Design the hardware security module to automatically clear its internal buffers of sensitive information prior to reuse of the buffer.
CONTROL ID 12233
CONTROL TYPE Systems Design, Build, and Implementation
CLASSIFICATION Preventive
SUPPORTING AND SUPPORTED CONTROLS
This Control directly supports the implied Control(s):
Implement a hardware security module, as necessary., CC ID: 12222
This Control has the following implementation support Control(s):
Design the hardware security module to automatically clear its internal buffers of sensitive information after it recovers from an error condition., CC ID: 12252
Design the hardware security module to automatically clear its internal buffers of sensitive information when it has timed out., CC ID: 12251
SELECTED AUTHORITY DOCUMENTS COMPLIED WITH
The HSM must automatically clear or reinitialize its internal buffers that hold sensitive information prior to reuse of the buffer, including when:
- The transaction is completed,
- The HSM has timed out, or
- The HSM recovers from an error state. (B6, Payment Card Industry (PCI), PIN Transaction Security (PTS) Hardware Security Module (HSM) - Security Requirements, Version 2.0)
The device must automatically clear or reinitialize its internal buffers that hold sensitive information prior to reuse of the buffer, including when: (B6, Payment Card Industry (PCI), PIN Transaction Security (PTS) Hardware Security Module (HSM) - Security Requirements, Version 3.0)
The transaction is completed, (B6 Bullet 1, Payment Card Industry (PCI), PIN Transaction Security (PTS) Hardware Security Module (HSM) - Security Requirements, Version 3.0)