The Payment Card Industry (PCI) has created requirements for retailers to follow to protect card holder data. The purpose of the requirements is to prevent sensitive and critical information from being exposed in the event that a retailer or some other entity in
the authorization chain is “breached” by an outside attacker. While meeting these PCI requirements is no guarantee of invincibility, retailers are less likely to be breached and as a reward are often offered a lower fee structure for processing their authorizations.
EDJ Enterprises, Inc. (EDJ) has developed their applications with PCI compliance in mind. The use of one or more of these applications can assist the retailer in meeting several of the PCI requirements that relate to protection of the point-of-sale system.
EDJCrypt – Encryption and Decryption modules:
EDJCrypt modules support AES, Triple-DES, and Blowfish encryption algorithms in both 4690 CBasic and C++. Protect sensitive data in transaction logs and electronic journals.
EDJCrypt – 4690 Protected Key Management:
EDJCrypt KeyManager functions create encryption keys on a secure server at the head office. The encrypted keys are stored in a key set that is internally encrypted. The 4690 KeyAgent supplies keys to the EDJCrypt modules upon request.
StoreGazer – 4690 Installed Software Level Reporting:
StoreGazer’s nightly census retrieves information from the 4690’s product control files and stores it in the database. The version and change level of each software product is reported to make sure that the correct software is installed in the stores.
StoreGazer – 4690 Stolen Pin Pad Report:
StoreGazer uses the event recording technology to report the removal or change of any pin pad on the 4690 system. Security can be instantly notified via email or a page that this activity has occurred and needs to be investigated.
TimeGuard – 4690 Time Accuracy Services:
TimeGuard makes sure that the clock in the store controller and registers is synchronized with a single time source in the company. Video systems and POS systems are matched to the same time. Credit and debit transactions are accurately recorded when they occur.
StoreGazer/COPS – Centralized 4690 Operator Password Solution:
COPS allows the retailer to manage user ids, passwords and permissions on the 4690 store controller for the operating system and sales application from a central site for one or more stores simultaneously. Users can be added or deleted in one operation.
StoreGazer/COPS – 4690 Complex Password Support:
COPS supports both the standard 4690 passwords and the enhanced security or complex passwords available in the IBM 4690 OS Version 5.2 and later.
StoreGazer/COPS – 4690 Controller Command Line Logging Reporting:
COPS takes advantage of the new IBM security feature for command line logging on the store controller. COPS retrieves this information and stores it in the central database so that reports can be generated on operator activity using the command line interface.
StoreGazer/COPS – 4690 File Change Detection Reporting:
COPS compares a user supplied list of critical files against a “golden master” copy of the files to make sure that the file date, file size and CRC code all match. Any files that do not match are flagged in the database for reporting to the security department.
StoreGazer/COPS – 4690 User Activity Tracking:
COPS tracks users on the 4690 store controller when they log on and log off the store controller. It also reports when the user executes the Dredix program or the file change program including the file name. The activity is reported in an audit log format with the timestamp of the activity.
StoreGazer/COPS – 4690 User ID Change Reporting:
COPS tracks changes to user ids, passwords and permissions on the 4690 store controller. The headquarters user is alerted when a store level password is going to expire in the next week. Change activity is captured in an audit log.
StoreGazer/COPS – 4690 Telnet / FTP / Secure FTP Tracking:
COPS tracks all 4690 Telnet / FTP and Secure FTP activities on the store controller. Even attempted log ins by unidentified or unauthorized users are captured along with the TCP/IP address so that security can analyze where the intrusions are originating.
EDJ Application Audit Trail:
EDJ’s applications, StoreGazer, COPS, EXCEPTion, ESCAPE and StoreTotals, all provide an audit trail that show what the user was doing on the system and at what time.
EDJCommon – User identification, password and permission gateway:
EDJ’s applications use a common gateway to contain ids, encrypted passwords and permission that prevent unauthorized use of the functions.