manualshive.com logo in svg

Magtek DynaGlass, Instruction Manual, Page: 18 / 22

Share
Download
Magtek DynaGlass Instruction Manual Download Page 18

5 - Security 

DynaGlass| Payment Terminal | PCI PTS POI Security Policy 

 

Page 18 of 22 (

D998200455-10

5

 

Security 

5.1

 

Account-Data Protection 

The device always encrypts account data from all three readers using an 

X9.24 DUKPT

 derived data key.  

The device does not support any mechanisms, such as whitelists or SRED disable settings, that would 
allow account data to be transmitted unencrypted. 

5.2

 

Algorithms Supported 

The device includes the following algorithms: 

 

Triple DES (128 bits) 

 

AES (128 bits, 256 bits)  

 

RSA (Signature verification, 2048 bits) 

 

SHA256 (Signature digest)  

 

ECC (P-256, P-384, P-521) 

5.3

 

Key Management 

The device supports the DUKPT key management method.  This method uses a unique key for each 
transaction, and prevents the disclosure of any past key used by the transaction-originating device. 
 
Using any other key management methods will violate the PCI PTS approval of the device. 
 
It is forbidden to load same key to multiple devices.  Each device must have unique keys. 
 
 

 

Summary of Contents for DynaGlass

Page 1: ...Court I Seal Beach CA 90740 I Phone 562 546 6400 I Technical Support 888 624 8350 www magtek com DynaGlass Payment Terminal PCI PTS POI Security Policy June 2021 Document Number D998200455 10 REGISTE...

Page 2: ...trademarks of UL LLC PCI Security Standards Council is a registered trademark of the PCI Security Standards Council LLC EMV is a registered trademark in the U S and other countries and an unregistere...

Page 3: ...DynaGlass Payment Terminal PCI PTS POI Security Policy Page 3 of 22 D998200455 10 Table 0 1 Revisions Rev Number Date Notes 10 Jun 10 2021 Initial Release...

Page 4: ...tions and Security Protocols 13 3 5 Configuration Settings 13 4 Operation and Maintenance 14 4 1 Periodic Inspection 14 4 1 1 How to Inspect the ICC Card Insertion Slot 14 4 1 2 How to Inspect the Mag...

Page 5: ...nteraction POI allowing merchants to accept banking cards for processing transactions It is equipped with three card readers A 3 track magnetic stripe card reader a contact chip card reader a contactl...

Page 6: ...ss Payment Terminal PCI PTS POI Security Policy Page 6 of 22 D998200455 10 2 General Description 2 1 Product Name and Appearance DynaGlass looks like Figure 2 1 below and Figure 2 2 below Figure 2 1 D...

Page 7: ...2 General Description DynaGlass Payment Terminal PCI PTS POI Security Policy Page 7 of 22 D998200455 10 Figure 2 2 DynaGlass Left Side DynaGlass Right Side...

Page 8: ...d and electronic device reader CTLS It also includes an LCD touchscreen display with PIN entry capability It is intended to be used as an attended desktop device This device is approved as a Point Of...

Page 9: ...ok on the printed product label on the bottom of the device as shown in Figure 2 3 below Do not remove alter or cover this label Figure 2 3 DynaGlass Device Label Location Figure 2 4 DynaGlass Device...

Page 10: ...n 1000007853 Ax xx PCI AP System Version 1000007852 Ax xx PCI Each lowercase x indicates minor non security related changes Users should check to make sure the firmware versions are consistent with ve...

Page 11: ...the labels on shipping materials and documentation 4 Visually inspect the device per D998200442 DYNAGLASS DEVICE INSPECTION which is included in the package with the device 5 Power on the device and m...

Page 12: ...r 5V 1A Operating Temperature 0 to 50 Storage Temperature 10 to 60 Humidity 10 RH 90 40 The security of the device is not compromised by altering the environmental conditions outside the stated operat...

Page 13: ...USB 802 11 Wireless LAN WLAN Bluetooth Communication protocols TLS v1 2 USB protocol DHCP ICMP ARP TCP UDP IP Physical interface functions and data The USB C interface is used to transfer non sensiti...

Page 14: ...Secure Processor shows a notification message and locks the device making further use of the device impossible If you observe a tamper notification message contact your representative for assistance 4...

Page 15: ...zed service center to arrange for repairs 4 3 Roles and Responsibilities MagTek generally sells directly to merchants or indirectly to merchants via Value Added Resellers VARs and acquirers MagTek pro...

Page 16: ...are files can also be loaded via a secure remote updating process using Open Protocol HTTPS with TLS1 2 The device verifies that each update is newer than the installed version and cryptographically a...

Page 17: ...t cardholders in ensuring that others are not looking while they are entering their PINs The following table shows the combinations of PIN privacy methods that must be put in place when installing the...

Page 18: ...d 5 2 Algorithms Supported The device includes the following algorithms Triple DES 128 bits AES 128 bits 256 bits RSA Signature verification 2048 bits SHA256 Signature digest ECC P 256 P 384 P 521 5 3...

Page 19: ...keys can only be used for their intended purposes via the interfaces or commands provided by the device Key Name Purpose Usage Algorithm s Size Bits SKEK Encryption of working keys downloaded into th...

Page 20: ...are signature verification SHA256 and RSA 2048 are used for Application Processor AP firmware signature verification SHA256 and ECDSA P256 are used for Secure Processor SP firmware signature verificat...

Page 21: ...APIs ensures the application will be compliant with PCI PTS security requirements 7 Acronyms Acronym Definition AES Advanced Encryption Standard AP Application Processor the processor in the device t...

Page 22: ...2 of 22 D998200455 10 Appendix A References The following documents may be used to provide additional details about the device and this security policy 1 Software API Development Guide 2 D998200439 Dy...

Reviews:

No comments