1.18. PCI DSS#
The Payment Card Industry Data Security Standard is a policy framework that defines necessary requirements when dealing with credit card information. It defines a rule set divided into twelve main subjects. LinOTP helps to fulfill the following requirements of PCI DSS v2.0.
Requirement |
Requirement text |
LinOTP actions |
|
8.3 |
Incorporate two-factor authentication for remote access to the network by employees, administrators and third parties. |
LinOTP provides a two factor authentication based on one time passwords with hardware tokens. |
|
8.4 |
Render all passwords unreadable during transmission and storage on all system components using strong cryptography. |
Sensible data like OTP secrets and passwords are stored in a hashed or encrypted way. |
|
10.1 |
Establish a process for linking all access to system components to each individual user. |
Using LinOTP you can identify each user by two factors. |
|
10.2 |
Implement automated audit trails for all system components to reconstruct the following events: |
LinOTP provides a sophisticated audit trail, that can tell which user authenticated under which condition and which administrator performed which task on a certain token. |
|
10.2.1 |
All individual accesses to cardholder data |
If the access to cardholder data is protected by LinOTP authentication, this will be logged within the audit trail. |
|
10.2.2 |
All actions taken by any individual with root or administrative privileges |
All actions by LinOTP administrators are logged in the audit trail. |
|
10.2.3 |
Access to all audit trails |
The access to the audit trail via the LinOTP API is logged in the audit trail. Direct access to the database must be audited in another way by the database system. |
|
10.2.4 |
Invalid logical access attempts |
All LinOTP authentication requests are logged in the audit trail. |
|
10.2.5 |
Use of identification and authentication mechanisms |
All LinOTP authentication requests (successful and failed) are logged in the audit trail. |
|
10.2.6 |
Initialization of the audit logs |
The LinOTP SQL Audit Trail gets only initialized when the sequence number is set to 1. |
|
10.3 |
Record at least the following audit trail entries for all system components for each event |
LinOTP Audit Trail can store several different information |
|
10.3.1 |
User Identification |
When a user is authenticating, the username or the administrator name is logged |
|
10.3.2 |
Type of event |
The LinOTP action is logged |
|
10.3.3 |
Date and time |
A timestamp is logged |
|
10.3.4 |
Success of failure indication |
The success status of the event is logged |
|
10.3.5 |
Origination of event |
The name of the LinOTP server, where the action was performed is logged |
|
10.3.6 |
Identity or name of affected data, system component or resource |
Depending on the action additional information is logged |
|
10.4 10.4.1 10.4.2 10.4.3 |
Using time synchronization technology, synchronize all critical system clocks and times and ensure that the following is implemented for acquiring, distribution and storing time: Critical systems have the correct and consistent time Time data protected Time settings are received from industry-accepted time sources |
The LinOTP server uses NTP. The timestamps for the audit trail are generated on the LinOTP server and not on the database server. |
|
10.5 |
Secure audit trails so the cannot be altered. |
The LinOTP audit trail entries get digitally signed. |
|
10.5.1 |
Limit viewing of audit trails to those with a job-related need. |
The access to the audit trail can be restricted by defining access policies. |
|
10.5.2 |
Protect audit trails from unauthorized modifications. |
The LinOTP audit trail entries are digitally signed. |
|
10.5.3 |
Promptly back up audit trail files to a centralized log server or media that is difficult to alter. |
Audit trail can be written to an SQL database server. |
|
10.5.4 |
Write logs for external-facing technologies onto a log server on the internal LAN. |
Can be configured by using another, internal database server |
|
10.5.5 |
Use file-integrity monitoring or change-detection software on logs to ensure that existing log data cannot be changed without generating alerts (although new data being added should not cause an alert). |
N/A |