudza "8 Parameters".
  6. Wobva wagonesa "Logging" ku "Hongu".

6.3.2 Tumira trace Logs kune muridzi
Kutumira trace logs:

  1. Dzvanya kiyi yeMenu pane terminal uye wobva wa Swipe Merchant kadhi.
  2. Wobva wasarudza "7 Operator menyu".
  3. Wobva wasarudza "5 Send Trace Logs" kuti utumire trace logs kune host.

6.3.3 Remote trace loggging
Iyo parameter yakaiswa muNets Host (PSP) iyo inogonesa / kudzima iyo Terminal's trace regging performance kure. Nets Host inotumira Trace inogonesa / kudzima kutema paramende kune Terminal muData yakaiswa pamwe nenguva yakarongwa apo Terminal ichaisa Trace logs. Kana terminal ikagashira Trace parameter sezvainogoneswa, yaizotanga kutora Trace logs uye panguva yakarongwa ichaisa ese matrace logs uye kudzima basa rekutema matanda ipapo.
6.3.4 kuremote kukanganisa kukanganisa
Error logs anogara achigoneswa pane terminal. Kufanana nekutsvaga matanda, paramende inoiswa muNets Host iyo inogonesa / kudzima Terminal kukanganisa kwekutema matanda kure. Nets Host inotumira Trace inogonesa / kudzima kutema dhizaini kuTeminari muData yakaiswa pamwe nenguva yakarongwa apo Terminal ichaisa Error logs. Kana terminal ikagashira Kukanganisa kutema paramende sekugoneswa, yaizotanga kutora Error logs uye panguva yakarongwa ichaisa ese ekukanganisa matanda uye kudzima basa rekutema matanda ipapo.

Wireless Networks

7.1 Mutengesi Kushanda

Viking kubhadhara terminal - MOVE 3500 uye Link2500 vane kugona kubatana neWi-Fi network. Naizvozvo, kuti Wireless ishandiswe zvakachengeteka, kufunga kunofanirwa kutorwa paunenge uchiisa uye nekugadzirisa iyo isina waya network sekutsanangurwa pazasi.
7.2 Yakakurudzirwa Wireless Configurations
Pane zvakawanda zvinotariswa uye matanho ekutora kana uchigadzira mawireless network akabatana netiweki yemukati.
Pazvishoma, zvinotevera zvigadziriso uye zvigadziriso zvinofanirwa kunge zviripo:

  • Yese isina waya network inofanirwa kupatsanurwa uchishandisa firewall; kana kubatanidza pakati pewireless network nekadhi yedata data nharaunda ichidikanwa, kupinda kunofanirwa kudzorwa uye kuchengetedzwa nefirewall.
  • Shandura iyo yakasarudzika SSID uye wodzima SSID kutepfenyura
  • Chinja mapassword akasarudzika ese ekubatanidza isina waya uye isina waya yekuwana nzvimbo, izvi zvinosanganisira console kuwana pamwe neSNMP nharaunda tambo.
  • Shandura chero imwe chengetedzo yakapihwa kana kusetwa nemutengesi
  • Ita shuwa kuti nzvimbo dzekuwana dzisina waya dzakagadziridzwa kune yazvino firmware
  • Shandisa WPA kana WPA2 chete nemakiyi akasimba, WEP inorambidzwa uye haifanire kushandiswa
  • Shandura makiyi eWPA/WPA2 pakugadzwa pamwe nekugara uye chero munhu ane ruzivo rwekiyi anosiya kambani.

Network Segmentation

8.1 Mutengesi Kushanda
Iyo Viking yekubhadhara application haisi server-yakavakirwa kubhadhara application uye inogara pane terminal. Nechikonzero ichi, chikumbiro chekubhadhara hachidi chero shanduko kuti isangane nechinodiwa ichi.
Paruzivo rwemutengesi, data yekadhi rechikwereti haigone kuchengetwa pamasisitimu akabatana neInternet. For example, web maseva nemaseva edatabase hazvifanirwe kuiswa pane imwechete server. Demilitarized zone (DMZ) inofanirwa kumiswa kuti iparadze network kuitira kuti michina iri paDMZ chete ndiyo iwanikwe paInternet.

