5 Appendix A Inadvertent Capture of PAN

The appendix provides instruction for addressing the inadvertent capture of a Primary Account Number (PAN) on the following supported operating systems:

  • Microsoft Windows 10

Microsoft Windows 10

Disable System Restore

  1. Right-click Computer and select Properties.

  2. On the System dialog box, click Advanced system settings.

  3. On the System Protection tab, click Configure.

  4. Select Disable system protection, click Apply, and then click OK until you return to the System dialog box.

  5. Restart the computer.

Encrypt PageFile.sys

  1. Your hard disk must be formatted using NTFS to perform this operation.

  2. Click the Start button and enter CMD

  3. Right-click Command Prompt and select Run as Administrator

  4. Enter the command: fsutil behavior set EncryptPagingFile 1. To disable encryption, enter 0 instead of 1.

  5. Enter the command: fsutil behavior query EncryptPagingFile. To disable encryption, enter 0 instead of 1.

  6. Verify that the command prompt returns: EncryptPagingFile = 1

Clear the System PageFile.sys on Shutdown

You can enable the option to clear the PageFile.sys during system shutdown that will purge the temporary data. This is to ensure that information such as system and application passwords and cardholder data is not inadvertently kept in the temporary files. Enabling this feature may increase the time for the system to shutdown.

  1. Click the Start button and enter Regedit.

  2. Right-click Registry Editor and select Run as Administrator.

  3. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management\

  4. Right-click ClearPageFileAtShutdown and select Modify. If ClearPageFileAtShutdown does not exist, right-click the Memory Management folder, select New, and select DWORD (32-bit) Value.

  5. Set the Value data field to 1 and click OK.

Disable System Management of PageFile.sys

  1. Right-click on My Computer and select Properties.

  2. On the System dialog box, click Advanced system settings.

  3. On the Advanced tab, Performance section, click Settings.

  4. On the Advanced tab, Virtual memory section, click Change.

  5. Deselect Automatically manage page file size for all drives, select Custom size, and set the following fields:

    • Initial Size: the amount of Random-Access Memory (RAM) available.

    • Minimum Size: 2x the amount of RAM.

  6. Click Set to save the entry.

  7. Click OK until you return to the System dialog box.

  8. Restart the computer.

Disable Error Reporting

  1. Navigate to Control Panel.

  2. Select Security and Maintenance

  3. Select Maintenance and then click Check for solutions.

  4. Select Never check for solutions, then click OK.

  5. Click the Start button and enter Regedit in the search field.

  6. Right-click Regedit.exe and select Run as Administrator.

  7. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\Memory Management.

  8. Right-click ClearPageFileAtShutdown and select Modify. If ClearPageFileAtShutdown does not exist, right-click the Memory Management folder, select New, then DWORD (32-bit) Value.

  9. Select the Value data field to 1 and click OK.