I-PCI iKhusekile uMgangatho weSoftware
Isikhokelo somsebenzisi
INets Denmark A/S:
PCI-Secure Software Standard
Isikhokelo sokuPhunyezwa koMthengisi weSoftware
yeViking terminal 1.02.0
Inguqulelo 1.2
Intshayelelo kunye noMda
1.1. Intshayelelo
Injongo yale PCI-Secure Software Standard umthengisi Implementation Guide kukubonelela abachaphazelekayo isikhokelo ecacileyo nolucokisekileyo kuphunyezo olukhuselekileyo, uqwalaselo, kunye nokusebenza software Viking. Isikhokelo siyalela abarhwebi ngendlela yokuphumeza isicelo se-Nets 'Viking kwindawo yabo ngendlela ehambelanayo ne-PCI Secure Software Standard. Nangona, ayenzelwanga ukuba ibe sisikhokelo sofakelo esipheleleyo. Isicelo seViking, ukuba ifakwe ngokwezikhokelo ezibhalwe apha, kufuneka iququzelele, kwaye ixhase ukuthotyelwa kwePCI yomthengisi.
1.2 Inkqubo yoKhuseleko lweSoftware (SSF)
I-PCI Software Security Framework (SSF) yingqokelela yemigangatho kunye neenkqubo zoyilo olukhuselekileyo kunye nophuhliso lwesoftware yesicelo sokuhlawula. I-SSF ithatha indawo yoMgangatho woKhuseleko lweSicelo seNtlawulo (PA-DSS) ngeemfuno zale mihla ezixhasa uluhlu olubanzi lweentlobo zesoftware yokuhlawula, ubugcisa, kunye neendlela zophuhliso. Inika abathengisi ngemigangatho yokhuseleko efana ne-PCI Secure Software Standard yokuphuhlisa nokugcina isoftware yokuhlawula ukwenzela ukuba ikhusele ukuthengiselana kwentlawulo kunye nedatha, inciphise ubuthathaka, kwaye ikhusele ekuhlaselweni.
1.3 ISikhokelo sokuSetyenziswa koMthengisi weSoftware – Ukusasazwa noHlaziyo
Esi siKhokelo sokuSetyenziswa koMthengisi weSoftware ye-PCI eKhuselekileyo kufuneka sisasazwe kubo bonke abasebenzisi bezicelo ezifanelekileyo kubandakanya nabarhwebi. Kufuneka ihlaziywe ubuncinci ngonyaka kwaye emva kotshintsho kwisoftware. Uhlaziyo lonyakaview kunye nohlaziyo kufuneka lubandakanye utshintsho olutsha lwesoftware kunye notshintsho kuMgangatho oKhuselekileyo weSoftware.
INet ipapasha ulwazi kolu luhlu webindawo ukuba kukho uhlaziyo kwisikhokelo sokuphunyezwa.
Webindawo: https://support.nets.eu/
Kuba Eksample: INets PCI-Secure Software Standard Implementation Guide iya kuhanjiswa kubo bonke abathengi, abathengisi, kunye nabahlanganisi. Abathengi, abathengisi, kunye nabaHlanganisi baya kwaziswa ukusuka kwi-reviews kunye nohlaziyo. Uhlaziyo lwe-PCI-Secure Software Standard Implementation Guide inokufumaneka ngokuqhagamshelana neNets ngokuthe ngqo, ngokunjalo.
Esi siKhokelo sokuSetyenziswa koMthengisi weSoftwe ngoMgangatho we-PCI-Secure ubhekisa zombini iPCI-Secure Software Standard kunye neemfuno zePCI. Ezi nguqulelo zilandelayo zichazwe kwesi sikhokelo.
- PCI-Khusela-Software-Standard-v1_1
Isicelo seNtlawulo ekhuselekileyo
2.1 Isicelo S/W
Izicelo zentlawulo yeViking ayisebenzisi nayiphi na isoftware yangaphandle okanye ihardware engeyiyo eyeViking efakwe kwisicelo. Zonke izinto eziphunyeziweyo ze-S/W zesicelo sentlawulo yeViking zisayinwa ngokwedijithali kunye nekhithi yokusayina yeTetra enikezwe yi-Ingenico.
- Itheminali inxibelelana ne-Nets Host isebenzisa i-TCP/IP, mhlawumbi nge-Ethernet, i-GPRS, i-Wi-Fi, okanye nge-PC-LAN eqhuba usetyenziso lwe-POS. Kwakhona, i-terminal inokunxibelelana nomninimzi ngeselfowuni nge-Wi-Fi okanye i-GPRS yoqhagamshelwano.
Iitheminali zeViking zilawula lonke unxibelelwano zisebenzisa icandelo le-Ingenico link layer. Eli candelo sisicelo esilayishwe kwi-terminal. ULuhlu loNxibelelwano lunokulawula unxibelelwano oluninzi ngexesha elinye usebenzisa iiperipherals ezahlukeneyo (imodem kunye nezibuko lothotho lwe ex.ample).
Ngoku ixhasa ezi nkqubo zilandelayo:
- Okomzimba: I-RS232, imodem yangaphakathi, imodem yangaphandle (nge-RS232), i-USB, i-Ethernet, i-Wi-Fi, iBluetooth, i-GSM, i-GPRS, i-3G kunye ne-4G.
- Ikhonkco leDatha: SDLC, PPP.
- Inethiwekhi: IP.
- Ezothutho: TCP.
Itheminali isoloko ithatha inyathelo lokuqala lokuseka unxibelelwano olusingise kumamkeli weNets. Akukho TCP / IP iseva S/W kwi-terminal, kwaye i-terminal S/W ayilokothi iphendule kwiifowuni ezingenayo.
Xa idityaniswe nesicelo sePOS kwiPC, i-terminal inokusetwa ukuba inxibelelane ngePC-LAN eqhuba isicelo sePOS isebenzisa iRS232, USB, okanye iBluetooth. Kusenjalo konke ukusebenza kwesicelo sentlawulo kuqhuba kwi-terminal S/W.
Iprotocol yesicelo (kunye ne-encryption esetyenzisiweyo) icacile kwaye izimeleyo kuhlobo lonxibelelwano.
2.1.1 Unxibelelwano lwe-Payment Host i-TCP/IP yokumisela ipharamitha 
2.1.2 Unxibelelwano lwe-ECR
- RS232 Uthotho
- UQhagamshelwano lwe-USB
- Ukuseta iparamitha ye-TCP/IP, eyaziwa ngokuba yi-ECR ngaphezulu kwe-IP
- I-Host / ECR iinketho zonxibelelwano kwi-Viking Payment Application
Uhlobo lwe-COMM yokusingatha Uhlobo lwetheminali I-Ethernet SeIf4000, Move3500, Desk3500, La n e3000 BT iOS Link2500, Link2500i BT Android Move3500, Link2500, Link2500i nge-ECR SeIf4000, Move3500, Link2500, Link2500i, Desk3500,
Indlela3000GPRS Hambisa3500 ‘Lungelelanisa Move3500, Link2500 Uhlobo lwe-ECR COMM Uhlobo lwetheminali IP Ethernet SeIf4000, Move3500, Desk3500, Lane3000 BT iOS Link2500, Link2500i BT Android Move3500, Link2500, Link2500i i-USB SeIf4000, Move3500, Link2500, Link2500i, Desk3500, Lane3000 RS232 SeIf4000, Desk3500, Lane3000 GPRS Hambisa3500 IP Will Move3500, Link2500 - INets Cloud ECR (Connect Cloud) iparameters uqwalaselo
Idilesi ye-ECR IP 212.226.157.243 Unxibelelwano lwe-TCP-IP PORT 6001
2.1.3 Unxibelelwano oluza kubamba nge-ECR
| Idilesi ye-IP yomamkeli | 91.102.24142 |
| Unxibelelwano lwe-TCP-IP PORT (NORWAY) | 9670 |
Qaphela: Jonga "i-2.1.1- Intlawulo yoMamkeli unxibelelwano lweTCP/IP ukusetwa kweparamitha" kwi-TCP/IP izibuko zelizwe.
2.2 Izixhobo zetheminali ezixhaswayo
Isicelo sentlawulo yeViking sixhaswa kwiintlobo ngeentlobo ze-PTS (i-PIN transaction security) eqinisekisiweyo yezixhobo ze-Ingenico.
Uluhlu lwezixhobo zetheminali kunye nenombolo yazo yemvume ye-PTS inikwe ngezantsi.