Remote Access

9.1 Mutengesi Kushanda
Viking kubhadhara application haigone kuwanikwa kure. Rutsigiro rwekure rwunoitika chete pakati pemushandi weNets anotsigira nemutengesi parunhare kana nemaNet zvakananga panzvimbo nemutengesi.

Kuendesa Sensitive data

10.1 Kufambiswa kweSensitive data
Viking yekubhadhara application inochengetedza data rakadzikama uye/kana kadhi data mukufambisa uchishandisa meseji-level encryption uchishandisa 3DES-DUKPT (112 bits) kune ese kutapurirana (kusanganisira veruzhinji network). Chengetedzo Protocols ye IP kutaurirana kubva kuViking application kune Host haidiwe sezvo meseji-level encryption inoitwa uchishandisa 3DES-DUKPT (112-bits) sezvatsanangurwa pamusoro. Iyi encryption scheme inovimbisa kuti kunyangwe kana kutengeserana kukabatwa, hakugone kugadziridzwa kana kukanganiswa neimwe nzira kana 3DES-DUKPT (112-bits) ikaramba ichionekwa seyakasimba encryption. Sezviri paDUKPT kiyi manejimendi chirongwa, kiyi ye3DES inoshandiswa yakasarudzika kune yega yega kutengeserana.
10.2 Kugovera Sensitive data kune imwe software
Iyo Viking yekubhadhara application haipe chero inonzwisisika interface (s) / APIs kuti igone kugovera iyo cleartext account data zvakananga neimwe software. Hapana data inonzwisisika kana cleartext account data inogovaniswa neimwe software kuburikidza neakafumurwa APIs.

10.3 Email uye Sensitive data
Viking yekubhadhara application haitsigire kutumira email.
10.4 Non-Console Administrative Access
Viking haitsigire isiri-Console administrative kuwana.
Nekudaro, kune ruzivo rwemutengesi rwese, iyo isiri-Console manejimendi yekuwana inofanirwa kushandisa SSH, VPN, kana TLS ye encryption yeese asiri-console manejimendi yekuwana maseva munzvimbo yedhata yemakadhi. Telnet kana dzimwe nzira dzisina kuvharidzirwa dzekuwana hadzifanirwe kushandiswa.

Viking Versioning Methodology

Nzira yeshanduro yeNets ine zvikamu zvitatu zveS/W nhamba yeshanduro: a.bb.c
uko 'a' ichawedzerwa kana yakakwira shanduko shanduko inoitwa sePCI-Secure Software Standard.
a - huru vhezheni (1 digit)
'bb' ichawedzerwa kana yakaderera maitiro akarongwa shanduko inoitwa sePCI-Secure Software Standard.
bb - vhezheni diki (manhamba maviri)
'c' ichawedzerwa kana yakaderera maitiro chigamba shanduko inoitwa sePCI-Secure Software Standard.
c - diki vhezheni (1 digit)
Iyo Viking yekubhadhara application S/W vhezheni nhamba inoratidzwa seizvi pane terminal skrini kana iyo terminal inokwidziridzwa: 'abbc'

  • An update kubva semuenzaniso, 1.00.0 kusvika 2.00.0 inokosha inoshanda update. Inogona kusanganisira shanduko dzine chekuita pakuchengetedza kana PCI Secure Software Standard zvinodiwa.
  • An update kubva semuenzaniso, 1.00.0 kusvika 1.01.0 isiri-yakakosha mashandiro ekuvandudza. Iyo inogona kunge isingasanganisire shanduko ine chekuita pakuchengetedza kana PCI Chengetedza Software Standard zvinodiwa.
  • An update kubva semuenzaniso, 1.00.0 kusvika 1.00.1 isiri-yakakosha mashandiro ekuvandudza. Iyo inogona kunge isingasanganisire shanduko ine chekuita pakuchengetedza kana PCI Chengetedza Software Standard zvinodiwa.

Shanduko dzese dzinomiririrwa mukutevedzana kwenhamba.

Mirayiridzo nezve Yakachengeteka Kuiswa kwePatches uye Zvidzoreso.

