1/7/2019 [ext]StripeImplGuidev0.9 - Google Docs
https://docs.google.com/document/d/1VN2TZqs1QUMOLa4cThszHLAQcCyzGFmenpIJKuKMstY/edit# 1/9
Stripe Terminal Implementation Guide
12/27/2018
This document details how to install the Stripe Terminal application in compliance with PCI
PA-DSS Version 3.2 . This guide applies to the Stripe Terminal application version 3.0.x.y.
1
Installation guide
Application versioning
Secure application updates
Secure data handling
Secure transfer protocols
Network Segmentation
PA-DSS requirements
1.1.4 Delete Historical Sensitive Data
1.1.5 Delete Sensitive Authentication Data used for Debugging
2.1 Securely Delete Cardholder Data
2.2 Mask PAN When Displayed
2.3 Render PAN Unreadable Anywhere it is Stored
2.4 Protect Keys Used to Secure Cardholder Data
2.5 Implement Key Management Processes & Procedures
2.5.1 - 2.5.7 Implement Key Management Functions
2.6 Provide Mechanism to Wipe Key Material
3.1 - 3.2 Use Unique IDs & Secure Authentication
3.2 Implement Automated Audit Trails / Centralized Logging
5.4.4 Implement and Communicate Application Versioning Methodology
6.1 - 6.3 Securely Implement Wireless Technology
7.3.2 Provide Instructions on Secure Installation of Patches and Updates
8.2 Use of secure protocols
9.1 Store cardholder data on servers not IP connected
10.1 Implement multi--factor authentication for remote access
1
https://www.pcisecuritystandards.org/documents/PA-DSS_v3-2.pdf
1
Loading ...
Loading ...
Loading ...
