background image

0 - Table of Contents 

DynaFlex II| Smart Card Reader | PCI PTS POI v6.2 Security Policy 

 

Page 4 of 17 (

D998200573-10

Table of Contents 

Table of Contents .............................................................................................................................................. 4

 

1

 

Purpose ...................................................................................................................................................... 5

 

2

 

General Description .................................................................................................................................. 6

 

2.1

 

Product Name and Appearance ..................................................................................................... 6

 

3

 

Product Type .............................................................................................................................................. 7

 

3.1

 

Identification ..................................................................................................................................... 7

 

3.1.1

 

Hardware Identification .......................................................................................................... 7

 

3.1.2

 

Firmware Identification ........................................................................................................... 9

 

4

 

Installation and User Guidance ............................................................................................................ 10

 

4.1

 

Initial Inspection ............................................................................................................................. 10

 

4.2

 

Installation ....................................................................................................................................... 10

 

4.3

 

Environmental Conditions ............................................................................................................. 11

 

4.4

 

Communications and Security Protocols ................................................................................... 11

 

4.5

 

Configuration Settings ................................................................................................................... 11

 

5

 

Operation and Maintenance ................................................................................................................. 12

 

5.1

 

Periodic Inspection ......................................................................................................................... 12

 

5.2

 

Self-Test ........................................................................................................................................... 13

 

5.3

 

Roles and Responsibilities ............................................................................................................ 13

 

5.4

 

Passwords and Certificates .......................................................................................................... 13

 

5.5

 

Tamper Response .......................................................................................................................... 13

 

5.6

 

Patching and Updating .................................................................................................................. 14

 

5.7

 

Decommissioning........................................................................................................................... 14

 

6

 

Security ..................................................................................................................................................... 15

 

6.1

 

Account Data Protection ............................................................................................................... 15

 

6.2

 

Algorithms Supported .................................................................................................................... 15

 

6.3

 

Key Management ........................................................................................................................... 15

 

6.4

 

Key Loading ..................................................................................................................................... 15

 

6.5

 

Key Replacement ........................................................................................................................... 15

 

7

 

Acronyms ................................................................................................................................................. 16

 

Appendix A

 

References .............................................................................................................................. 17

 

 

 

 

Содержание DynaFlex II

Страница 1: ...Court Seal Beach CA 90740 Phone 562 546 6400 Technical Support 888 624 8350 www magtek com DynaFlex II Smart Card Reader PCI PTS POI v6 2 Security Policy March 2023 Document Number D998200573 10 REGIS...

Страница 2: ...tifiers containing ANSI are registered trademarks service marks and accreditation marks of the American National Standards Institute ANSI ISO is a registered trademark of the International Organizatio...

Страница 3: ...DynaFlex II Smart Card Reader PCI PTS POI v6 2 Security Policy Page 3 of 17 D998200573 10 Table 0 1 Revisions Rev Number Date Notes 10 Mar 13 2023 Initial Release...

Страница 4: ...e 10 4 1 Initial Inspection 10 4 2 Installation 10 4 3 Environmental Conditions 11 4 4 Communications and Security Protocols 11 4 5 Configuration Settings 11 5 Operation and Maintenance 12 5 1 Periodi...

Страница 5: ...gement responsibilities administrative responsibilities device functionality identification and environmental requirements The use of the secure card reader in any manner not described in this securit...

Страница 6: ...ance The front facing sides of DynaFlex II and DynaFlex II with Barcode Reader BCR are shown in Figure 2 1 below The different rear facing sides of all devices are shown in Figure 2 2 Figure 2 1 DynaF...

Страница 7: ...er SCR devices adhering to PCI PTS POI v6 2 requirements Usage in any other environment will invalidate the approval 3 1 Identification 3 1 1 Hardware Identification To find important product identifi...

Страница 8: ...Description of Associated Variables PCI Hardware ID Number 1 2 3 4 5 6 7 8 9 10 11 12 4 1 P C I 4 S U 0 x B x 4 1 P C I 5 S U 0 x B x 4 1 P C I 4 K U 0 x B x 4 1 P C I 5 K U 0 x B x Fixed Position Var...

Страница 9: ...within the device The host can retrieve these properties at any time using Command 0xD101 Get Property as described in D998200383 DynaFlex Products Programmer s Manual COMMANDS Table 3 3 Main Firmware...

Страница 10: ...evice Inspection which is included in the package with each device 5 Follow the steps in section 0 to view the PCI firmware versions installed on the device Make sure this matches one of the Firmware...

Страница 11: ...perature or operating voltage outside the values in the table below will trigger environmental security protections resulting in a tamper condition The device will need to be returned to the factory f...

Страница 12: ...d check that the firmware runs well as the startup will inspect the hardware security authenticity and integrity of firmware Only the leftmost LED should be on and blinking green MagTek strongly recom...

Страница 13: ...ted tools using cryptographic authentication 5 4 Passwords and Certificates DynaFlex II ships from the factory fully secure The devices have no security related default values e g passwords authentica...

Страница 14: ...ion by using update tools available from the MagTek web site The device verifies each update is newer than the installed version and cryptographically authenticates the file If version checking or aut...

Страница 15: ...ANS X9 24 Part 3 Table 6 1 DynaFlex II Product Keys Key Name Size Algorithm Purpose Transport Keys 32 bytes AES TR 31 KBPKs Key Injection Account Data Key 16 bytes for TDEA and AES 128 32 bytes for A...

Страница 16: ...Key Per Transaction ECC Elliptic Curve Cryptography ICCR Integrated Circuit Card Reader MAC In cryptography Message Authentication Code In networking Media Access Control address MSR Magnetic Stripe R...

Страница 17: ...al D998200383 DynaFlex Products Programmer s Manual COMMANDS D998200563 DynaFlex II Device Inspection D998200566 DynaFlex II KIOSK Device Inspection D998200525 DynaFlex II DynaFlex II Package Inspecti...

Отзывы: