Personal Cardholder Information Data Security Standard (PCI-DSS V3)

The INETCO Insight solution has been designed to meet PCI-DSS requirements 3.2, 3.3, 3.4, 4.1, 6.3, and 6.5 concerning storage, display, and handling of sensitive cardholder information. This means that information including Track 1, Track 2, PANs, CVVs, and encrypted PIN blocks is discarded, truncated, or subjected to a one-way hash as appropriate in the operation of the INETCO Insight system.

As a result, sensitive information is never stored by INETCO Insight nor displayed to users of the product in normal operation.

Implementation details

Diagnostics Logging

The INETCO Insight solution does offer a diagnostics logging mode that allows INETCO support engineers to work with systems administrators to fine-tune transaction decoding capabilities during the early phases of a rollout. This feature is turned off by default. Activating it causes INETCO Insight to generate a log of transactions it did not decode properly. This log is kept for 7 days before deletion and may contain sensitive cardholder information. INETCO recommends administrators only use diagnostics logging when absolutely necessary and take appropriate measures to protect and/or destroy the contents of the log file. Customers can also activate file encryption on the INETCO Insight server to protect against access to this log.

If you have any questions regarding INETCO Insight and your security requirements please contact us.

“INETCO Insight's real-time monitoring and threshold alerting capabilities provide our network operations and ATM support teams the ability to proactively isolate the failure point, prior to any customer service disruptions.”

Doug Epp, General Manager