Back

Design the hardware security module to erase sensitive data when compromised.


CONTROL ID
12275
CONTROL TYPE
Systems Design, Build, and Implementation
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Implement a hardware security module, as necessary., CC ID: 12222

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • If the device permits access to internal areas (e.g., for service or maintenance), it is not possible using this area to access sensitive data. Immediate access to sensitive data, such as PIN or cryptographic data, is either prevented by the design of the internal areas (e.g., by enclosing component… (A3, Payment Card Industry (PCI), PIN Transaction Security (PTS) Hardware Security Module (HSM) - Security Requirements, Version 2.0)
  • While in transit from the manufacturer's facility to the facility of initial deployment, the device is: - Shipped and stored in tamper-evident packaging; and/or - Shipped and stored containing a secret that: -- Is immediately and automatically erased if any physical or functional alteration to the d… (E3, Payment Card Industry (PCI), PIN Transaction Security (PTS) Hardware Security Module (HSM) - Security Requirements, Version 2.0)
  • The device includes mechanisms such that the removal of the device from its operational location will cause the automatic erasure of the cryptographic keys contained within the device; or (G1 Bullet 1, Payment Card Industry (PCI), PIN Transaction Security (PTS) Hardware Security Module (HSM) - Security Requirements, Version 3.0)
  • Is immediately and automatically erased if any physical or functional alteration to the device is attempted, and (J3 Bullet 2 Sub-bullet 1, Payment Card Industry (PCI), PIN Transaction Security (PTS) Hardware Security Module (HSM) - Security Requirements, Version 3.0)
  • Once the device has been loaded with cryptographic keys, there is no feasible way in which the functional capabilities of the device can be modified without causing the automatic and immediate erasure of the cryptographic keys stored within the device, or causing the modification to be otherwise det… (D5, Payment Card Industry (PCI), PIN Transaction Security (PTS) Hardware Security Module (HSM) - Security Requirements, Version 3.0)
  • Permitting movement of the device without activating a key-erasure mechanism. (G3 Bullet 2, Payment Card Industry (PCI), PIN Transaction Security (PTS) Hardware Security Module (HSM) - Security Requirements, Version 3.0)