Iintlobo zeTetra Terminal
| Indawo yokukhwelela hardware | Inguqulelo ye-PTS | Inombolo yemvume ye-PTS | PTS Hardware Version | Uguqulelo lweFirmware ye-PTS |
| Indlela 3000 | 5.x | 4-30310 | I-LAN30AN LAN30BA LAN30BN LAN30CA LAN30DA LAN30EA LAN30EN LAN30FA LAN30FN LAN30GA LAN30HA LAN30AA | 820547v01.xx
820561v01.xx |
| Idesika ye-3500 | 5.x | 4-20321 | DES32BB DES32BC DES32CB DES32DB DES32DC DES35AB DES35BB DES35BC DES35CB DES35DB DES35DC DES32AB | 820376v01.xx 820376v02.xx 820549v01.xx 820555v01.xx 820556v01.xx 820565v01.xx 820547v01.xx |
| Hambisa 3500 | 5.x | 4-20320 | MOV35AC MOV35AQ MOV35BB MOV35BC MOV35BQ MOV35CB MOV35CC MOV35CQ MOV35DB MOV35DC MOV35DQ MOV35EB MOV35FB MOV35JB I-MOV35AB |
820376v01.xx 820376v02.xx 820547v01.xx 820549v01.xx 820555v01.xx 820556v01.xx 820565v01.xx 820547v01.xx 820565v01.xx |
| Ikhonkco2500 | 4.x | 4-30230 | LIN25BA LIN25BB LIN25CA LIN25DA LIN25DB LIN25EA LIN25FA | 820555v01.xx 820556v01.xx 820547v01.xx |
| LIN25FB LIN25GA LIN25HA LIN25HB LIN25IA LIN25JA LIN25JB LIN25KA LIN25LA LIN25MA LIN25NA LIN25AA | ||||
| Ikhonkco2500 | 5.x | 4-30326 | LIN25BA LIN25BB LIN25CA LIN25DA LIN25DB LIN25EA LIN25FA LIN25FB LIN25GA LIN25HA LIN25HB LIN25IA LIN25JA LIN25JB LIN25KA LIN25LA LIN25MA LIN25NA LIN25NA LIN25NA XNUMXBB | 820547v01.xx |
| Ngokwakho4000 | 5.x | 4-30393 | I-SEL40BA | 820547v01.xx |
2.3 Imigaqo-nkqubo yoKhuseleko
Isicelo sentlawulo yeViking sibambelela kuyo yonke imigaqo-nkqubo yokhuseleko echazwe yi-Ingenico. Ngolwazi ngokubanzi, la ngamakhonkco kwimigaqo-nkqubo yokhuseleko yeetheminali zeTetra ezahlukeneyo:
| Uhlobo lwetheminali | Uxwebhu loMgaqo-nkqubo woKhuseleko |
| Ikhonkco2500 (v4) | Ikhonkco/2500 PCI PTS yoMgaqo-nkqubo woKhuseleko (pcisecuritystandards.org) |
| Ikhonkco2500 (v5) | UMgaqo-nkqubo woKhuseleko we-PCI PTS (pcisecuritystandards.org) |
| Desk3500 | https://listings.pcisecuritystandards.org/ptsdocs/4-20321ICO-OPE-04972-EN- V12_PCI_PTS_Security_Policy_Desk_3200_Desk_3500-1650663092.33407.pdf |
| Hambisa3500 | https://listings.pcisecuritystandards.org/ptsdocs/4-20320ICO-OPE-04848-EN- V11_PCI_PTS_Security_Policy_Move_3500-1647635765.37606.pdf |
| Indlela3000 | https://listings.pcisecuritystandards.org/ptsdocs/4-30310SP_ICO-OPE-04818-EN- V16_PCI_PTS_Security_Policy_Lane_3000-1648830172.34526.pdf |
| Ngokwakho4000 | Self/4000 PCI PTS UMgaqo-nkqubo woKhuseleko (pcisecuritystandards.org) |
Khusela uHlaziyo lweSoftwe ekude
3.1 Ukusetyenziswa koMrhwebi
I-Nets ihambisa ngokukhuselekileyo uhlaziyo lwesicelo sentlawulo yeViking ukude. Olu hlaziyo lwenzeka kwijelo lonxibelelwano elifanayo njengentengiselwano yentlawulo ekhuselekileyo, kwaye umrhwebi akadingeki ukuba enze naluphi na utshintsho kule ndlela yonxibelelwano yokuthotyelwa.
Ngolwazi oluqhelekileyo, abarhwebi kufuneka baphuhlise umgaqo-nkqubo wokusetyenziswa okwamkelekileyo kwiiteknoloji ezibalulekileyo ezijongene nabasebenzi, ngokwezikhokelo ezingezantsi ze-VPN, okanye ezinye i-high-speed connections, uhlaziyo lufunyenwe nge-firewall okanye i-firewall yomntu.
3.2 UMgaqo-nkqubo wosetyenziso owamkelekileyo
Umrhwebi kufuneka aphuhlise imigaqo-nkqubo yokusetyenziswa kweetekhnoloji ezibalulekileyo ezijongene nabasebenzi, njengemodem kunye nezixhobo ezingenazingcingo. Le migaqo-nkqubo yosetyenziso kufuneka ibandakanye:
- Imvume yolawulo ecacileyo yokusetyenziswa.
- Ukuqinisekiswa kokusetyenziswa.
- Uluhlu lwazo zonke izixhobo kunye nabasebenzi abanofikelelo.
- Ukuleyibhelishwa kwezixhobo kunye nomnini.
- Ulwazi loqhagamshelwano kunye nenjongo.
- Ukusetyenziswa okwamkelekileyo kobuchwephesha.
- Iindawo zothungelwano ezamkelekileyo zetekhnoloji.
- Uluhlu lweemveliso ezivunyiweyo zenkampani.
- Ukuvumela ukusetyenziswa kweemodem kubathengisi kuphela xa zifuneka kwaye zivaliwe emva kokusetyenziswa.
- Ukuthintelwa kokugcinwa kwedatha yomnini wekhadi kwimidiya yasekhaya xa uqhagamshelwe ukude.
3.3 IFirewall yakho
Naluphi na uqhagamshelo "oluhlala luvuliwe" olusuka kwikhompyuter ukuya kwi-VPN okanye olunye uqhagamshelo olunesantya esiphezulu kufuneka lukhuselwe ngokusebenzisa imveliso ye-firewall. I-firewall iqulunqwe ngumbutho ukuze ihlangabezane nemigangatho ethile kwaye ayinakuguqulwa ngumqeshwa.
3.4 IiNkqubo zoHlaziyo lweRemote
Kukho iindlela ezimbini zokuqalisa i-terminal ukuba iqhagamshelane neziko lesoftware yeNets ukuze kuhlaziywe:
- Ngokuzenzekelayo usebenzisa inketho yemenyu kwi-terminal (swayipha ikhadi lomthengisi, khetha imenyu 8 "ISoftware", 1 "Landa isoftwe"), okanye umamkeli uqalisiwe.
- Ukusebenzisa indlela eqalwe ngumamkeli; i-terminal ifumana ngokuzenzekelayo umyalelo ovela kwi-Host emva kokuba yenze intengiselwano yezemali. Umyalelo uxelela i-terminal ukuba iqhagamshelane neziko lesoftware yeNets ukujonga uhlaziyo.
Emva kohlaziyo oluyimpumelelo lwesoftware, i-terminal eneprinta eyakhelwe-ngaphakathi iya kuprinta irisithi enolwazi kuguqulelo olutsha.
Abadibanisi betheminali, amahlakani kunye/okanye neqela lenkxaso yobugcisa be-Net liya kuba noxanduva lokwazisa abarhwebi ngohlaziyo, kubandakanywa ikhonkco kwisikhokelo sokuphunyezwa esihlaziyiweyo kunye namanqaku okukhululwa.
Ukongeza kwirisithi emva kohlaziyo lwesoftware, isicelo sentlawulo yeViking sinokuqinisekiswa kwakhona ngeTeminali yoLwazi ngokucofa iqhosha elithi ‘F3’ kwi-terminal.
Ukucinywa ngokukhuselekileyo kweeNkcukacha eziBalulekileyo kunye noKhuseleko lweDatha yoMnini weKhadi eGcinayo
4.1 Ukusetyenziswa koMrhwebi
Isicelo sentlawulo yeViking ayigcini nayiphi na idatha yomgca wemagnethi, amaxabiso okuqinisekisa amakhadi okanye iikhowudi, iiPIN okanye iPIN yebhlokhi yedatha, imathiriyeli engundoqo ye-cryptographic, okanye i-cryptograms kwiinguqulelo zayo zangaphambili.
Ukuthobela i-PCI, umrhwebi kufuneka abe nomgaqo-nkqubo wokugcinwa kwedatha ochaza ukuba idatha yomnini-khadi iya kugcinwa ixesha elingakanani. Isicelo sentlawulo yeViking sigcina idatha yomnini wekhadi kunye/okanye idatha yoqinisekiso olubuthathaka lwentengiselwano yokugqibela kakhulu kwaye kwimeko ukuba kukho intengiselwano yogunyaziso engaxhunyiwe kwi-intanethi okanye erhoxisiweyo ngelixa ibambelela kwi-PCI-Secure Software Standard ukuthotyelwa ngaxeshanye, kungoko inokukhululwa Umgaqo-nkqubo wokugcinwa kwedatha yomnini wekhadi lomrhwebi.
