Erasure of personal data in OneSpan Authentication Server

GDPR foresees for users a “right to be forgotten”, i.e. your organization is obliged to erase personal data if these are no longer needed for the original purpose for which the data was collected, processed, and stored, in the first place. To comply with the GDPR, an individual's user-related data stored and/or processed in OneSpan Authentication Server must be deleted upon request.

OneSpan Authentication Server uses an individual's personal data for authentication and auditing purposes. For an overview of the personal data stored in OneSpan Authentication Server, see Types of personal data in OneSpan Authentication Server.

Deleting personal data used for authentication

In the OneSpan Authentication Server user database, personal data is collected and processed for authentication purposes. If the end user no longer wants to use OneSpan Authentication Server for authentication, the user's personal data must be removed from the user database. This can be done either using the Tcl Command-Line Administration tool, OneSpan Authentication Server Administration Web Interface, or via the OneSpan Authentication Server SDK.

Deleting personal data used for auditing

Personal data is also collected in OneSpan Authentication Server over a given period for auditing purposes, for example, to enable administrators to consult the logs to troubleshoot issues or investigate incidents. The audit data are stored in different locations:

  • Audit database
  • Text files (if Text File Auditing was selected as audit method)
  • Event logs: Windows Event Log/Linux syslog
  • Audit Viewer

To comply with GDPR, audit records must be deleted after a certain period has passed.

The duration of the period, after which the personal data used for auditing must be deleted, is to be defined by your organization and is not pre-configured in OneSpan Authentication Server.

Audit database

To ensure that all personal data is removed as required, audit data older than the period your organization has defined must be deleted from the OneSpan Authentication Server audit database. This can be done via the Maintenance Wizard, or via the Administration Web Interface and the Delete Audit Data Wizard.

The Audit Message Import/Export wizard allows you to import audit data from one source and re-import it to a text file or ODBC database. This wizard is launched from the main interface of the Maintenance Wizard. When exporting audit messages from an ODBC database, you can choose to have all exported audit messages deleted as they are exported.

With the Delete Audit Data wizard you can either delete audit records immediately, or schedule a task for the deletion. You can also configure this to be a recurring task and delete audit records at regular intervals.

If you use the Audit Message Import/Export Wizard or the Delete Audit Data Wizard to erase the data, audit data older than the specified date will be removed!

For more information about task management and more detailed instructions for audit message export and task-based erasure of audit data, refer to the OneSpan Authentication Server Administrator Guide.

Text files

You can set the audit method to Text File. To ensure GDPR compliance, configure log file rotation in OneSpan Authentication Server, and manually delete old and outdated audit text files. For more information about setting up text file auditing and audit log rotation in OneSpan Authentication Server, refer to the OneSpan Authentication Server Administrator Guide.

Audit Viewer and event logs

There is no need to delete any data displayed in the Audit Viewer because records shown here are only stored as long as the Audit Viewer application is running.

Personal data is also stored and processed in the event log files of the operating system. The possibility to delete specific messages from the event log depends on the operating system hosting OneSpan Authentication Server:

  • Windows does not support deleting specific messages from the Windows Event Log.
  • On Linux, individual records cannot be deleted from syslog, but you can limit the log size at regular and definable intervals with logrotate.

Event log rotation is not managed from within the OneSpan Authentication Server environment, but it is handled on the operating system level and is the sole responsibility of the OneSpan Authentication Server user/administrator!

Diagnostic log files

OneSpan Authentication Server offers tracing for troubleshooting purposes. The level of tracing used by OneSpan Authentication Server can be configured using the Configuration Utility. Tracing messages will be recorded to a text file, and the trace log files can be rotated according to their age or size.

We strongly recommend to use the tracing feature only for troubleshooting purposes, and to disable it when OneSpan Authentication Server is used in production mode to enhance server performance.

When tracing is enabled in OneSpan Authentication Server, the system creates a diagnostic log file. This file is a binary log file that contains the same information as the text log file. Our technical support staff uses this diagnostic log file for troubleshooting purposes.

The diagnostic log file is created in the following location:

  • Windows: %PROGRAMDATA%\VASCO\IDENTIKEY\Log\Diag.vlog
  • Linux: /var/log/vasco/identikey/Diag.vlog

You must manually delete old and outdated diagnostic log files.

When troubleshooting OneSpan Authentication Server components and side products, keep in mind that the following have their own tracing facilities:

  • Data Migration Tool
  • Digipass Authentication for Windows Logon
  • LDAP Synchronization Tool
  • Message Delivery Component
  • Password Synchronization Manager

The tracing logs of these components/side-products must be rotated at regular intervals. For more information, refer to the OneSpan Authentication Server Administrator Guide.