Figure 4‑1 - Chip Card Insertion Slot and Swipe Path Examples
MagTek strongly recommends performing security inspections on a regular schedule. Additional information can be found in *DynaFlex II Go, Device Inspection Document*. If any problems are detected, stop using the device, set it aside in a secure location, and contact the manufacturer or your acquirer for further advice. ### Self-Test DynaFlex II Go performs self-tests at power-up and after reset. By default, the device automatically resets and performs self-tests every 23 hours if it is configured to automatically reset 23 hours after booting, otherwise the device automatically resets and performs self-tests every 24 hours if it is configured to automatically reset at a specific time of day. No manual intervention by the operator is required. Self-tests include: * Checking the integrity and authenticity of the firmware and cryptographic keys. * Checking security mechanisms for signs of tampering. ### Roles and Responsibilities The secure card reader has no functionality that gives access to security-sensitive services based on roles. Such services are managed through dedicated tools, using cryptographic authentication. ### Passwords and Certificates DynaFlex II Go products ship from the factory fully secure. There are no security default values that require modifications by the user to meet PCI security requirements, except the “Bluetooth LE passkey.” MagTek recommends one of two options: * Devices are ordered with the default passkey changed by MagTek during device configuration prior to shipping * The customer change the default passkey with a software utility that changes Property 1.2.2.3.1.9 Bluetooth LE Passkey described in *DynaFlex II Go Programmer’s Manual (COMMANDS)*. ### Tamper Response If the device senses a physical or environmental attack, it erases all sensitive keys, and will have limited functionality. While powered on, the SCR indicates it is in a tampered state by flashing green LEDs 1,3, and 4 as depicted in Figure 4‑2 Tamper Response. If this occurs: * Remove the device from service immediately. * Store it securely for possible forensics investigation. * Contact the manufacturer for assistance. The device will likely need to be returned to the manufacturer for diagnosis and servicing.Figure 4 2 Tamper Response
### Patching and Updating DynaFlex II Go products support file-based updates of the device’s core firmware (main firmware) and authorized commands for updating sensitive configuration. For optimal device security, MagTek recommends the latest versions of firmware should always be installed. Firmware updates are provided as files that have been signed by MagTek. The firmware files can be loaded locally through USB or Bluetooth LE connection by using update tools available from the MagTek web site. The device verifies each update is newer than the installed version, and cryptographically authenticates the file. If version checking or authentication fails, the device erases the update file and reports an error to the host. For help with updates to EMV configuration, contact Magensa Remote Services. {% hint style="info" %} **Need Help?** For additional support, please contact MagTek Support: **Technical Support:** * 📧 **Email:** [support@magtek.com](mailto:support@magtek.com?subject=Support%20Request) * 📞 **Phone:** 1-562-546-6800 (US) * 🕐 **Hours:** Monday-Friday, 5:30 AM - 5:00 PM PST **Online Resources:** * 🌐 **Support Portal:** developer.magtek.com **Documentation Feedback:** Help us improve this documentation! [feedback@magtek.com](mailto:feedback@magtek.com?subject=Feedback) {% endhint %} ### Decommissioning Before DynaFlex II Go products are permanently removed from service, all the keys and sensitive data must be erased. One way to accomplish this is by temporarily removing the back cover, which forces a tamper response. If removal from service is only temporary, no action is required. All sensitive data will continue to be protected by the device’s physical and logical protection mechanisms.