4.2 Khusela iMiyalelo yokuCima
I-terminal ayigcini idatha yoqinisekiso olubuthathaka; ingoma2 epheleleyo, iCVC, iCVV okanye iPIN, hayi ngaphambi nasemva kogunyaziso; ngaphandle kweetransekshini zoGunyaziso oluMiselweyo apho imeko entsonkothileyo yedatha yoqinisekiso (idatha yengoma2 epheleleyo) igcinwa de ugunyaziso lwenziwe. Ugunyaziso lweposi idatha isusiwe ngokukhuselekileyo.
Nawuphi na umzekelo wedatha yembali ethintelweyo ekhoyo kwi-terminal iya kucinywa ngokuzenzekelayo ngokukhuselekileyo xa i-terminal Viking yesicelo sentlawulo iphuculwa. Ukucinywa kwedatha yembali ethintelweyo kunye nedatha edlulileyo umgaqo-nkqubo wokugcinwa kuya kwenzeka ngokuzenzekelayo.
4.3 IiNdawo zeeNkcukacha zoMninikhadi oGcinayo
Idatha yomnini wekhadi igcinwe kwiFlash DFS (Data File System) yetheminali. Idatha ayifikeleleki ngokuthe ngqo ngumrhwebi.
| IVenkile yeDatha (file, itafile, njl.) | INkcazo yoMnini-Khadi egciniweyo (I-PAN, ukuphela kwexesha, naziphi na izinto ze-SAD) |
Indlela yokugcina idatha ikhuselwe (umzekeloample, uguqulelo oluntsonkothileyo, ulawulo lofikelelo, ucutho, njalo njalo) |
| File: ukreqo | I-PAN, Umhla wokuphelelwa, iKhowudi yeNkonzo | I-PAN: I-Encrypted 3DES-DUKPT (112 bits) |
| File: storefwd.rsd | I-PAN, Umhla wokuphelelwa, iKhowudi yeNkonzo | I-PAN: I-Encrypted 3DES-DUKPT (112 bits) |
| File: transoff.rsd | I-PAN, Umhla wokuphelelwa, iKhowudi yeNkonzo | I-PAN: I-Encrypted 3DES-DUKPT (112 bits) |
| File: transorr.rsd | I-PAN ecinyiweyo | Inqunyulwe (Eyokuqala 6, Eyokugqibela yesi-4) |
| File: offlrep.dat | I-PAN ecinyiweyo | Inqunyulwe (Eyokuqala 6, Eyokugqibela yesi-4) |
| File: defauth.rsd | I-PAN, Umhla wokuphelelwa, iKhowudi yeNkonzo | I-PAN: I-Encrypted 3DES-DUKPT (112 bits) |
| File: defauth.rsd | Idatha epheleleyo ye-track2 | Idatha ye-Track2 epheleleyo: I-Encrypted ngaphambili 3DES-DUKPT (112 bits) |
4.4 Intengiselwano yoGunyaziso oluMiselweyo
Ugunyaziso olumisiweyo lwenzeka xa umrhwebi engakwazi ukugqiba isigunyaziso ngexesha lentengiselwano nomnini wekhadi ngenxa yoqhagamshelwano, imiba yeenkqubo, okanye ezinye izithintelo, aze emva koko agqibezele ugunyaziso xa ekwazi ukwenza njalo.
Oko kuthetha ukuba ugunyaziso olurhoxisiweyo lwenzeka xa ugunyaziso lwe-intanethi lwenziwa emva kokuba ikhadi lingasafumaneki. Njengoko ugunyaziso lwe-intanethi lwentengiselwano yogunyaziso olumisiweyo ilibazisekile, intengiselwano iya kugcinwa kwitheminali de intengiselwano igunyaziswe ngempumelelo kamva xa inethwekhi ikhona. Iintengiselwano zigcinwa kwaye zithunyelwe kamva kumsingathi, njengokuba iintengiselwano zeOffline zigcinwa njani namhlanje kwisicelo sentlawulo yeViking.
Umrhwebi unokuqalisa intengiselwano 'njengoGunyaziso oluMiselweyo' kwiRejista yeMali ye-Electronic (ECR) okanye ngemenyu ye-terminal.
Iitransekshini zoGunyaziso oluMiselweyo zinokufakwa kwi-Nets host ngumrhwebi usebenzisa iinketho ezingezantsi:
- I-ECR - Umyalelo wolawulo-Thumela ngaphandle kweintanethi (0x3138)
- Itheminali - uMrhwebi -> 2 EOT -> 2 ithunyelwe kumamkeli
4.5 IiNkqubo zokuJonga ingxaki
Inkxaso ye-Net ayisayi kucela ungqinisiso olubuthathaka okanye idatha yomnini-khadi ngeenjongo zokusombulula ingxaki. Isicelo sentlawulo yeViking asikwazi ukuqokelela okanye ukulungisa ingxaki yedatha ebuthathaka kuyo nayiphi na imeko.
4.6 Iindawo zePAN – Zibonisiwe okanye Zishicilelwe
I-PAN eMaski:
- Iirisithi zeNtengiselwano yeMali:
I-Masked PAN isoloko ishicilelwe kwirisithi yentengiselwano kubo bobabini umnikazi wekhadi kunye nomrhwebi. I-PAN egqunyiweyo kwiimeko ezininzi ikunye * apho amanani ama-6 okuqala kunye namanani ama-4 okugqibela abhalwe ngokucacileyo. - Ingxelo yoludwe lwentengiselwano:
Ingxelo yoluhlu lwentengiselwano ibonisa ukuthengiselana okwenziwe ngeseshoni. Iinkcukacha zentengiselwano ziquka i-Masked PAN, igama elikhupha ikhadi kunye nesixa sentengiselwano. - Irisithi yokugqibela yomthengi:
Ikopi yerisithi yokugqibela yomthengi inokuveliswa kwi-terminal ikopi yemenyu. Irisithi yomthengi iqulethe iPAN egqunyiweyo njengerisithi yoqobo yomthengi. Umsebenzi onikiweyo usetyenziswa kwimeko ukuba i-terminal iyasilela ukuvelisa umthengi
irisithi ngexesha lokuthengiselana nangasiphi na isizathu.
I-PAN Efihliweyo:
• Irisithi yentengiselwano ngaphandle kweintanethi:
Inguqulelo yerisithi yomthengisi yentengiselwano engaxhunyiwe kwi-intanethi ibandakanya i-Triple DES 112-bit DUKPT idatha efihliweyo yomnini wekhadi (i-PAN, Umhla wokuphelelwa kunye nekhowudi yeNkonzo).
BAX: 71448400-714484
12/08/2022 10:39
Visa
Ngaphandle koqhagamshelwano
************ 3439-0
107A47458AE773F3A84DF977
553E3D93FFFF9876543210E0
15F3
INCEDA: A0000000031010
I-TVR: 0000000000
I-ID yogcino: 123461
Ingxelo: 000004 000000 KC3
Impendulo: Y1
Iseshoni: 782
UKUTHENGA
I-NOK 12,00
IVUNYIWE
IKOPI YOMTHENGI
Isiqinisekiso:
Isicelo sentlawulo yeViking sihlala sifihla idatha yomnini wekhadi ngokungagqibekanga kugcino lwentengiselwano engaxhunyiwe kwi-intanethi, ukudluliselwa ngakumamkeli we-NETS kunye nokuprinta idatha yekhadi elifihliweyo kwirisithi yomthengisi ukwenzela ukuthengiselana ngaphandle kweintanethi.
Kwakhona, ukubonisa okanye ukuprinta ikhadi PAN, isicelo sentlawulo yeViking sihlala sifihla amadijithi e-PAN ngeenkwenkwezi '*' kunye ne-First 6 + i-4 yedijithi ecacileyo njengento engagqibekanga. Inombolo yekhadi yokuprinta ifomathi ilawulwa yinkqubo yokulawula i-terminal apho ifomathi yokuprinta ingatshintshwa ngokucela ngetshaneli efanelekileyo kwaye ngokubonisa imfuno esemthethweni yeshishini, nangona kunjalo kwisicelo sentlawulo yeViking, akukho nanye imeko enjalo.
Example yePAN egqunyiweyo:
I-PAN: 957852181428133823-2
Ubuncinci bolwazi: **************3823-2
Ubuninzi bolwazi: 957852******** 3823-2
4.7 Khawuleza files
Isicelo sentlawulo yeViking ayiboneleli nayiphi na i-prompt eyahlukileyo files.
izicelo intlawulo yentlawulo Viking amagalelo umnini ikhadi ngokusebenzisa umboniso eziyinxalenye yenkqubo yemiyalezo ngaphakathi isicelo Viking esayiniweyo intlawulo.
Umboniso we-PIN, isixa-mali, njl. Amagalelo afunyenwe kumnini-khadi akagcinwa.
4.8 Ulawulo oluphambili
Kuluhlu lweTetra yeemodeli zetheminali, yonke imisebenzi yokhuseleko yenziwa kwindawo ekhuselekileyo yesixhobo se-PTS esikhuselweyo kwisicelo sentlawulo.
Uguqulelo oluntsonkothileyo lwenziwa ngaphakathi kwendawo ekhuselekileyo ngelixa uguqulelo oluntsonkothileyo lwedatha efihliweyo lunokwenziwa kuphela ziinkqubo zoMamkeli weNets. Lonke utshintshiselwano olungundoqo phakathi kwe-Nets host, iSitshixo/Isixhobo sokuTofa (kwitheminali zeTetra) kunye nePED zenziwa ngendlela entsonkothileyo.
