Conforming to the Payment Card Industry's Security RequirementsThe Payment Card Industry, including Visa and Mastercard, require banks, merchants and Member Service Providers to protect cardholder information by adhering to a strict set of security standards. The Payment Card Industry security standard (PCI) includes MasterCard's Site Data Protection (SDP) program and Visa's Cardholder Information Security Program (CISP). ChallengeMasterCard and Visa require all merchants processing more than 20,000 credit card transactions per year to complete a quarterly network scan and annual compliance questionnaire. All merchants and service providers with external-facing IP addresses that meet these parameters must comply. Even if an organization does not offer Web-based transactions or e-commerce, there are other services that make systems Internet accessible and therefore must comply. The requirements outlined by the payment card industry requires online merchants and service providers to complete two security evaluation steps:
ConsequencesUltimately, failure to comply with these security standards could result in fines, restrictions or permanent expulsion from card acceptance programs. As a result, a retailer will be unable to gain approval to use either Mastercard or Visa merchant services. ZXTM Security ComplianceTo fully comply with the security standards outlined by the Payment Card Industry you must follow these instructions.
Disabling Weak SSL3 Ciphers in ZXTM Navigate to: SYSTEM > GLOBAL SETTINGS > SSL CONFIGURATION
Enter the below ciphers: SSL_RSA_WITH_RC4_128_SHA:SSL_RSA_WITH_RC4_128_MD5:SSL_RSA_WITH_AES_256_CBC_SHA: SSL_RSA_WITH_3DES_EDE_CBC_SHA:SSL_RSA_WITH_AES_128_CBC_SHA Disabling SSL2 in the Zeus Admin Interface In $ZEUSHOME/admin/global.cfg enter: tuning!support_ssl2 no Disabling Weak SSL3 ciphers in the ZXTM Administrator Interface In $ZEUSHOME/admin/global.cfg insert, on one continous line: tuning!ssl3_ciphers SSL_RSA_WITH_RC4_128_SHA:SSL_RSA_WITH_RC4_128_MD5:SSL_RSA_WITH_AES_256_CBC_SHA: SSL_RSA_WITH_3DES_EDE_CBC_SHA:SSL_RSA_WITH_AES_128_CBC_SHA Please remember to re-start your admin server. We recommend using: $ZEUSHOME/admin/rc restart
Chris Buckley
[Zeus Support] 12 June 2006
2 comments
Comments:This public messageboard is not a forum for technical support. To report technical support problems, please contact our dedicated Support team using the instructions at the bottom of this page.
Comment from:
Jake van Schaik [Visitor]
· http://shop.vodafone.co.uk
Typo: "continous" should be "continuous" ;)
Thanks for the useful article 
23 August 2007 @ 15:12
Comment from:
Brian Clark [Visitor]
It would be nice to see more information from Zeus about PCI compliance using ZXTM. For example, this article is called "Conforming to the Payment Card Industry" but it really only talks to a single issue within PCI, which is PCI Requirement 4.1 "Use strong cryptography and security protocols".
Aside from that, it is very useful to have these commands together in one place.
21 May 2008 @ 15:42 |
Recent Articles
Other Resources
|
