PCI Tools

PCI Tools

PCI requirements address security issues related to the protection of sensitive account holder data. Protection is more than just data encryption or masking. If your company is privately held or too small to trigger the PCI watchdogs, there are still important issues to consider. The following software applications were developed to address the concerns PCI introduced.



  • Centralized 4690 Operator Password Solution: COPS allows the retailer to manage user ids, passwords and permissions on the 4690 store controller for the operating system and sales application from a central site for one or more stores simultaneously.  Users can be added or deleted in one operation.
  • 4690 Complex Password Support: COPS supports both the standard 4690 passwords and the enhanced security or complex passwords available in the IBM 4690 OS Version 5.2 and later.
  •  4690 Controller Command Line Logging Reporting: COPS takes advantage of the new IBM security feature for command line logging on the store controller.  COPS retrieves this information and stores it in the central database so that reports can be generated on operator activity using the command line interface.
  •  4690 File Change Detection Reporting: COPS compares a user supplied list of critical files against a “golden master” copy of the files to make sure that the file date, file size and CRC code all match.  Any files that do not match are flagged in the database for reporting to the security department.
  •  4690 User Activity Tracking: COPS tracks users on the 4690 store controller when they log on and log off the store controller.  It also reports when the user executes the Dredix program or the file change program including the file name.  The activity is reported in an audit log format with the timestamp of the activity.
  • 4690 User ID Change Reporting: COPS tracks changes to user ids, passwords and permissions on the 4690 store controller.  The headquarters user is alerted when a store level password is going to expire in the next week.  Change activity is captured in an audit log.
  • 4690 Telnet / FTP / Secure FTP Tracking: COPS tracks all 4690 Telnet / FTP and Secure FTP activities on the store controller.  Even attempted log ins by unidentified or unauthorized users are captured along with the TCP/IP address so that security can analyze where the intrusions are originating.

EDJCryptPCI Tools

  • Encryption and Decryption modules: EDJCrypt modules support AES, Triple-DES, and Blowfish encryption algorithms in both 4690 CBasic and C++.  Protect sensitive data in transaction logs and electronic journals.
  • 4690 Protected Key Management: EDJCrypt KeyManager functions create encryption keys on a secure server at the head office.  The encrypted keys are stored in a key set that is internally encrypted.  The 4690 KeyAgent supplies keys to the EDJCrypt modules upon request.

 Signoff Sentry


  • Automatically Sign Off Terminal, Controller, and Telnet Sessions:
    The Signoff Sentry application consists 
    of a single executable program for the 4690 OS which will sign off or disconnect a user’s session automatically after a period of inactivity or a specific time each day. Configurable options are available for terminals, controllers, and telnet sessions.


PCI Tools

  • 4690 Installed Software Level Reporting: StoreGazer’s nightly census retrieves information from the 4690’s product control files and stores it in the database.  The version and change level of each software product is reported to make sure that the correct software is installed in the stores.
  • 4690 Stolen Pin Pad Report: StoreGazer uses the event recording technology to report the removal or change of any pin pad on the 4690 system.  Security can be instantly notified via email or a page that this activity has occurred and needs to be investigated.


PCI Tools

  • 4690 Time Accuracy Services: TimeGuard makes sure that the clock in the store controller and registers is synchronized with a single time source in the company.  Video systems and POS systems are matched to the same time.  Credit and debit transactions are accurately recorded when they occur.

EDJ Application Audit Trail


  • User identification, password and permission gateway: EDJ’s applications use a common gateway to contain ids, encrypted passwords and permission that prevent unauthorized use of the functions.