Iinkqubo zoLawulo oluPhambili ziphunyezwa yi-Nets ngokweskimu se-DUKPT usebenzisa i-3DES encryption.
Zonke izitshixo kunye namacandelo aphambili asetyenziswa ziitheminali zeNets zenziwa kusetyenziswa iinkqubo ezivunyiweyo ezivunyiweyo okanye ezingeyonyani. Izitshixo kunye nezinto eziphambili ezisetyenziswa ziitheminali zeNets zenziwe yiNets key management system, esebenzisa iiyunithi ezivunyiweyo ze-Thales Pay zekhaka le-HSM ukwenza izitshixo ze-cryptographic.
Ulawulo oluphambili luxhomekeke ekusebenzeni kwentlawulo. Ukulayisha isicelo esitsha ke ngoko akufuni tshintsho kusetyenziso oluphambili. Indawo engundoqo yetheminali iya kuxhasa malunga neentengiselwano ze-2,097,152.
Xa indawo yesitshixo iphelile, i-terminal yeViking iyayeka ukusebenza kwaye ibonise umyalezo wemposiso, emva koko i-terminal kufuneka itshintshwe.
4.9 '24 HR' Qalisa kwakhona
Zonke iitheminali zeViking PCI-PTS 4.x nangaphezulu kwaye kungoko kulandela imfuneko yokuthotyelwa ukuba i-terminal PCI-PTS 4.x iya kuphinda iqalise ubuncinane kanye kwiiyure ezingama-24 ukusula i-RAM kwaye ikhuseleke ngakumbi i-terminal HW ekubeni isetyenziswe ukubamba intlawulo. idatha yekhadi.
Olunye uncedo lwe-‘24hr’ yomjikelo wokuqalisa kwakhona kukuba ukuvuza kwenkumbulo kuya kuthomalaliswa kwaye kube nempembelelo encinane kumthengisi (hayi ukuba kufuneka samkele imiba yokuvuza kwenkumbulo.
Umrhwebi unokuseta ixesha lokuqalisa kwakhona ukusuka kwinketho yeMenu yesiphelo ukuya 'kwiXesha lokuQalisa'. Ixesha lokuqalisa ngokutsha lisekwe ngokusekelwe kwiwotshi ye-'24hr' kwaye iya kuthatha ifomathi HH: MM.
Indlela yokuSeta ngokutsha iyilelwe ukuqinisekisa ukusetwa ngokutsha kwetheminali kanye ngexesha elinye kwiiyure ezingama-24. Ukuzalisekisa le mfuno isithuba sexesha, esibizwa ngokuba “likhefu lokusetha ngokutsha” elimelwe yiTemin kunye ne-Tmax lichaziwe. Eli xesha limele ikhefu lexesha apho ukusetha kwakhona kuvunyelwe. Ngokuxhomekeke kwimeko yeshishini, "ikhefu lokusetha kwakhona" lilungiselelwe ngexesha lesigaba sofakelo lwe-terminal. Ngoyilo, eli xesha alikwazi ukuba lifutshane kunemizuzu engama-30. Ngeli xesha, ukuseta kwakhona kwenzeka yonke imihla kwimizuzu emi-5 ngaphambili (kwi-T3) njengoko kucaciswa ngumzobo ongezantsi:
4.10 Uluhlu lwabamhlophe
Uluhlu olumhlophe yinkqubo yokumisela ukuba ii-PAN ezidweliswe njengoluhlu olumhlophe zivumelekile ukuba ziboniswe kumbhalo ocacileyo. IViking isebenzisa imimandla emi-3 ukumisela iiPAN ezimhlophe ezifundwa kuqwalaselo olukhutshelweyo kwinkqubo yolawulo lwesiphelo.
Xa ‘iflegi yokuThobela’ kwi-Nets host isetelwe ku-Y, ulwazi olusuka kwi-Nets Host okanye inkqubo yolawulo lweSithina lukhutshelwa kwitheminali, xa i-terminal iqalisa. Le flegi yokuThobela isetyenziselwa ukumisela iiPAN ezimhlophe ezifundwa kwidathasethi.
Iflegi ye-‘Track2ECR’ imisela ukuba idatha ye-Track2 ivumelekile ukuba iphathwe (ithunyelwe/yamkelwe) yi-ECR kumkhuphi othile. Ngokuxhomekeke kwixabiso lale flegi, kuchongwa ukuba idatha ye-track2 kufuneka iboniswe kwimowudi yendawo kwi-ECR.
‘Indawo yokufomatha yoshicilelo’ imisela indlela iPAN eza kuboniswa ngayo. Amakhadi akwi-PCI scope onke aya kuba nefomathi yoshicilelo emiselwe ukubonisa iPAN kwifom enqunquliweyo/esigqunyiweyo.
Uqinisekiso kunye noLawulo lokuFikelela
5.1 uLawulo lokuFikelela
Isicelo sentlawulo yeViking ayinayo i-akhawunti yomsebenzisi okanye iiphasiwedi ezihambelanayo ngoko ke, isicelo sentlawulo yeViking sixolelwe kule mfuneko.
- Umiselo oludityanisiweyo lwe-ECR:
Akukwazeki ukufikelela kwiintlobo zentengiselwano ezifana neMbuyiselo, iDiphozithi kunye noBuyiselo ukusuka kwi-terminal menu ukwenza le misebenzi ikhuseleke ekubeni ingasetyenziswa kakubi. Ezi ntlobo zentengiselwano apho ukuhamba kwemali kwenzeka kwi-akhawunti yomthengisi ukuya kwi-akhawunti yomnini wekhadi. Kuluxanduva lomrhwebi ukuqinisekisa ukuba i-ECR isetyenziswa kuphela ngabasebenzisi abagunyazisiweyo. - Ukusekwa okuzimeleyo:
Ulawulo lofikelelo lwekhadi lomrhwebi alugqibekanga luvulelwe ukufikelela kwiintlobo zentengiselwano ezifana neMbuyiselo, iDiphozithi kunye noBuyiselo kwimenyu yetheminali ukwenza le misebenzi ikhuseleke ekubeni ingasetyenziswa kakubi.
I-terminal yeViking iqwalaselwe ngokungagqibekanga ukukhusela iinketho zemenyu, ukuthintela ukufikelela okungagunyaziswanga. Iiparamitha zokuqwalasela ukhuseleko lwemenyu ziwela phantsi kweMenu yoMrhwebi (iyafikeleleka ngekhadi lomrhwebi) -> Iiparamitha -> Ukhuseleko
Khusela imenyu - Cwangcisa ukuba 'Ewe' ngokuzenzekelayo.
Iqhosha lemenyu kwi-terminal likhuselwe usebenzisa i-Khusela uqwalaselo lwemenyu. Imenyu inokufikelelwa kuphela nguMrhwebi usebenzisa ikhadi lomrhwebi. 
Khusela ukuguqulwa - Cwangcisa ukuba 'Ewe' ngokuzenzekelayo.
Ukuguqulwa kwentengiselwano kunokwenziwa kuphela ngumrhwebi esebenzisa ikhadi lomrhwebi ukufikelela kwimenyu yokubuyisela umva. 
Khusela uxolelwaniso – Cwangcisa ukuba 'Ewe' ngokuzenzekelayo
Inketho yoXolelwaniso inokufikelelwa kuphela ngumrhwebi onekhadi lomthengisi xa olu khuseleko lusekwe kwinyani. 
Khusela Indlela emfutshane -Seta ku-'Ewe' ngokuzenzekelayo
Indlela emfutshane yemenyu enokhetho lwe viewing Ulwazi lwetheminali kunye nokhetho lokuhlaziya iiparamitha zeBluetooth ziya kufumaneka kumrhwebi kuphela xa ikhadi lomrhwebi liswayipha.
5.2 Ulawulo Lwegama Lokugqithisa
Isicelo sentlawulo yeViking ayinayo iakhawunti yomsebenzisi okanye amagama ayimfihlo ahambelanayo; ngoko ke, isicelo Viking ukhululiwe kule mfuneko.
Ukugawulwa kwemithi
6.1 Ukusetyenziswa koMrhwebi
Okwangoku, kwisicelo sentlawulo yeNets Viking, akukho msebenzisi wokugqibela, useto lwelog yePCI enokuqwalaselwe.
6.2 Qwalasela iSetingi zeLog
Isicelo sentlawulo yeViking ayinayo iakhawunti yomsebenzisi, ngoko ke ukugawulwa kwe-PCI okuthobelayo akusebenzi. Nakwelona xabiso lentengiselwano lokugawulwa kwentlawulo yeViking ayilogi nayiphi na idatha yoqinisekiso olubuthathaka okanye idatha yomnini wekhadi.
6.3 UkuLonwa kweMithi ephakathi
Itheminali inomatshini welogi yegeneric. Indlela yokusebenza ikwabandakanya ukugawulwa kwemveliso kunye nokucinywa kwe-S/W ephunyeziweyo.
