| # |
Payment Application Best Practice |
Monetra Best Practice Support |
| 1. |
Do not retain full magnetic stripe or CVV2 data. PIN blocks must never be retained. |
Monetra does not retain magnetic stripe data, CV values or PIN blocks. |
| 2. |
Protect stored data. |
Monetra provides built-in encryption for sensitive data using a variety of approved ciphers including blowfish, aes, rc4, rc5, idea and cast5. |
| 3. |
Provide secure password features. |
Monetra provides multi-tiered, hierarchical, application-level access via username/passwords with flexible administrative control of user privileges. |
| 4. |
Log application activity. |
Monetra provides extensive logging both at the connection level and at the transaction level. |
| 5. |
Develop secure applications. |
Monetra was designed with security from the beginning and is written using the efficient C programming language, which avoids vulnerabilities inherent in many other development platforms. |
| 6. |
Protect wireless transmissions. |
Monetra provides direct SSL socket connectivity with SSL client certificate verification to ensure completely secure communications via any transmission method. |
| 7. |
Test applications to address vulnerabilities. |
Monetra software is tested frequently to ensure integrity and security. |
| 8. |
Facilitate secure network implementation. |
Monetra provides direct SSL connectivity and operates very well under NAT, PAT and other secure network implementations. |
| 9. |
Cardholder data must never be stored on a server connected to the Internet. |
Client/server architecture allows the Monetra software to reside on a completely independent server; Remote SQL database support enables an additional level of protection. |
| 10. |
Facilitate secure remote software updates. |
Monetra must be updated via a user download/install. |
| 11. |
Facilitate secure remote access to application. |
Monetra provides remote SSL socket connectivity with SSL client certificate support plus an internal firewall rule set system for ultra-secure remote access. |
| 12. |
Encrypt sensitive traffic over public networks. |
Monetra supports SSL socket communications with SSL client certificate verification for complete end-to-end communications security. |
| 13. |
Encrypt internal administrative access. |
Monetra provides remote administrative access via direct SSL socket communications with SSL client certificate verification for secure administrative access. |