Mambure anounza zvakachengeteka maapplication ekubhadhara ari kure. Aya magadzirirwo anoitika pane imwecheteyo nzira yekutaurirana seyakachengeteka kubhadhara kutengeserana, uye mutengesi haafanirwe kuita chero shanduko kune iyi nzira yekutaurirana kuti itevedzwe.
Kana paine chigamba, maNet anovandudza chigamba vhezheni paNets Host. Mutengesi aiwana zvigamba kuburikidza neotomatiki S/W yekurodha chikumbiro, kana mutengesi anogona zvakare kutanga kurodha software kubva kune terminal menyu.
Kuti uwane ruzivo rwese, vatengesi vanofanirwa kugadzira mutemo unogamuchirika wekushandisa matekinoroji akatarisana nevashandi, maererano negwara riri pazasi reVPN kana kumwe kumhanyisa-kumhanya, zvigadziriso zvinogamuchirwa kuburikidza nefirewall kana vashandi firewall.
Iyo Nets host inowanikwa kuburikidza neinternet uchishandisa yakachengeteka kuwana kana netiweki yakavharwa. Nenetiweki yakavharwa, mupi wetiweki ane chinongedzo chakananga kune yedu yekugara nharaunda inopihwa kubva kune yavo network network. Iwo materminal anotungamirwa kuburikidza neNet terminal manejimendi masevhisi. Iyo terminal manejimendi sevhisi inotsanangura kune exampnharaunda iyo terminal ndeyayo uye anowana ari kushandiswa. Terminal manejimendi zvakare ine basa rekusimudzira terminal software kure netiweki. Mambure anovimbisa kuti software yakaiswa kune terminal yapedza zvitupa zvinodiwa.
Mambure anokurudzira cheki mapoinzi kune vese vatengi vayo kuti ive nechokwadi chekubhadhara uye chakachengeteka kubhadhara sezvakanyorwa pazasi:

  1. Chengetedza runyoro rwezvese mashandiro ekubhadhara zviteshi uye tora mapikicha kubva kune ese mativi kuti iwe uzive zvavanofanira kutaridzika.
  2. Tarisa zviratidzo zviri pachena zvetampering sezvisimbiso zvakatyoka pamusoro pekuvhara mahwendefa kana screws, odd kana akasiyana cabling kana mudziyo mutsva wehardware wausingazive.
  3. Dzivirira materminals ako kubva kune vatengi kana asiri kushandiswa. Ongorora zviteshi zvako zvekubhadhara zuva nezuva uye zvimwe zvishandiso zvinogona kuverenga makadhi ekubhadhara.
  4. Iwe unofanirwa kutarisa kuzivikanwa kwevashandi vekugadzirisa kana iwe uchitarisira chero kubhadhara terminal kugadziriswa.
  5. Fonera maNet kana bhangi rako nekukurumidza kana uchifungidzira chero chiitiko chisingaonekwe.
  6. Kana iwe uchitenda kuti mudziyo wako wePOS uri panjodzi yekuba, saka kune ma cradles esevhisi uye haneshi dzakachengeteka uye tether dziripo kuti utengerwe kutengeserana. Zvingave zvakakodzera kufunga nezvekushandisa kwavo.

Viking Release Updates

Iyo Viking software inoburitswa mune anotevera kuburitswa kutenderera (zvichienderana nekuchinja):

  • 2 makuru anoburitswa pagore
  • 2 madiki anoburitswa pagore
  • Zvimedu zveSoftware, sezvazvinenge zvichidikanwa, (semuenzaniso nekuda kwechero yakakosha bug/dambudziko rekusagadzikana). Kana kuburitswa kuchishanda mumunda uye dzimwe nyaya dzakakomba (s) dzinoshumwa, saka chigamba chesoftware chine gadziriso chinotarisirwa kuburitswa mukati memwedzi mumwe chete.

Vatengesi vaizoziviswa nezve zvaburitswa (zvikuru/zvidiki/chigamba) kuburikidza nemaemail ayo aizotumirwa zvakananga kune avo eemail kero. Iyo email ichave zvakare iine makuru makuru ekuburitsa uye kuburitsa manotsi.
Vatengesi vanogona zvakare kuwana zvinyorwa zvekuburitsa izvo zvichaiswa pa: Software kuburitsa manotsi (nets.eu)
Kuburitswa kweViking Software kunosainwa pachishandiswa Ingenico's kuimba chishandiso cheTetra terminals. Chete software yakasainwa ndiyo inogona kuiswa pane terminal.