Imisebenzi yokukhuphela ye-S/W ifakiwe kwaye inokudluliselwa kuMamkeli ngesandla ngokukhetha imenyu kwi-terminal okanye ngokucelwa ngumamkeli ophawulwe kwitrafikhi yetransekshini eqhelekileyo. Ukuba ukhuphelo lokhuphelo lwe-S/W aluphumeleli ngenxa yotyikityo olungasebenziyo lwedijithali kwifunyenweyo files, isiganeko sifakwe kwaye sidluliselwe kwi-Host ngokuzenzekelayo kwaye ngokukhawuleza.
6.3.1 Yenza umkhondo ulandelele UkuLog kwitheminali
Ukuvumela ukuloga kokulandelela:
- Swayipha ikhadi loMrhwebi.
- Emva koko kwimenyu khetha "9 System menu".
- Emva koko uye kwimenyu "2 System Log".
- Chwetheza ikhowudi yegcisa, onokuyifumana ngokufowunela inkxaso yeNkonzo yoMthengi weNets.
- Khetha "8 Iiparamitha".
- Emva koko uvule "UkuLogging" ku "Ewe".
6.3.2 Thumela iilog zomkhondo kumamkeli
Ukuthumela iilog zomkhondo:
- Cofa iqhosha leMenu kwitheminali uze Swayipha ikhadi loMrhwebi.
- Emva koko kwimenyu ephambili khetha u-"7 Operator menu".
- Emva koko ukhethe u- "5 Thumela iilog zomkhondo" ukuthumela iilog zomkhondo kumamkeli.
6.3.3 Ukugawulwa komkhondo ngomkhondo
Iparamitha isetiwe kwi-Nets Host (PSP) eya kwenza/ikhubaze umsebenzi wokugawulwa kwe-terminal ukude. I-Nets Host izakuthumela i-Trace yenza/ikhubaze ukuloga iparameter kwi-terminal kwi-Data emiselwe kunye nexesha elicwangcisiweyo xa i-terminal izakufaka iilog zeTrace. Xa i-terminal ifumana iTrace parameter njengoko yenziwe, iyakuqala ukuthatha iilog zeTrace kwaye ngexesha elicwangcisiweyo iya kulayisha zonke iilog zomkhondo kwaye ivale umsebenzi wokuloga emva koko.
6.3.4 Ukuloga ngeempazamo kwiremote
Iilogi zempazamo zihlala zisebenza kwi-terminal. Njengokulandelela ukugawulwa kwemithi, iparameter isetiwe kwi-Nets Host eya kwenza/ikhubaze ukusebenza kwempazamo yokungena kwi-terminal ukude. I-Nets Host izakuthumela ukuTrace ukwenza/ukuvala iparameter yokuloga kwi-terminal kwi-Data ebekiweyo kunye nexesha elicwangcisiweyo xa i-terminal izakufaka ii-Error logs. Xa i-terminal ifumana iParameter yokuloga ngemposiso njengoko yenziwe, iya kuqalisa ukuthatha iilogi zempazamo kwaye ngexesha elicwangcisiweyo iya kulayisha zonke iilogi zempazamo kwaye ivale umsebenzi wokuloga emva koko.
Iinethiwekhi ezingenazingcingo
7.1 Ukusetyenziswa koMrhwebi
I-terminal yentlawulo yeViking - MOVE 3500 kunye ne-Link2500 inamandla okudibanisa nenethiwekhi ye-Wi-Fi. Ke ngoko, ukuze iWireless iphunyezwe ngokukhuselekileyo, kufuneka kuthathelwe ingqalelo xa kufakwa kwaye kuqwalaselwe inethiwekhi engenazingcingo njengoko kuchaziwe ngezantsi.
7.2 Ulungelelwaniso oluCetyisiweyo olungenazingcingo
Kukho izinto ezininzi zokuqwalaselwa kunye namanyathelo okufuneka uwathathe xa uqwalasela iinethiwekhi ezingenazintambo eziqhagamshelwe kwinethiwekhi yangaphakathi.
Ubuncinci, oluseto lulandelayo kunye nolungelelwaniso kufuneka lube kwindawo:
- Zonke iinethiwekhi ezingenazingcingo kufuneka zihlulwe kusetyenziswa i-firewall; ukuba uqhagamshelo phakathi kwenethiwekhi engenazingcingo kunye nendawo yedatha yomnini-khadi iyafuneka ukufikelela kufuneka kulawulwe kwaye kukhuselwe ngomlilo.
- Guqula i-SSID engagqibekanga kwaye uvale usasazo lwe-SSID
- Guqula amagama agqithisiweyo angagqibekanga kuqhagamshelo lwamacingo kunye neendawo zofikelelo ezingenazingcingo, oku kubandakanya ufikelelo lweconsole kunye neentambo zoluntu zeSNMP
- Guqula naziphi na ezinye izinto ezingagqibekanga zokhuseleko ezinikiweyo okanye ezisetwe ngumthengisi
- Qinisekisa ukuba iindawo zofikelelo ezingenazingcingo zihlaziywa kwi-firmware yamva nje
- Sebenzisa kuphela i-WPA okanye i-WPA2 enezitshixo ezomeleleyo, i-WEP ayivumelekanga kwaye mayingaze isetyenziswe
- Guqula izitshixo zeWPA/WPA2 kufakelo ngokunjalo rhoqo kwaye nanini na umntu onolwazi ngezitshixo eshiya inkampani.
Ukwahlulahlula kwenethiwekhi
8.1 Ukusetyenziswa koMrhwebi
Isicelo sentlawulo yeViking ayisosicelo sentlawulo esekwe kwiseva kwaye sihlala kwi-terminal. Ngesi sizathu, isicelo sentlawulo asifuni naluphi na uhlengahlengiso ukuhlangabezana nale mfuno.
Kulwazi oluqhelekileyo lomrhwebi, idatha yekhadi letyala ayinakugcinwa kwiisistim eziqhagamshelwe ngqo kwi-Intanethi. Umzekeloample, web abancedisi kunye neeseva zedatabase akufuneki zifakwe kwiseva enye. Indawo engasetyenzwanga (demilitarized zone) (DMZ) kufuneka isekwe ukwahlula inethiwekhi ukuze kufikeleleke oomatshini kuphela kwi-DMZ kwi-Intanethi.
Ukufikelela kude
9.1 Ukusetyenziswa koMrhwebi
Isicelo sentlawulo yeViking ayinakufumaneka ukude. Inkxaso ekude iyenzeka kuphela phakathi kwabasebenzi benkxaso ye-Nets kunye nomrhwebi ngefowuni okanye nge-Nets ngqo kwindawo yomrhwebi.
Ugqithiso lwedatha ebuthathaka
10.1 Ukuhanjiswa kwedatha ebuthathaka
Isicelo sentlawulo yeViking sikhusela idatha ebuthathaka kunye / okanye idatha yomnini wekhadi ekuhambeni ngokusebenzisa ufihlo lwenqanaba lomyalezo usebenzisa i-3DES-DUKPT (amasuntswana angama-112) kulo lonke ugqithiso (kubandakanywa neenethiwekhi zoluntu). IiProtocol zoKhuseleko zonxibelelwano lwe-IP ukusuka kwisicelo seViking ukuya kuMamkeli akufuneki ekubeni uguqulelo oluntsonkothileyo lwenqanaba lomyalezo luphunyezwe kusetyenziswa 3DES-DUKPT (112-bits) njengoko kuchaziwe ngasentla. Esi sikimu sofihlo siqinisekisa ukuba nangona iintengiselwano zithintelwe, azinakuguqulwa okanye ziphazamiseke nangayiphi na indlela ukuba i-3DES-DUKPT (i-112-bits) ihlala ithathwa njenge-encryption eyomeleleyo. Ngokwenkqubo ye-DUKPT yolawulo oluphambili, iqhosha le-3DES elisetyenzisiweyo lilodwa kwintengiselwano nganye.
10.2 Ukwabelana ngedatha eSensitive kwenye isoftware
Isicelo sentlawulo yeViking ayiboneleli naluphi na ujongano olunengqiqo (s)/APIs ukwenza ukwabelana ngedatha ye-akhawunti ecacileyo ngqo kunye nezinye isoftware. Akukho datha ebuthathaka okanye i-akhawunti yedatha ecacileyo ekwabelwana ngayo nenye isoftware ngee-APIs eziveziweyo.
10.3 I-imeyile kunye nedatha ebuthathaka
Isicelo sentlawulo yeViking asikuxhasi ukuthunyelwa kwe-imeyile.
10.4 UFikelelo kuLawulo olungelulo lwekhonsoli
IViking ayikuxhasi ukufikelela kulawulo lwe-non-Console.
