Host Connection
User Interface
Automated Features
A98-D & MultiVendor Middleware


The A98 implements Remote Key (public key) technology using the same “non-intrusive” philosophy as was used for conventional single and triple DES symmetric key technology. When a new key is needed for a Remote Key enabled ATM, the host system passes the Remote Key request to the A98 and all of the cryptography is handled within the A98 system. With the A98-D Direct Connect, the A98 can communicate directly with the ATM and remote key the ATM. With modifications made to the host terminal handler, the host passes XML messages to the A98-R so that the A98 can rekey the ATM.

The A98-R implements Diebold's and Triton’s Certificate Based Protocols (CBP), and NCR, Wincor, Nautilus Hyosung, and GRG's Signature Based Protocol (SBP). Other remote key protocols will be provided in future releases as they become publicly available.

Initialization Phase
1. A prerequisite for using Remote Key is for each customer to generate a set of keys or certificates that will be “signed” by a Certificate Authority or Trust Authority. In the case of Diebold, the Certificate Authority is Identrus or Symantec. For Triton, the CA is Verisign®. NCR, Wincor-Nixdorf, Nautilus Hyosung, and GRG have in-house Trust Authorities. The A98-R guides the A98 Administrator and Key Custodians through public key creation and export. The data is sent securely to the CA or TA. Once signed, the public key or certificate signatures are returned and imported into the A98. The ATM EPPs obtain their signed public keys or certificates during the manufacturing process before being installed in ATMs.

2. To establish a new or replacement key in a Remote Key enabled ATM, depending on the ATM and the host software platform, Remote Key requests can originate from the terminal, a telephone, the A98, or an application within the host software.

Mutual Authentication
3. With public and private key pairs now present in the A98 and in the ATM's EPP, mutual authentication can be initiated with message exchanges from the A98-R to the EPP.

4. The ATM sends the EPP serial number to the A98-R encrypted by its public key or certificate. The A98 verifies the message and sends a message back to the EPP encrypted by its public key or certificate.

Key Delivery
5. With mutual authentication successfully completed, the host receives a request to deliver a new terminal master key to the EPP.

6. The A98-R receives the key request and generates a random terminal master key and encrypts it with the public key of the EPP and “signs” the new TMK message. This message is sent to the EPP. The EPP verifies the signature, decrypts the new terminal master key, and stores the key.

7. If the dialogue has been successfully completed, the EPP sends a notification back to the host that it has loaded the new terminal master key including a Key Check Value (KCV) of the new key. If the terminal key load is unsuccessful, an appropriate error message will be returned to the host.

8. Upon receiving a “successful” terminal master key load message from the EPP with the correct KCV, the host will establish the new TMK in the key database.

* If the A98-D is used, communication to the EPP during the rekey process is directly to the A98. Some other configurations have the host receiving the data from the ATM and acting as a “pass through” to the A98-R. In this general description of the A98 Remote Key Loading process, we use the term “host” or A98-R interchangeably as a target for dialogue to and from the EPP.

Related documents:
Remote Key Brochure (PDF 748kb)
Remote Key Brochure En Español (PDF 704kb)


Trusted Security Solutions, Inc. | 704.849.0036 |

© Trusted Security Solutions, Inc. All Rights reserved in all media.