Kwete-Inoshanda zvinodiwa

Ichi chikamu chine rondedzero yezvinodiwa muPCI-Secure Software Standard iyo yakaongororwa se'Isingashandiswe' kune Viking yekubhadhara application uye kupembedza kweizvi.

PCI Secure Software Standard CO Chiitiko Chikonzero chekuve 'Isingashandiswe'
5.3 Nzira dzechokwadi (kusanganisira magwaro epaseshini) dzakasimba zvakakwana uye dzakasimba kudzivirira magwaro echokwadi kubva mukunyepedzera, kubirwa, kuburitswa, kufungidzira, kana kutenderedzwa. Viking kubhadhara application inomhanya paPCI yakatenderwa PTS POI mudziyo.
Viking yekubhadhara application haipe yemuno, isiri-console kana kure yekuwana, kana mwero wemaropafadzo, nekudaro hapana humbowo hwechokwadi muPTS POI mudziyo.
Viking yekubhadhara application haipe zvigadziriso zvekutonga kana kugadzira maID evashandisi uye haipe chero yemuno, isiri-console kana kure kuwana kune yakakosha zvinhu (kunyangwe nezvinangwa zvekugadzirisa).
5.4 Nekutadza, kuwana kwese kumidziyo yakakosha kunongogumira kune iwo chete maakaunti nemasevhisi anoda kuwana kwakadaro. Viking kubhadhara application inomhanya paPCI yakatenderwa PTS POI mudziyo.
Viking kubhadhara application haipe marongero ekubata kana kugadzira maakaundi kana masevhisi.
7.3 Nhamba dzese dzisina kujairika dzinoshandiswa nesoftware dzinogadzirwa pachishandiswa chete zvakabvumidzwa nhamba chizvarwa (RNG) algorithms kana maraibhurari.
Yakatenderwa RNG algorithms kana maraibhurari ndeaya anosangana neindasitiri zviyero zvekusa-fungika zvakakwana (semuenzaniso, NIST Special Publication 800-22).		 Viking kubhadhara application haishandise chero RNG (random nhamba jenareta) kune yayo encryption mabasa.
Viking yekubhadhara application haiburitse kana kushandisa chero nhamba dzisina kujairika dzecryptographic mabasa.
7.4 Random tsika dzine entropy inosangana neiyo shoma inoshanda simba zvinodiwa zvekriptographic primitives uye makiyi anovimba nawo. Viking kubhadhara application haishandise chero RNG (random nhamba jenareta) kune yayo encryption mabasa.
Viking yekubhadhara application haiburitse kana kushandisa chero nhamba dzisina kujairika dzecryptographic mabasa.
8.1 Kuedza kwese kwekuwana uye kushandiswa kwezvinhu zvakakosha zvinotevedzwa uye zvinoteedzerwa kune akasarudzika munhu. Viking yekubhadhara application inomhanya paPCI yakatenderwa PTS POI zvishandiso, uko kwese kwakakomba asset kubata kunoitika, uye iyo PTS POI firmware inovimbisa kuvanzika uye kutendeseka kwe data rakavanzika richichengetwa mukati mePTS POI mudziyo.
Kuvanzika kweViking kubhadhara application yakavanzika, kutendeseka uye kusimba kunodzivirirwa uye kunopihwa nePTS POI firmware. Iyo PTS POI firmware inodzivirira chero kuwana kune zvakakosha zvinhu kunze kweiyo terminal uye inovimba ne-anti-t.ampering features.
Viking yekubhadhara chikumbiro haipe yemuno, isiri-console kana kure yekuwana, kana mwero weropafadzo, saka hapana munhu kana mamwe masisitimu ane mukana wekuwana zvinhu zvakakomba, chete Viking kubhadhara application inokwanisa kubata zvakakomba zvinhu.
8.2 Zvese zviitiko zvinotorwa mune yakakwana uye inodiwa zvakadzama kutsanangura nemazvo kuti ndezvipi zviitiko zvakaitwa, ndiani akazviita, nguva yaakaitwa, uye izvo zvakakosha zvinhu zvakakanganiswa. Viking kubhadhara application inomhanya paPCI yakatenderwa PTS POI zvishandiso. Viking yekubhadhara application haipe yemuno, isiri-console kana kure kure, kana mwero weropafadzo, nekudaro hapana munhu kana mamwe masisitimu ane mukana wekuwana zvinhu zvakakosha, chete Viking kubhadhara application inokwanisa kubata zvakakomba zvinhu.
• Viking kubhadhara chikumbiro haapi ropafadzo modes kushanda.
• Hapana mabasa ekudzima encryption ye data inonzwisisika
• Iko hakuna mabasa e decryption of sensitive data