Nangona kunjalo, ngolwazi oluqhelekileyo lomrhwebi, ukufikelela kulawulo lwe-non-Console kufuneka kusebenzise nokuba yi-SSH, i-VPN, okanye i-TLS yokubethela yonke i-non-console yolawulo lokufikelela kwiiseva kwindawo yedatha yekhadi. ITelnet okanye ezinye iindlela zofikelelo ezingaguqulelwanga mazisetyenziswe.
iViking Versioning Methodology
I-Nets versioning methodology ibandakanya inombolo yenguqulelo ye-S/W enamalungu amathathu: a.bb.c
apho 'a' iya kunyuswa xa utshintsho olunempembelelo ephezulu lusenziwa ngokwe-PCI-Secure Software Standard.
a – inguqulelo enkulu (umvo omnye)
'bb' iya kunyuswa xa utshintsho olucwangcisiweyo lwefuthe eliphantsi lwenziwa ngokwePCI-Secure Software Standard.
bb - inguqulelo encinci (ama-2 amanani)
'c' iya kunyuswa xa utshintsho lwephetshi enefuthe eliphantsi lwenziwa ngokwePCI-Secure Software Standard.
c – inguqulelo encinci (umvo omnye)
Isicelo sentlawulo yeViking inombolo yenguqulo ye-S/W iboniswe ngolu hlobo kwitheminali xa i-terminal inikwe amandla: 'abbc'
- Uhlaziyo olusuka umz., 1.00.0 ukuya kwi-2.00.0 luhlaziyo olubalulekileyo olusebenzayo. Isenokubandakanya utshintsho olunempembelelo kukhuseleko okanye iimfuno eziKhuselekileyo zeSoftware yePCI.
- Uhlaziyo olusuka umz., 1.00.0 ukuya ku-1.01.0 luhlaziyo olungabalulekanga olusebenzayo. Isenokungabandakanyi utshintsho olunempembelelo kukhuseleko okanye iimfuno eziKhuselekileyo zeSoftware yePCI.
- Uhlaziyo olusuka umz., 1.00.0 ukuya ku-1.00.1 luhlaziyo olungabalulekanga olusebenzayo. Isenokungabandakanyi utshintsho olunempembelelo kukhuseleko okanye iimfuno eziKhuselekileyo zeSoftware yePCI.
Lonke utshintsho lumelwe ngokulandelelana kwamanani.
Imiyalelo malunga noFakelo oluKhuselekileyo lweePatches kunye noHlaziyo.
INets zizisa ngokukhuselekileyo uhlaziyo lwezicelo zentlawulo ezikude. Olu hlaziyo lwenzeka kwijelo lonxibelelwano elifanayo njengentengiselwano yentlawulo ekhuselekileyo, kwaye umrhwebi akadingeki ukuba enze naluphi na utshintsho kule ndlela yonxibelelwano yokuthotyelwa.
Xa kukho isiqwenga, i-Nets iya kuhlaziya inguqulelo yepetshi kwi-Nets Host. Umrhwebi angafumana iipetshi ngesicelo sokukhuphela se-S/W esizenzekelayo, okanye umrhwebi unokuqalisa ukukhuphela isoftware kwimenyu yesiphelo.
Ukufumana ulwazi jikelele, abarhwebi kufuneka baphuhlise umgaqo-nkqubo wokusetyenziswa owamkelekileyo kwiiteknoloji ezijongene nabasebenzi, ngokwezikhokelo ezingezantsi zeVPN okanye ezinye iiqhagamshelo ezinesantya esiphezulu, uhlaziyo lufunyanwa nge-firewall okanye i-firewall yabasebenzi.
Umamkeli weNets uyafumaneka nokuba usebenzisa i-intanethi usebenzisa ufikelelo olukhuselekileyo okanye ngenethiwekhi evaliweyo. Ngothungelwano oluvaliweyo, umboneleli womnatha unoqhagamshelo oluthe ngqo kwindawo esisingqongileyo enikezelwa kumnikezeli wabo womnatha. Iitheminali zilawulwa ngeenkonzo zolawulo lwetheminali yeNets. Inkonzo yolawulo lwetheminali ichaza umzekeloampLe indawo yetheminali yeyayo kunye nomfumani osetyenziswayo. Ulawulo lwetheminali lukwanoxanduva lokuphucula isoftware yetheminali ukude kwinethiwekhi. I-Nets iqinisekisa ukuba isoftware efakwe kwitheminali izigqibile izatifikethi ezifunekayo.
I-Nets icebisa amanqaku okukhangela kubo bonke abathengi bayo ukuqinisekisa iintlawulo ezikhuselekileyo nezikhuselekileyo njengoko zidweliswe ngezantsi:
- Gcina uludwe lwazo zonke iitheminali zokuhlawula ezisebenzayo kwaye uthathe imifanekiso kuwo onke amanqanaba ukuze wazi ukuba zimele zijongeke njani.
- Khangela iimpawu ezicacileyo ze-tampamatywina afana namatywina aqhekekileyo phezu kweepleyiti zokufikelela okanye izikrufu, umnqakathi okanye ikheyibhili eyahlukileyo okanye isixhobo esitsha sehardware ongasiqondiyo.
- Khusela iitheminali zakho ekufikeleleni kubathengi xa zingasetyenziswa. Hlola iitheminali zakho zentlawulo yonke imihla kunye nezinye izixhobo ezinokufunda amakhadi entlawulo.
- Kufuneka ujonge isazisi sabasebenzi bokulungisa ukuba ulindele nakuphi na ukulungiswa kwe-terminal yentlawulo.
- Fowunela iiNethi okanye ibhanki yakho ngoko nangoko ukuba ukrokrela nawuphi na umsebenzi ongabonakaliyo.
- Ukuba uyakholelwa ukuba isixhobo sakho se-POS sisesichengeni sobusela, ngoko ke kukho iikhradle zenkonzo kunye neentambo zokubopha ezikhuselekileyo kunye neetetha ezifumanekayo ukuze uthengelwe urhwebo. Kusenokuba kuhle ukuba kuqwalaselwe ukusetyenziswa kwazo.
Viking Release Updates
Isoftware yeViking ikhutshwa kule mijikelo yokukhululwa ilandelayo (ngokuxhomekeke kutshintsho):
- I-2 enkulu ekhutshwayo ngonyaka
- 2 ezikhutshwayo ezincinci ngonyaka
- Iipetshi zesoftware, njengoko kwaye xa zifunwa, (umzekelo ngenxa yayo nayiphi na ingxaki ebaluleke kakhulu/yokuba sesichengeni). Ukuba ukukhutshwa kuyasebenza ebaleni kwaye eminye imiba (imiba) ebalulekileyo iyaxelwa, ngoko ke isiqwenga sesoftware enokulungiswa kulindeleke ukuba sikhutshwe kwisithuba senyanga enye.
Abarhwebi baya kwaziswa malunga nokukhutshwa (okukhulu / okuncinci / isiqwenga) ngee-imeyile eziza kuthunyelwa ngokuthe ngqo kwiidilesi zabo ze-imeyile. I-imeyile iya kuphinda iqulethe amanqaku aphezulu okukhululwa kunye nokukhupha amanqaku.
Abarhwebi banokufikelela kumanqaku okukhululwa aza kufakwa apha: amanqaku okukhutshwa kwesoftware (nets.eu)
Ukukhutshwa kweSoftware yeViking kusayinwa kusetyenziswa isixhobo sokucula se-Ingenico kwiitheminali zeTetra. Isoftware esayiniweyo kuphela enokufakwa kwitheminali.
Iimfuno ezingasebenziyo
Eli candelo liphethe uluhlu lweemfuno kwi-PCI-Secure Software Standard eye yavavanywa njenge 'Nonaplicable' kwisicelo sentlawulo yeViking kunye nokuthethelela oku.
