5 - Operation and MaintenanceOperation and Maintenance
DynaFlex II| Smart Card Reader | PCI PTS POI v6.2 Security Policy
Page 13 of 17 (
D998200573-10
)
5.2
Self-Test
DynaFlex II performs self-tests at power-up and after reset. The device automatically resets and performs
self-tests every 23 hours. No manual steps by the operator are required. Self-tests include:
•
Checking the integrity and authenticity of the firmware and cryptographic keys.
•
Checking security mechanisms for signs of tampering.
5.3
Roles and Responsibilities
DynaFlex II has no functionality that gives access to security-sensitive services based on roles. Such
services are managed through dedicated tools, using cryptographic authentication.
5.4
Passwords and Certificates
DynaFlex II ships from the factory fully secure. The devices have no security related default values (e.g.,
passwords/authentication codes/certificates) that require modification by the user to meet PCI security
requirements.
5.5
Tamper Response
If the device senses a physical or environmental attack, it erases all sensitive keys, and will have limited
functionality. While powered on, DynaFlex II indicates the tampered state has been triggered by flashing
all four LEDs red (see
If this occurs:
1)
Remove the device from service immediately.
2)
Store it securely for possible forensics investigation.
3)
Contact the manufacturer for assistance. The device will likely need to be returned to the
manufacturer for diagnosis and servicing.
Figure 5-2 Tamper Response