Payment Card Industry (pci) pin transaction Security (pts) Hardware Security Module (hsm) Modular Evaluation Vendor Questionnaire



Download 0.91 Mb.
Page1/19
Date28.01.2017
Size0.91 Mb.
#9274
  1   2   3   4   5   6   7   8   9   ...   19


Payment Card Industry (PCI)
PIN Transaction Security (PTS)
Hardware Security Module (HSM)

Modular Evaluation Vendor Questionnaire


Version 3.0

June 2016



Document Changes


Date

Version

Author

Description

April 2009

1.0

PCI

New Release

October 2011

1.1

PCI

Modifications for consistency with PCI POI requirements

February 2012

2.x

PCI

RFC version - Modifications for consistency with PCI POI requirements.

May 2012

2.0

PCI

Public release

February 2016

3.x

PCI

RFC version

June 2016

3.0

PCI

Addition of approval classes for key-loading devices and HSM remote administration platforms. Added device management. Additions to reflect major updates to DTRs. See PCI PTS HSM - Summary of Requirements Changes from Version 2.0 to 3.0.


Note to Assessors


When protecting this document for use as a form, leave Sections 5 and 7 (Annex B and “Device Diagrams”) unprotected to allow for insertion of appropriate diagrams and reports. Under “Tools / Protect Document,” select “Forms” then “Sections,” and un-check Sections 5 and 7 as illustrated below.

Table of Contents



Document Changes 2

Document Changes 2

Note to Assessors 3

Note to Assessors 3

Related Publications 5

Related Publications 5

Questionnaire Instructions 8

Questionnaire Instructions 8

1.Complete the information below for the device being evaluated. 8

2.Identify all sections of the questionnaire corresponding to those questions in the form of the PCI Hardware Security Module (HSM) Modular Security Requirements (“HSM Modular Security Requirements”) for which you answered “YES.” 8

3.Complete each item in those identified sections. 8

4.Provide sufficient detail to thoroughly describe the device attribute or function. 8

5.Refer to and provide additional documentation as necessary. 8

6.Vendor must provide detail in the comments section for all “N/A” answers 8

Evaluation Module 1: Core Requirements 10

Evaluation Module 1: Core Requirements 10

A – Physical Security Characteristics 10

Section A1 11

14


Section A2 15

Section A3 17

Section A4 21

Section A5 23

B – Logical Security Characteristics 26

Section B1 27

30

Section B2 31



Section B3 34

Section B4 35

Section B4.1 36

Section B5 38

Section B6 39

Section B7 41

Section B8 44

Section B9 46

Section B10 47

Section B11 49

Section B12 53

Section B13 54

Section B14 56

Section B15 57

Section B16 58

Section B17 59

Section B18 62

Section B19 63

Section B20 64

C – Policy and Procedures 65

Section C1 66

Evaluation Module 2: Key-Loading Devices 67

Evaluation Module 2: Key-Loading Devices 67

D – Key-Loading Devices 67

Section D1 68

Section D2 69

Section D3 70

Section D4 71

Section D5 72

Evaluation Module 3: Remote Administration 74

Evaluation Module 3: Remote Administration 74

E – Logical Security 74

Section E1 75

Section E2 76

F – Devices with Message Authentication Functionality 77

Section F1 78

Section F2 79

Section F3 80

Section F4 81

G – Devices with Key-Generation Functionality 82

Section G1 83

Section G2 84

Section G3 85

Section G4 86

H – Devices with Digital Signature Functionality 87

Section H1 88

Section H2 89

Evaluation Module 4: Device Management Security Requirements 90

Evaluation Module 4: Device Management Security Requirements 90

I – Device Management Security Requirements during Manufacturing 90

Section I1 91

Section I2 92

Section I3 93

Section I4 94

Section I5 95

Section I6 96

Section I7 97

Section I8 98

J – Device Management Security Requirements between Manufacturer and Facility of Initial Deployment 99

Section J1 100

Section J2 101

Section J3 102

Section J4 103

Section J5 104

Section J6 105

Section J7 106



Section J8 107

Annex A: DTR Templates 108

Annex A: DTR Templates 108

Annex B: Device Diagrams and Test Reports 114

Annex B: Device Diagrams and Test Reports 114

Device Diagrams (Optional) 116

Device Diagrams (Optional) 116





Download 0.91 Mb.

Share with your friends:
  1   2   3   4   5   6   7   8   9   ...   19




The database is protected by copyright ©ininet.org 2024
send message

    Main page