| PCI Secure Software Standard CO | Umsebenzi | Isizathu sokuba 'Ayisebenzi' |
| 5.3 | Iindlela zokungqinisisa (kuquka nenkcazi yeseshoni) zomelele ngokwaneleyo kwaye zomelele ukukhusela iziqinisekiso zokungqinisisa ukuba zingabunjwa, ziphanjwe, zivuzwe, zithelekelelwe, okanye zijikelezwe. | Isicelo sentlawulo yeViking siqhuba kwi-PCI evunyiweyo isixhobo se-PTS POI. Isicelo sentlawulo yeViking ayinikezeli lwasekhaya, olungeyo-console okanye ukufikelela kude, okanye kwinqanaba lamalungelo, ngenxa yoko akukho ziqinisekiso zokuqinisekisa kwisixhobo se-PTS POI. Usetyenziso lwentlawulo yeViking aluboneleli ngoseto lokulawula okanye lokuvelisa ii-ID zabasebenzisi kwaye aluboneleli ngayo nayiphi na indawo, engeyiyo i-console okanye ufikelelo olukude kwii-asethi ezibalulekileyo (kwanangeenjongo zokulungisa ingxaki). |
| 5.4 | Ngokungagqibekanga, lonke ufikelelo kwii-asethi ezibalulekileyo luthintelwe kuphela kwezo akhawunti kunye neenkonzo ezifuna ukufikelela okunjalo. | Isicelo sentlawulo yeViking siqhuba kwi-PCI evunyiweyo isixhobo se-PTS POI. isicelo intlawulo Viking ayiboneleli useto ukulawula okanye ukuvelisa akhawunti okanye iinkonzo. |
| 7.3 | Onke amanani angenamkhethe asetyenziswa yi-software aveliswa kusetyenziswa kuphela ii-algorithms okanye amathala eencwadi avunyiweyo avunyiweyo. I-algorithms evunyiweyo ye-RNG okanye amathala eencwadi zezo zidibana nemigangatho yoshishino ngokwaneleyo ukungaqinisekisi (umzekelo, i-NIST Special Publication 800-22). |
Isicelo sentlawulo yeViking ayisebenzisi nayiphi na i-RNG (i-random number generator) kwimisebenzi yayo yoguqulelo oluntsonkothileyo. Isicelo sentlawulo yeViking asivelisi okanye sisebenzise naziphi na iinombolo ezingalindelekanga kwimisebenzi ye-cryptographic. |
| 7.4 | Amaxabiso angaqhelekanga ane-entropy ehlangabezana neyona mfuno isezantsi yamandla e-cryptographic primitives kunye nezitshixo ezixhomekeke kuzo. | Isicelo sentlawulo yeViking ayisebenzisi nayiphi na i-RNG (i-random number generator) kwimisebenzi yayo yoguqulelo oluntsonkothileyo. Isicelo sentlawulo yeViking asivelisi okanye sisebenzise naziphi na iinombolo ezingalindelekanga kwimisebenzi ye-cryptographic. |
| 8.1 | Zonke iinzame zokufikelela kunye nokusetyenziswa kwe-asethi ebalulekileyo iyalandelelwa kwaye ilandelelwe kumntu oyedwa. | Isicelo sentlawulo yeViking iqhuba kwi-PCI evunyiweyo izixhobo ze-POI, apho zonke izinto ezibalulekileyo zokuphatha asethi zenzeka, kwaye i-firmware ye-PTS POI iqinisekisa ubumfihlo kunye nokuthembeka kwedatha ebuthathaka ngelixa igcinwe ngaphakathi kwesixhobo se-PTS POI. Ubumfihlo besicelo sokuhlawula iViking, ukuthembeka kunye nokomelela kukhuselwe kwaye kubonelelwe yi-PTS POI firmware. I-firmware ye-PTS POI ithintela naluphi na ufikelelo kwii-asethi ezibalulekileyo ngaphandle kwe-terminal kwaye ixhomekeke kwi-anti-t.ampiimpawu zering. Isicelo sentlawulo yeViking ayinikezeli indawo, i-non-console okanye i-remote access, okanye inqanaba lamalungelo, ngoko akukho mntu okanye ezinye iinkqubo ezinokufikelela kwii-asethi ezibalulekileyo, kuphela isicelo sentlawulo yeViking ekwazi ukuphatha izinto ezibalulekileyo. |
| 8.2 | Yonke imisebenzi ifakwe kwiinkcukacha ezaneleyo neziyimfuneko ukuchaza ngokuchanekileyo ukuba yeyiphi imisebenzi ethile eyenziwayo, ngubani oyenzile, ixesha eyenziwe ngayo, kwaye zeziphi ii-asethi ezibalulekileyo eziye zachaphazeleka. | Isicelo sentlawulo yeViking siqhuba kwi-PCI evunyiweyo izixhobo ze-PTS POI. Isicelo sentlawulo yeViking ayinikezeli indawo, i-non-console okanye i-remote access, okanye inqanaba lamalungelo, ngaloo ndlela akukho mntu okanye ezinye iinkqubo ezinokufikelela kwii-asethi ezibalulekileyo, kuphela isicelo sentlawulo yeViking ekwaziyo ukusingatha izinto ezibalulekileyo. • Isicelo sentlawulo yeViking asiboneleli ngelungelo leendlela zokusebenza. • Akukho misebenzi yokuvala uguqulelo oluntsonkothileyo lwedatha enovakalelo • Akukho misebenzi yokukhutshelwa kwedatha ebuthathaka • Akukho misebenzi yokuthumela ngaphandle idatha enovakalelo kwezinye iinkqubo okanye iinkqubo • Akukho mpawu zokuqinisekisa ezixhaswayo Ulawulo lokhuseleko kunye nokusebenza kokhuseleko akunakucinywa okanye kucinywe. |
| 8.3 | Isoftware ixhasa ukugcinwa okukhuselekileyo kweenkcukacha umsebenzi iirekhodi. |
Isicelo sentlawulo yeViking siqhuba kwi-PCI evunyiweyo izixhobo ze-PTS POI. Isicelo sentlawulo yeViking ayinikezeli indawo, i-non-console okanye i-remote access, okanye inqanaba lamalungelo, ngaloo ndlela akukho mntu okanye ezinye iinkqubo ezinokufikelela kwii-asethi ezibalulekileyo, kuphela isicelo sentlawulo yeViking ekwaziyo ukusingatha izinto ezibalulekileyo. • Isicelo sentlawulo yeViking asiboneleli ngelungelo leendlela zokusebenza. • Akukho misebenzi yokuvala uguqulelo oluntsonkothileyo lwedatha enovakalelo • Akukho misebenzi yokukhutshelwa kwedatha ebuthathaka • Akukho misebenzi yokuthumela ngaphandle idatha enovakalelo kwezinye iinkqubo okanye iinkqubo • Akukho mpawu zokuqinisekisa ezixhaswayo Ulawulo lokhuseleko kunye nokusebenza kokhuseleko akunakucinywa okanye kucinywe. |
| 8.4 | Isoftware ijongana nokungaphumeleli kwiindlela zokulandela umkhondo ezifana nokuba ukuthembeka kweerekhodi ezikhoyo zigcinwe. | Isicelo sentlawulo yeViking siqhuba kwi-PCI evunyiweyo izixhobo ze-PTS POI. Isicelo sentlawulo yeViking ayinikezeli indawo, i-non-console okanye ukufikelela kude, okanye inqanaba lamalungelo, ngaloo ndlela akukho mntu okanye ezinye iinkqubo ezinokufikelela kwii-asethi ezibalulekileyo, kuphela isicelo seViking esikwaziyo ukusingatha izinto ezibalulekileyo. • Isicelo sentlawulo yeViking asiboneleli ngelungelo leendlela zokusebenza. • Akukho misebenzi yokuvala uguqulelo oluntsonkothileyo lwedatha enovakalelo • Akukho misebenzi yokukhutshelwa kwedatha ebuthathaka | • Akukho misebenzi yokuthumela ngaphandle idatha enovakalelo kwezinye iinkqubo okanye iinkqubo • Akukho mpawu zokuqinisekisa ezixhaswayo • Ulawulo lokhuseleko kunye nokusebenza kokhuseleko akunakucinywa okanye kucinywe. |
| B.1.3 | Umthengisi wesoftware ugcina amaxwebhu echaza zonke iinketho eziqwalaselweyo ezinokuthi ichaphazela ukhuseleko lwedatha ebuthathaka. |
Isicelo sentlawulo yeViking siqhuba kwi-PCI evunyiweyo izixhobo ze-PTS POI. Isicelo sentlawulo yeViking asiboneleli nakuphi na koku kulandelayo kubasebenzisi bokugqibela: • ukhetho olulungisekayo ukufikelela kwidata enovakalelo • ukhetho olulungisekayo ukuguqula iindlela zokukhusela idatha ebuthathaka • ukufikelela kude kwi-aplikeshini • uhlaziyo olukude lwesicelo • ukhetho olunoqwalaselo ukuguqula useto olungagqibekanga lwesicelo |
| B.2.4 | Isoftware isebenzisa kuphela inani elingaqhelekanga umsebenzi wokuvelisa uqukwe kwintlawulo Uvavanyo lwesixhobo se-PTS se-terminal yayo yonke i-cryptographic imisebenzi equka idatha enovakalelo okanye imisebenzi enovakalelo apho amaxabiso angenamkhethe ayafuneka kwaye ayiphumezi eyayo. imisebenzi yokuvelisa amanani ngokungakhethiyo. |
