background image

4 - Operation and Maintenance 

DynaFlex II PED| PIN Entry Device | PCI PTS POI v6.2 Security Policy 

 

Page 19 of 24 (

D998200520-15

4.6

 

Privacy Shield 

DynaFlex II PED has no privacy shield, therefore merchants must provide cardholders with the necessary 
privacy and guidance to enter PIN(s) safely and securely. One method is to include guidance messages 
and logos for the cardholder as part of a customer display driven by the host software. The figure below 
shows an example of a safe PIN entry logo that the host could display for the customer prior to, or in 
conjunction with, the PIN entry prompt message. 
 

 

Figure 4-3 - Safe PIN Entry Logo example 

 
Attendants should be trained to assist cardholders in ensuring that others are not looking while they are 
entering their PINs. The following table shows the combinations of PIN privacy methods that must be put 

in place when installing the device to protect the cardholder’s PIN during PIN entry.

 

 

Table 4-1 - Observation Corridors 

Method 

Observation Corridors 

Cashier 

Customer Queue 

Customer 
Elsewhere 

On-Site Cameras 

Remote 
Cameras 

Desktop 

Position device  
facing away from  
the cashier. Use  
signage to block  

cashier’s view

 

Position device  
in front of 
customer and the 
next in the queue. 

Customer’s b

ack 

to the queue 

Use body to 
block the view of 
other customers 

Do not  
install within  
view of  
cameras 

Do not  
install within  
view of  
cameras 

Mobile 

(handheld) 

Hold device  
facing away from  
the cashier. Use  
body to block  

cashier’s view

 

Use body to 
block the view of 
other customers.  

Customer’s back 

to the queue 

Use body to 
block the view of 
other customers  

Do not  
operate within  
view of  
cameras 

Do not  
operate within  
view of  
cameras 

Mounted 

Mount device  
facing away from  
the cashier. Use  
signage to block  

cashier’s view

 

Use body to 
block the view of 
other customers.  

Customer’s back 

to the queue 

Use body to 
block the view of 
other customers  

Do not  
install within  
view of  
cameras 

Do not  
install within  
view of  
cameras 

 

Summary of Contents for DynaFlex II PED

Page 1: ...ourt Seal Beach CA 90740 Phone 562 546 6400 Technical Support 888 624 8350 www magtek com DynaFlex II PED PIN Entry Device PCI PTS POI v6 2 Security Policy March 2023 Document Number D998200520 15 REG...

Page 2: ...tifiers containing ANSI are registered trademarks service marks and accreditation marks of the American National Standards Institute ANSI ISO is a registered trademark of the International Organizatio...

Page 3: ...3 Dec 16 2022 Remove no display option Add additional cryptographic algorithms Update screenshots for latest firmware 14 Feb 16 2023 Update PCI version to 6 2 Add extra info about HW ID Add pictures o...

Page 4: ...4 3 1 Initial Inspection 14 3 2 Installation 15 3 3 Environmental Conditions 15 3 4 Communications and Security Protocols 16 3 5 Configuration Settings 16 4 Operation and Maintenance 17 4 1 Periodic I...

Page 5: ...key management responsibilities administrative responsibilities device functionality identification and environmental requirements The use of the secure card reader in any manner not described in this...

Page 6: ...200520 15 2 General Description 2 1 Product Name and Appearance The front facing sides of the DynaFlex II PED and DynaFlex II PED with barcode reader BCR are shown in Figure 2 1 below The different re...

Page 7: ...l Description DynaFlex II PED PIN Entry Device PCI PTS POI v6 2 Security Policy Page 7 of 24 D998200520 15 Figure 2 2 DynaFlex II PED Bottom View DynaFlex II Kiosk Bottom View DynaFlex II PED BCR Bott...

Page 8: ...es a back cover intended for secure mounting suitable for use in an unattended environment All are approved as a PIN Entry Device PED device class under PCI PTS POI v6 2 requirements Usage in any othe...

Page 9: ...are Identifier PCI ID Tag Configuration Description 40PCI4SU0xBx DynaFlex II PED TOUCHSCREEN DISPLAY USB 40PCI5SU0xBx DynaFlex II PED TOUCHSCREEN DISPLAY BCR USB 40PCI4SW0xBx DynaFlex II PED TOUCHSCRE...

Page 10: ...4 0 P C I 4 K U 0 x B x 4 0 P C I 5 K U 0 x B x 4 0 P C I 4 K W 0 x B x 4 0 P C I 5 K W 0 x B x Fixed Position Variable X Position Description of Fixed or Variable X in the Selection Position 1 2 40 D...

Page 11: ...erties within the device The host can retrieve these properties at any time using Command 0xD101 Get Property as described in D998200383 DynaFlex Products Programmer s Manual COMMANDS Table 2 3 Main F...

Page 12: ...ule firmware part number 12 A Certified Version 13 Minor revisions bug fixes 15 17 PCI PCI version of firmware 2 3 3 Device Information Page While powering up the display briefly shows a page of infor...

Page 13: ...e device s PCI certification status including the installed firmware part numbers and versions and other identifying information see Figure 2 6 on the Welcome screen press the Pushbutton for 3 beeps t...

Page 14: ...ion check the Hardware and Firmware ID Hardware ID is printed on the label The Firmware ID is accessible via the device and displayed on the screen Go to the PCI compliance web page and search for Mag...

Page 15: ...immers tapping mechanisms and their wires or antennas Installation height is one factor in meeting this requirement The DynaFlex II PED is designed to maximize visibility of all card paths Assuming th...

Page 16: ...Flex II PED supports a USB interface using the USB HID protocol and optionally 802 11 WLAN using TLS 1 2 secure WebSocket Transactions configuration firmware updates and key injection can all be perfo...

Page 17: ...er on the secure card reader and check that the firmware runs well as the startup will inspect the hardware security authenticity and integrity of firmware Only the leftmost LED should be on and blink...

Page 18: ...ated default values e g passwords authentication codes certificates that require modification by the user to meet PCI security requirements A custom signed trust configuration file with the customer C...

Page 19: ...the device to protect the cardholder s PIN during PIN entry Table 4 1 Observation Corridors Method Observation Corridors Cashier Customer Queue Customer Elsewhere On Site Cameras Remote Cameras Deskto...

Page 20: ...g update tools available from the MagTek web site The device verifies each update is newer than the installed version and cryptographically authenticates the file If version checking or authentication...

Page 21: ...Wireless connections to access points require WPA2 Both personal and enterprise modes user id and password are supported 5 4 Key Management The device implements AES TDEA DUKPT as its only key manage...

Page 22: ...with key management requirements and cryptographic methods specifically TR 31 can be used for key loading Use of any other methods will invalidate PCI approval 5 6 Key Replacement Keys should be repla...

Page 23: ...Curve Cryptography ICCR Integrated Circuit Card Reader MAC In cryptography Message Authentication Code In networking Media Access Control address MSR Magnetic Stripe Reader NFC Near Field Communicati...

Page 24: ...naFlex Products Programmer s Manual COMMANDS D998200524 DynaFlex II DynaFlex II PED Device Inspection D998200525 DynaFlex II DynaFlex II PED Package Inspection D998200526 DynaFlex II DynaFlex II PED Q...

Reviews: