A98 Remote Key Loading Solutions
– Asymmetric Key Management System Solution
– Initial Key (Master Key) Loading
– PIN Encryption Key (PEK) loading
– PIN Validation Key (PVK) loading
Encrypting PIN Pads (EPPs) are tamper evident resistant modules (TRSMs). By design, the EPP stores a master cryptographic key and sub-keys. Dual control, split knowledge key loading has been replaced with public key cryptography for most all EPPs on the market. TSS is the leader and pioneer in asymmetric key loading and offers solutions to facilitate remote key loading of practically any EPP on the market. (including the PCI PTS 3.X EPPs that use SHA256 hash algorithms)
The most common approach is for the TSS A98 System to load the “Initial Terminal Master Key” (initial TMK) on both the EPP and on the transaction host. All other keys (sub-keys) are then encrypted by the host’s HSM and sent encrypted by the newly established TMK.
As ATM owners take back more functionality of the ATMs, or build custom self-service Kiosks with PIN pads, there’s a growing need to find an independent means to generate and establish either a “PIN Encrypting Key” (PEK) or “PIN Validation Key” (PVK) inside the EPP. Normally the transaction host would generate and distribute these sub-keys. However ATM owners and FI’s are finding it more cost effective and efficient to look elsewhere for these tasks. TSS assists you with the design, testing, and implementation of a total remote key loading solution on demand or on a schedule for your self-service devices. TSS solutions are cost effective, efficient, and compliant.
Contact TSS for current information on implementing key loading for your ATMs, kiosks, or other self-service devices.