IViking ayisebenzisi nayiphi na i-RNG (i-random number generator) kwimisebenzi yayo yoguqulelo oluntsonkothileyo. Isicelo seViking asivelisi okanye sisebenzise nawaphi na amanani angaqhelekanga kwimisebenzi ye-cryptographic. |
| B.2.9 | Ingqibelelo yokukhawuleza kwesoftware files ikhuselwe ngokungqinelana neNjongo yoLawulo B.2.8. | Zonke iziboniso ezikhawulezayo kwitheminali yeViking zifakwe ngekhowudi kwisicelo kwaye akukho ncedo files zikhona ngaphandle kwesicelo. Akukho kukhawuleza files ngaphandle isicelo intlawulo Viking zikhona, lonke ulwazi oluyimfuneko uveliswa isicelo. |
| B.5.1.5 | Isikhokelo sophumezo siquka imiyalelo yabachaphazelekayo ukuba basayine ngokufihlakeleyo yonke imiyalelo files. | Zonke izibhengezo eziboniswa kwitheminali yeViking zifakwe ngekhowudi kwisicelo kwaye akukho ncedo files zikhona ngaphandle kwesicelo. Akukho kukhawuleza files ngaphandle isicelo intlawulo Viking zikhona, lonke ulwazi oluyimfuneko uveliswa isicelo |
I-PCI ekhuselekileyo yeeMfuno eziMgangatho zeSoftware Reference
| Izahluko kolu xwebhu | PCI IiMfuno eziMgangatho eziKhuselekileyo zeSoftware | Iimfuno zePCI DSS |
| 2. Khusela isicelo seNtlawulo | B.2.1 6.1 12.1 12.1.b |
2.2.3 |
| 3. Khusela uhlaziyo lweSoftware ekude | 11.1 11.2 12.1 |
1&12.3.9 2, 8, & 10 |
| 4. Ukucinywa ngokukhuselekileyo kweeNkcukacha eziBalulekileyo kunye nokuKhuselwa kweDatha yoMnini weKhadi eliGcinayo | 3.2 3.4 3.5 A.2.1 A.2.3 B.1.2a |
3.2 3.2 3.1 3.3 3.4 3.5 3.6 |
| Uqinisekiso kunye noLawulo lokuFikelela | 5.1 5.2 5.3 5.4 |
8.1 & 8.2 8.1 & 8.2 |
| Ukugawulwa kwemithi | 3.6 8.1 8.3 |
10.1 10.5.3 |
| Inethiwekhi engenazingcingo | 4.1 | 1.2.3 & 2.1.1 4.1.1 1.2.3, 2.1.1,4.1.1 |
| Ukwahlulahlula kwenethiwekhi | 4.1c | 1.3.7 |
| Ukufikelela kude | B.1.3 | 8.3 |
| Ugqithiso lweDatha yoMnini-Khadi | A.2.1 A.2.3 |
4.1 4.2 2.3 8.3 |
| iViking Versioning Methodology | 11.2 12.1.b |
|
| Imiyalelo kubathengi malunga nokufakwa okukhuselekileyo kweepatches kunye nohlaziyo. | 11.1 11.2 12.1 |
Uluhlu lwemigaqo
| TERM | INGCACISO |
| Idatha yomphathi wekhadi | Umgca wemagnethi ogcweleyo okanye iPAN kunye nayo nayiphi na kwezi zilandelayo: · Igama lomnini khadi · Umhla WOKUPHELELWA · IKhowudi yeNkonzo |
| UDUKU | I-Derived Key Unique Per Transaction (DUKPT) yinkqubo yolawulo oluphambili apho kuyo yonke intengiselwano, iqhosha elikhethekileyo lisetyenzisiweyo eliphuma kwisitshixo esisisigxina. Ngoko ke, ukuba isitshixo sithotyelwe esichengeni, idatha yentengiselwano yexesha elizayo nedlulileyo zisakhuselwe kuba izitshixo ezilandelayo okanye zangaphambili azinakuqinisekwa ngokulula. |
| 3DES | Kwi-cryptography, Triple DES (3DES okanye TDES), ngokusemthethweni i-Triple Data Encryption Algorithm (TDEA okanye Triple DEA), yi-symmetric-key block cipher, esebenzisa i-DES cipher algorithm kathathu kwibhloko yedatha nganye. |
| Umrhwebi | Umsebenzisi wokugqibela kunye nomthengi wemveliso yeViking. |
| I-SSF | I-PCI Software Security Framework (SSF) yingqokelela yemigangatho neenkqubo zoyilo olukhuselekileyo nophuhliso lwesoftware yentlawulo. Ukhuseleko lwesoftware yentlawulo yinxalenye ebalulekileyo yokuhamba kwentengiselwano yentlawulo kwaye ibalulekile ukuququzelela intengiselwano yentlawulo ethembekileyo nechanekileyo. |
| PA-QSA | Isicelo seNtlawulo AbaVavanyi boKhuseleko abaLungileyo. Inkampani ye-QSA ebonelela ngeenkonzo kubathengisi bezicelo zokuhlawula ukuqinisekisa izicelo zokuhlawula abathengisi. |
| UKUKHAZEKA
(IDatha yoQinisekiso olubuthathaka) |
Ulwazi olunxulumene nokhuseleko (IiKhowudi/IiNqobo zoQinisekiso lweKhadi, iinkcukacha zengoma epheleleyo, ii-PIN, kunye neebhloko ze-PIN) ezisetyenziselwa ukuqinisekisa abanini makhadi, avela ngokubhaliweyo okanye ngenye indlela engakhuselekanga. Ukubhengezwa, ukuguqulwa, okanye ukutshabalalisa le nkcazelo kunokubeka esichengeni ukhuseleko lwesixhobo esifihlakeleyo, inkqubo yolwazi, okanye inkcazelo yomnini-khadi okanye inokusetyenziswa kubuqhophololo. IData yoQinisekiso olubuthathaka mayingaze igcinwe xa intengiselwano igqityiwe. |
| Viking | Iqonga lesoftware elisetyenziswa yiNets kuphuhliso lwesicelo kwimarike yaseYurophu. |
| HSM | Imodyuli yokhuseleko lwe-Hardware |
Ulawulo Loxwebhu
UMbhali woxwebhu, uReviewabavumayo
| Inkcazo | Umsebenzi | Igama |
| PA-QSA | Reviewer | UClaudio Adamic / Flavio Bonfiglio Shorans |
| Uphuhliso | Umbhali | UAruna Waphakuzela |
| Umphathi wokuthobela | Reviewer & umVumeli | Arno Edstrom |
| Umyili weNkqubo | Reviewer & umVumeli | UShamsher Singh |
| QA | Reviewer & umVumeli | Varun Shukla |
| uMnini weMveliso | Reviewer & umVumeli | UCecilia Jensen Tyldum / uArti Kangas |
| Umphathi weMveliso | Reviewer & umVumeli | UMay-Britt Dens wadibana noSanderson |
| UMlawuli wezoBunjineli | Umphathi | Tamely Vallone |
Isishwankathelo soTshintsho
| Inguqulelo Inani | Inguqulelo Umhla | Ubume boTshintsho | Guqula uMbhali | Reviewer | Uhlaziyo Tag | Umhla wokuvunywa |
| 1.0 | 03-08-2022 | Inguqulelo yokuqala ye-PCI-Secure Umgangatho weSoftware |
UAruna Waphakuzela | UShamsher Singh | 18-08-22 | |
| 1.0 | 15-09-2022 | Kuhlaziywe icandelo le-14 ngeenjongo zolawulo ezingasetyenziswayo kunye nazo ugwetyelo |
UAruna Waphakuzela | UShamsher Singh | 29-09-22 | |
| 1.1 | 20-12-2022 | Amacandelo ahlaziyiweyo 2.1.2 kunye 2.2 kunye Self4000. Isusiwe i-Link2500 (i-PTS version 4.x) kuluhlu lwetheminali exhaswayo |
UAruna Waphakuzela | UShamsher Singh |
23-12-22 |
|
| 1.1 | 05-01-2023 | Icandelo elihlaziyiweyo 2.2 nge-Link2500 (pts v4) ukuze kuqhutyekwe nenkxaso yale nto.
uhlobo lwetheminali. |
UAruna Waphakuzela | UShamsher Singh | 05-01-23 | |
| 1.2 | 20-03-2023 | Icandelo elihlaziyiweyo 2.1.1 kunye neLatvian kunye nesiLithuanian i-terminal profiles. Kwaye 2.1.2 kunye BT-iOS unxibelelwano uhlobo inkxaso |
UAruna Waphakuzela | UShamsher Singh |
Uluhlu loSaziso
| Igama | Umsebenzi |
| iSebe leSiphelo | Uphuhliso, Uvavanyo, Ulawulo Lweprojekthi, Ukuthotyelwa |
| Ulawulo lweMveliso | IQela loLawulo lweMveliso yesiGqibelo, uMphathi wokuThobela – uMveliso |
Ukuvunywa koXwebhu
| Igama | Umsebenzi |
| UCecilia Jensen Tyldum | uMnini weMveliso |
| Arti Kangas | uMnini weMveliso |
Uxwebhu Review Izicwangciso
Olu xwebhu luya kuba reviewihlelwe kwaye ihlaziywe, ukuba kuyimfuneko, njengoko kuchaziwe ngezantsi:
- Njengoko kufuneka ukulungisa okanye ukomeleza umxholo wolwazi
- Ukulandela naluphi na utshintsho okanye uhlengahlengiso lombutho
- Ukulandela ingxelo yonyakaview
- Ukulandela ukusetyenziswa kobuthathaka
- Ukulandela ulwazi olutsha / iimfuno malunga nobuthathaka obufanelekileyo
Amaxwebhu / Izibonelelo
 |
INets PCI ekhuselekileyo iSoftware Standard [pdf] Isikhokelo somsebenzisi I-PCI yoMgangatho oKhuselekileyo weSoftware, uMgangatho oKhuselekileyo weSoftware, uMgangatho weSoftware, uMgangatho |
 |
INets PCI ekhuselekileyo iSoftware Standard [pdf] Isikhokelo somsebenzisi I-PCI yoMgangatho oKhuselekileyo weSoftware, uMgangatho oKhuselekileyo weSoftware, uMgangatho weSoftware, uMgangatho |