• Hapana mabasa ekutumira kunze data inonzwisisika kune mamwe masisitimu kana maitiro
• Hapana chechokwadi maficha anotsigirwa Chengetedzo zvidzoreso uye kuchengetedzwa kushanda hakugone kudzimwa kana kudzimwa.
8.3 Iyo software inotsigira kuchengetedza kwakachengeteka kweakadzama
chiitiko
zvinyorwa.		 Viking kubhadhara application inomhanya paPCI yakatenderwa PTS POI zvishandiso. Viking yekubhadhara application haipe yemuno, isiri-console kana kure kure, kana mwero weropafadzo, nekudaro hapana munhu kana mamwe masisitimu ane mukana wekuwana zvinhu zvakakosha, chete Viking kubhadhara application inokwanisa kubata zvakakomba zvinhu.
• Viking kubhadhara chikumbiro haapi ropafadzo modes kushanda.
• Hapana mabasa ekudzima encryption ye data inonzwisisika
• Iko hakuna mabasa e decryption of sensitive data
• Hapana mabasa ekutumira kunze data inonzwisisika kune mamwe masisitimu kana maitiro
• Hapana chechokwadi maficha anotsigirwa Chengetedzo zvidzoreso uye kuchengetedzwa kushanda hakugone kudzimwa kana kudzimwa.
8.4 Iyo software inobata kutadza mukuita-yekuteedzera nzira dzekuti kutendeseka kwemarekodhi emabasa aripo kunochengetedzwa. Viking kubhadhara application inomhanya paPCI yakatenderwa PTS POI zvishandiso. Viking yekubhadhara application haipe yemuno, isiri-console kana kure kure, kana mwero weropafadzo, nekudaro hapana munhu kana mamwe masisitimu ane mukana wekuwana zvinhu zvakakosha, Viking application chete ndiyo inokwanisa kubata zvakakomba zvinhu.
• Viking kubhadhara chikumbiro haapi ropafadzo modes kushanda.
• Hapana mabasa ekudzima encryption ye data inonzwisisika
• Iko hakuna mabasa e decryption ye data sensitive |
• Hapana mabasa ekutumira kunze data inonzwisisika kune mamwe masisitimu kana maitiro
• Hapana maficha echokwadi anotsigirwa
• Zvidzoreso zvekuchengetedza uye mashandiro ekuchengetedza hazvigone kudzimwa kana kudzimwa.
B.1.3 Mutengesi wesoftware anochengeta zvinyorwa
iyo inotsanangura zvese zvinogadziriswa zvingasarudzwa
kukanganisa kuchengetedzeka kwe data inonzwisisika.		 Viking kubhadhara application inomhanya paPCI yakatenderwa PTS POI zvishandiso. Viking yekubhadhara application haipe chero ipi yeinotevera kune yekupedzisira vashandisi:
• configurable sarudzo yekuwana kune inonzwisisika data
• configurable sarudzo kugadzirisa michina kudzivirira sensitive data
• kure kuwana Anwendung
• zvigadziriso zviri kure zvekushandisa
• configurable sarudzo kugadzirisa default zvigadziriso Anwendung
B.2.4 Iyo software inoshandisa chete nhamba isina kurongeka
Generation function(s) inosanganisirwa mukubhadhara
terminal's PTS mudziyo kuongororwa kune ese cryptographic
mashandiro anosanganisira data rakadzama kana mabasa anonzwisa tsitsi panodiwa zvisina mwero uye haaite zvawo
random nhamba yekugadzira basa (s).		 Viking haishandise chero RNG (random nhamba jenareta) kune yayo encryption mabasa.
Viking application haiburitse kana kushandisa chero nhamba dzisina kujairika dzecryptographic mabasa.
B.2.9 Kutendeseka kwesoftware nekukurumidza files inodzivirirwa maererano neControl Objective B.2.8. Zvese zvinokurumidza kuratidzwa paViking terminal zvakavharirwa mukushandisa uye hapana kukurumidza files aripo kunze kwekushandisa.
Hapana kukurumidza files kunze kweViking kubhadhara application iripo, ruzivo rwese rwunodiwa runogadzirwa neapp.
B.5.1.5 Nhungamiro yekushandisa inosanganisira mirairo kune vanobatana kuti vasaine cryptographically kusaina zvese nekukurumidza files. Zvese zvinokurudzira zvinoratidzwa paViking terminal zvakavharirwa mukushandisa uye hapana kukurumidza files aripo kunze kwekushandisa.
Hapana kukurumidza files kunze kweViking kubhadhara application iripo, ruzivo rwese rwunodiwa runogadzirwa neapp

