Author
Jevgenijs Smirnovs
Document name
Point VxPC F02.01.xxx
Implementation Guide
E-mail
jevgenijs.smirnovs@verifone.com
Date
12-Jun-2015
Phone
+371 67844726
Page number
14
Version
1.0
© 2015 VeriFone. All rights reserved. VeriFone, the VeriFone logo, Vx, Mx, VeriCentre, VeriShield, Verix V, Verix and PAYware are either
trademarks or registered trademarks of VeriFone in the United States and/or other countries. All other trademarks or brand names are the
properties of their respective holders. All features and specifications are subject to change without notice.
The information contained in this document is confidential and property of VeriFone, Inc. This material may not be copied or published, or
divulged in part or in totality without written permission form VeriFone, Inc.
If you store ( as needed for business) cardholder data please don’t use a public-facing systems (for
example, web server and database server must not be on same server).
Do not utilize end-user messaging technologies (for example, e-mail, instant messaging, chat, etc.) to
send unprotected PAN unless they are configured to provide strong encryption.
Note: Sending of unprotected PANs via end-user messaging technologies strictly prohibited.
Requirement 4: Encrypt transmission of cardholder data across open, public networks
a. What the requirement says
“Sensitive information must be encrypted during transmission over networks that are easily ac-
cessed by malicious individuals. Misconfigured wireless networks and vulnerabilities in legacy en-
cryption and authentication protocols continue to be targets of malicious individuals who exploit
these vulnerabilities to gain privileged access to cardholder data environments.”, reference 2.
b. How your Point Vx helps you meet this requirement
The Point Vx encrypts card holder data using triple DES with a unique key per transaction. On top of
that the entire messages sent to and from the Point Vx are protected using SSL/TLS, if the processor
supports SSL/TLS.
c. What this means to you
If you are using a wireless network, WLAN, you must set up your wireless network to use
WPA/WPA2 encryption for installations. N.B. WEP must not be used after June 30 2010. The WLAN
encryption is applied on top of the triple DES encryption and SSL/TLS (if SSL/TLS is supported by the
processor) implemented in the terminal.
If Point Vx connected to an external network without using WLAN you do not need to take any ac-
tion.
To Next Page
Loading...
Need help?
General
