Service Bureau
A98-C Card Services
  A98-P POS  
Training & Consulting


A98-P POS Overview

Providing a unique key per POS (Point Of Sale) device is a particularly difficult task due to the complexity of the key management procedures traditionally employed. Solutions currently available to load keys into POS devices generally lack the functionality required to facilitate automation in the loading of a unique key per device. For example, widely used POS software was not written to support the loading of a unique key per device and requires a restart for every device being loaded. Vendor specific key loading equipment often requires the acquisition and subsequent management of multiple diverse systems. Solutions employing public key cryptography have been proposed, but may not be compliant with applicable standards.  Also, public key solutions have a major impact on the current infrastructure and systems, usually requiring an upgrade to the host software and Host Security Module (HSM). Such changes translate into increased costs.

The A98 POS Initial Key Establishment System (A98-P) represents Trusted Security Solutions' response for an improved solution to establish unique cryptographic keys for POS devices.  The A98-P provides support for both Master Key Session Key (MKSK) or Derived Unique Key Per Transaction (DUKPT) based POS devices as well as remote key enabled devices.

The A98-POS can be used to load and manage POS keys both at a centralized facility, and at a remote location where the device is to be deployed. This innovative approach to re-keying in the field is a primary advantage of the A98-P solution.

When the POS device has the cryptographic capacity to receive a key remotely, the A98 POS can deliver this key using the manufactgurer’s remote key protocol or a protocol co-developed by TSS and the customers.  When remote key loading is not possible, a separate A98 POS system can be placed in a secure room to compliantly key different types of POS devices replacing key injection units currently in use, some of which may be noncompliant with today’s standards.


The A98-P System consists of a 2(two) 1U (7") high rack mountable system units that are network connected to the host system. The Host and the system unit need not be in close proximity. The A98-P communicates with the host using XML over TCP/IP.

The A98 POS Initial Key Establishment System has been thoroughly researched and designed with limited testing by TSS and a POS development partner.    The A98 POS relies on the fundamental operations of the A98 ATM Initial Key Establishment System in use for many years in ATMs. Please send all inquiries about the A98-P to


The A98-P Solution
Offers A Total System That:

  • Simplifies the establishment of unique keys per POS device
  • Supports both MKSK and DUKPT Key Management of POS devices
  • Supports both centralized and remote key loading
  • Supports remote key establishment by a single key custodian
  • Is fully compliant with all network operating rules and standards
  • Automates all logging functions
  • Supports all RS-232 attached POS vendor devices
  • Automates the establishment of a unique POS key per device at the host
  • Simplifies POS device deployment and inventory control
  • Includes all necessary components, documentation, installation, training and support

Trusted Security Solutions, Inc. | 704.849.0036 |

© Trusted Security Solutions, Inc. All Rights reserved in all media.