eToken - SafeNet

Achieving PCI DSS Compliance with
Aladdin eToken Strong Authentication Solutions
The Payment Card Industry Data Security Standard (PCI DSS) was created by the world’s major credit card companies to protect
customer data. The primary purpose of PCI DSS is the protection of credit card data by reducing fraud and theft. PCI DSS mandates that
any merchants or service providers that handle, transmit, store or process information concerning the major credit cards, or related
card data, are required to meet PCI standards or face penalties and/or severance by the credit card companies.
PCI DSS is a proactive security standard that defines requirements for security management, policies, procedures, network architecture,
software design and other security measures. Aladdin is highly suited to meet and exceed PCI DSS requirements by providing unique
and effective security solutions for merchants and service providers that must meet PCI standards.
Aladdin’s eToken solutions help organizations comply with PCI DSS as follows:
Build and maintain a secure network
• Do not use vendor-supplied or default passwords
eToken replaces weak passwords with strong, two-factor authentication and
also eliminates the need for risky and costly password maintenance schemes with
eToken Single Sign-On.
Protect cardholder data
• Protect stored data
eToken ensures that only authorized users are able to access the network and thus access stored data. It also seamlessly integrates
with all third-party disk encryption providers, enhancing security by ensuring that encryption keys are not exposed to untrusted and
vulnerable PC environments.
• Encrypt transmissions of cardholder data across public networks
eToken enables email encryption and digital signing, with on-board generation and secure storage of PKI keys and certificates.
Maintain a vulnerability management program
• Develop and maintain secure systems and applications
eToken
PCI DSS
COMPLIANCE
eToken helps organizations apply security controls by ensuring that users are who they say they are, whether within the network or
remotely.
A l a d d i n . c o m / e T o k e n

Implement Strong Access Control Measures
• Restrict access to “need-to-know”
eToken provides strong authentication support for role-based access control solutions, ensuring the highest possible level of control over
who is accessing data. The eToken Token Management System (TMS) links users, devices, organizational rules, and security applications in a
single automated and fully configurable system, making the implementation of token-based security solutions easily manageable.
• Assign unique IDs to each person with computer access
eToken provides a unique ID for users, based on the high security of two-factor authentication: users must not only know their
username and password, but also have possession of their physical eToken to gain access.
• Restrict physical access to cardholder data
eToken can be shipped with all market-leading RFID coils to deliver both physical and logical access controls in one device.
Regularly monitor and test networks
• Monitor and track all access to network resources and cardholder data
Equipped with auditing and reporting capabilities, the eToken Token Management System enables the monitoring and control of data access.
Maintain an Information Security Policy
• Maintain a policy that addresses information security
Aladdin solutions provide strong controls over network access and content security, and eliminate common methods used to bypass
organizational security – allowing organizations to more easily enforce their security policy.
For more information on how Aladdin can help your organization meet the Payment Card Industry Data Security Standard, contact an
Aladdin representative.
© 8/2008 Aladdin Knowledge Systems, Ltd. All rights reserved. Aladdin is a registered trademark and eToken is a trademark of Aladdin Knowledge Systems, Ltd. All other names are trademarks or registered trademarks of their respective owners.
For more contact information, visit: www.Aladdin.com/contact
North America: +1-800-562-2543, +1-847-818-3800 • UK: +44-1753-622-266 • Germany: +49-89-89-4221-0 • France: +33-1-41-37-70-30 • Benelux: +31-30-688-0800 • Spain: +34-91-375-99-00
Italy: +39-022-4126712 • Israel: +972-3-978-1111 • China: +86-21-63847800 • India: +91-22-67955943 • Japan: +81-426-607-191 • All other inquiries: +972-3-978-1111