Types of sensitive data
  • 26 Nov 2024
  • 1 Minute à lire
  • Sombre
    Lumière
  • PDF

Types of sensitive data

  • Sombre
    Lumière
  • PDF

The content is currently unavailable in French. You are viewing the default English version.
Résumé de l’article

Different security-sensitive data objects exist within OneSpan Authentication Server environments that require protection from unauthorized access or disclosure:

  • Host files
  • Authenticator application BLOB data
  • EMV-CAP data
  • Other sensitive data
  • Property files
  • Audit data

Host files

A DIGIPASS export file (DPX) (generally using a .dpx extension) stores all authenticator application data of an authenticator batch.

Authenticator application BLOB data

The authenticator application BLOB contains all parameter settings and secrets of an authenticator application. The authenticator application BLOB data is initially obtained from a DIGIPASS export file (DPX) that contains the images of one or more authenticators. The BLOB data is extracted by the DPX import feature of OneSpan Authentication Server.

EMV-CAP data

EMV-CAP is the Chip Authentication Program (CAP) developed by credit card leaders Europay, Mastercard, and Visa (EMV). Implementing EMV-CAP involves sensitive data that requires confidentiality.

Sensitive data

Apart from authenticator-related data, security-sensitive data also includes:

  • Passwords for OneSpan Authentication Server user accounts or other accounts
  • Shared secrets with back-end servers or other components
  • Administrative privileges
  • Global configuration settings

Property files

Some OneSpan Authentication Server components and side products are Java-based and use so-called property files to store configurable settings. These settings can also include sensitive data, such as passwords.

Audit data

Although sensitive data is not included in audit messages, the audit data itself can be considered sensitive with regard to integrity and non-repudiation.


Cet article vous a-t-il été utile ?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Ozzy, facilitant la découverte de connaissances grâce à l’intelligence conversationnelle