PCI Chengetedza Software Standard Zvinodiwa Reference

Zvitsauko mugwaro iri PCI Chengetedza Software Standard Zvinodiwa PCI DSS zvinodiwa
2. Chengetedza Kubhadhara Kushandisa B.2.1 6.1
12.1
12.1.b		 2.2.3
3. Chengetedza Remote Software Updates 11.1
11.2
12.1		 1&12.3.9
2, 8, uye 10
4. Kudzimwa kwakachengeteka kweSensitive Data uye Kudzivirirwa kweAkachengetwa Kadhi Data 3.2
3.4
3.5
A.2.1
A.2.3
B.1.2a		 3.2
3.2
3.1
3.3
3.4
3.5
3.6
Authentication uye Access Controls 5.1
5.2
5.3
5.4		 8.1 & 8.2
8.1 & 8.2
Kutema miti 3.6
8.1
8.3		 10.1
10.5.3
Wireless Network 4.1 1.2.3 & 2.1.1
4.1.1
1.2.3, 2.1.1,4.1.1
Network Segmentation 4.1c 1.3.7
Remote Access B.1.3 8.3
Kufambiswa kweCardholder Data A.2.1
A.2.3		 4.1
4.2
2.3
8.3
Viking Versioning Methodology 11.2
12.1.b
Mirayiridzo yevatengi nezve yakachengeteka kuisirwa zvigamba uye zvigadziriso. 11.1
11.2
12.1

Tsanangudzo yeMatemu

TERM DEFINITION
Kadhi data Yakazara magineti mutsetse kana iyo PAN pamwe nechero ipi yeiyi inotevera:
· Zita remuridzi wemakadhi
· Zuva rekupera
· Service Code
DUKPT Derived Unique Key Per Transaction (DUKPT) ndiyo yakakosha manejimendi chirongwa umo kune yega yega yekutengeserana, yakasarudzika kiyi inoshandiswa iyo inotorwa kubva kune yakagadziriswa kiyi. Naizvozvo, kana kiyi yakatorwa ikakanganiswa, remangwana uye rekare data rekutengeserana richiri kuchengetedzwa sezvo makiyi anotevera kana epamberi haagone kutariswa zviri nyore.
3DES Mune cryptography, Triple DES (3DES kana TDES), zviri pamutemo Triple Data Encryption Algorithm (TDEA kana Triple DEA), iri symmetric-kiyi block cipher, iyo inoshandisa iyo DES cipher algorithm katatu kune yega yega data block.
Merchant Wekupedzisira mushandisi uye mutengi wechigadzirwa cheViking.
SSF Iyo PCI Software Security Framework (SSF) muunganidzwa wezviyero uye zvirongwa zveyakachengeteka dhizaini uye kusimudzira kwekubhadhara software. Chengetedzo yesoftware yekubhadhara chikamu chakakosha chekuyerera kwekubhadhara uye kwakakosha kufambisa kutengeserana kwakavimbika uye kwakaringana kubhadhara.
PA-QSA Payment Application Yakakodzera Chengetedzo Vaongorori. Kambani yeQSA inopa masevhisi kune vatengesi vezvikumbiro zvekubhadhara kusimbisa zvikumbiro zvekubhadhara zvevatengesi.
SUWA

(Sensitive Authentication Data)

