NCR Voyix Logo

Docs

​

Aloha Takeout

About Aloha Takeout

Implementing

Integrating

Using

Aloha Takeout

Rotating the site key

In Aloha Takeout, you can have the system automatically rotate the site key, or you can perform the site key rotation manually. If you choose to rotate your site key manually, consider these best practices for site key management:

  • Use a unique site key at each location.
  • Restrict access to site keys to the smallest number of employees possible.
  • Store site keys in a secure manner.
  • Document key management procedures and implement fully.
  • Require key custodians to sign a form affirming they understand and accept their key-custodian responsibilities.
  • Generate strong keys, using uppercase and lowercase letters, numbers, and symbols.
  • Change the site key at least quarterly, documenting each change of the key.
  • Destroy all copies of the old key.

Establish split knowledge and dual control of keys. For example, give sequential parts of the key to three different people, so that they all have to enter their own part, in a specific order, to reconstruct the whole key.

Three parts of an example key could be 'MarYhad&,' 'AliTTle42@,' and 'laMb95&3.' The entire key would consist of these three parts, typed sequentially: MarYhad&AliTTle42@laMb95&3

  • Prevent unauthorized substitution of the key.
  • Replace keys known or suspected to have been compromised.

Rotating the site key automatically

You can configure Aloha Takeout to automatically rotate your site key. By having ATO automatically rotate the site key, you never have to keep track of your site key, or worry about losing credit card data because of a lost site key. Once the system begins automatically rotating your site key, you will not know your site key. The auto rotation feature rotates the site key at EOD when the site key is set to expire within twenty-four hours.

The procedures for automatic site key rotation configuration depend on the version of your configuration management tool (CMT), either CFC or new Aloha Manager. For versions 14.5 and later, you configure the automatic site key rotation settings under the Options tab in Takeout Configuration, and for earlier versions, you do so under the Custom Settings tab.

To configure the site key to rotate automatically for your configuration management tool v14.5 and later:

  • With Takeout selected in the product panel, select Maintenance > Takeout Configuration > Takeout Settings > Options tab.
    TakeoutSettings_SiteKeyOptions.png
  • Under the 'Settings' group bar, select Enable credit card storage to display the site key settings.
  • Select Auto rotate site key.
  • Enter the number of days between automatic site key rotation in 'Site key expiration days.' The minimum available is '7,' and the maximum available is '365.' We suggest setting the number of days to '90.'
  • Enter '0' for 'Site key warning days.' Since you are no longer manually rotating your site key, it is not necessary for the site key expiration warning to appear.
  • Click Save and exit the Options function.

To configure the site key to rotate automatically for configuration management tool v14.4 and earlier:

  • With Takeout selected in the product panel, select Maintenance > Takeout Configuration > Takeout Settings > Custom Settings tab.
  • Under the 'Settings' group bar, click Add. The system adds a new row at the bottom of the screen.
    TakeoutSettings_CustomSettings_AutoRotateSiteKey.png
  • Under 'XPath,' type '/Config/Options.'
  • Under 'Element name,' type 'AutoRotateSiteKey.'
  • Under 'Element value,' type 'True.'
  • Click Save and exit the Custom Settings function.

Note: To set the number of days between site key rotation, select Maintenance > Takeout Configuration > Options tab > Settings group bar, and enter the number of days in 'Site key expiration days.'

Rotating the site key manually

If you elect to manage the rotation of your site key manually, it is necessary to access the TakeoutDataProtectionTool.exe to change your site key. To rotate the site key, you must enter the current site key to unlock or select Change Site Key from the Actions menu.

Note: To set a warning prompt to remind you to rotate the site key, select Maintenance > Takeout Configuration > Options tab > Settings group bar, and enter the number of days in 'Site key warning days.' The minimum number of days you can set for the warning is '7.'

The form for changing the site key is similar to the form for setting the initial site key. In addition to the two fields for entering the new site key, you first receive a prompt to supply the existing site key. When you click Change Key, the tool validates the supplied existing key matches the value stored within the ATO system. The application also validates that both of the new key strings are identical. If the validation criteria are satisfied, the system saves the new key to the system. If any criteria fails validation, you receive a prompt to re-enter the keys.

  • Stop the Radiant Takeout and Delivery Service. See "Stopping the Radiant Takeout and Delivery service."
  • Navigate to %BootDrv%\Aloha Takeout\Bin.
  • Double-click TakeoutDataProtectionTool.exe.
    ATO_SK_Data_Protection_Tool_Enter_Site_Key.png
  • Type the current key in 'Enter Site Key.'
  • Click Actions, and select Change Site Key from the drop-down list that appears.
    ATO_SK_Data_Protection_Tool_Rotate_Site_Key.png
  • Type the existing site key in 'Enter Current Site Key.'
  • Type the new site key in 'Enter New Site Key,' and in 'Re-enter New Site Key.'
  • Click Change Key to confirm the change.
  • Type the new site key again in 'Re-enter New Site Key.'
  • Restart the Radiant Takeout and Delivery Service. See "Restarting the Radiant Takeout and Delivery service."

  • In this Article

  • Rotating the site key automatically

  • Rotating the site key manually

NCR Voyix Logo

© 2024 NCR Voyix Corporation

Contact Us
Voyix Privacy Policy
Do Not Sell My Information
Legal Notice

NCR Payment Solutions, LLC is a registered ISO/MSP of Citizens Bank, N.A., Providence, RI.