 Ruzivo rwune chekuita nechengetedzo (Kadhi Rokusimbisa Makodhi/Makodhi, yakazara track data, maPIN, uye maPIN Mabhuroki) anoshandiswa kuratidza vane makadhi-vane makadhi, anooneka mune zviri pachena kana neimwe nzira isina kudzivirirwa. Kuburitswa, kugadziridzwa, kana kuparadzwa kweruzivo urwu kunogona kukanganisa kuchengetedzeka kwecryptographic mudziyo, system yeruzivo, kana ruzivo rwemune makadhi kana kuti inogona kushandiswa mukubiridzira. Sensitive Authentication Data haifanire kuchengetwa kana kutengeserana kwapera.
Viking Iyo software chikuva chinoshandiswa neNets yekuvandudza application kumusika weEurope.
HSM Hardware kuchengetedza module

Document Control

Munyori wezvinyorwa, Reviewers uye Vanobvumira

Tsanangudzo Function Zita
PA-QSA Reviewer Claudio Adamic / Flavio Bonfiglio Shorans
Development Munyori Aruna Panicked
Kuteerera Mutariri Reviewer & Mubvumira Arno Edstrom
System Architect Reviewer & Mubvumira Shamsher Singh
QA Reviewer & Mubvumira Varun Shukla
Muridzi wechigadzirwa Reviewer & Mubvumira Cecilia Jensen Tyldum / Arti Kangas
Product Manager Reviewer & Mubvumira May-Britt Dens tad Sanderson's
Injiniya maneja Manager Tamely Vallone

Summary of Changes

Version Number Version Date Chimiro Chekuchinja Chinja Munyori Reviewer Kudzokorora Tag Zuva Rakabvumirwa
1.0 03-08-2022 Yekutanga Shanduro yePCI-Yakachengeteka
Software Standard		 Aruna Panicked Shamsher Singh 18-08-22
1.0 15-09-2022 Yakagadziridzwa chikamu 14 nezvisinga shandiswe kudzora zvinangwa neavo
kururamisa		 Aruna Panicked Shamsher Singh 29-09-22
1.1 20-12-2022 Updated zvikamu 2.1.2 uye
2.2 neSelf4000. Yakabviswa Link2500 (PTS vhezheni 4.x) kubva pane inotsigirwa terminal runyorwa		 Aruna Panicked Shamsher Singh  

 

23-12-22
1.1 05-01-2023 Yakagadziridzwa chikamu 2.2 ine Link2500 (pts v4) yekuenderera mberi nerutsigiro rweizvi.

terminal mhando.

 Aruna Panicked Shamsher Singh 05-01-23
1.2 20-03-2023 Yakagadziridzwa chikamu 2.1.1 neLatvian neLithuanian
terminal profiles. Uye 2.1.2 neBT-iOS yekukurukurirana mhando rutsigiro		 Aruna Panicked Shamsher Singh

Distribution List

Zita Function
Terminal Department Kuvandudza, Muedzo, Project Management, Compliance
Product Management Terminal Product Management Team, Compliance Manager - Chigadzirwa

Zvinyorwa Zvibvumirano

Zita Function
Cecilia Jensen Tyldum Muridzi wechigadzirwa
Arti Kangas Muridzi wechigadzirwa

Gwaro Review Zvirongwa
Gwaro iri richava reviewed uye yakagadziridzwa, kana zvichidikanwa, sezvinotsanangurwa pazasi:

  • Sezvinodiwa kugadzirisa kana kuwedzera ruzivo rwemukati
  • Kutevera chero shanduko yesangano kana kugadzirisa patsva
  • Kutevera gore negore review
  • Kutevera kushandiswa kwekusagadzikana
  • Kutevera ruzivo rutsva / zvinodiwa zvine chekuita nekusagadzikana kwakakodzera

Nets logo

Zvinyorwa / Zvishandiso

Nets PCI Yakachengeteka Software Standard [pdf] Bhuku reMushandisi
PCI Chengetedza Software Standard, Yakachengeteka Software Standard, Software Standard, Standard
Nets PCI Yakachengeteka Software Standard [pdf] Bhuku reMushandisi
PCI Chengetedza Software Standard, Yakachengeteka Software Standard, Software Standard, Standard

References

Siya mhinduro

Yako email kero haizoburitswa. Nzvimbo dzinodiwa dzakamakwa *