A98 Key Lock Box (Key Decomposition) System
Paper components are widely used in the electronic payments industry to create and distribute cryptographic keys. After use, the treatment of paper components must be formally documented, tracked and stored in such a way to maintain integrity of control by individual key custodians. (*See PCI PIN Security Requirement v2 Control Objective 6 below.)
The A98-Key Lock Box System (A98-KLB) eliminates the need for storing paper components and resolves the drama related with lost components. (Trust us, if someone loses or misplaces lost components, there will be drama). When a set of components is required for a given key, a cryptogram of the key serves as the input to the decomposition process. The A98-KLB produces 2 or 3 components, which are then sent to a secure printer. The printed form moves unobserved from the printer directly to the attached folder-sealer to produce tamper evident Comvelope-like documents. Once opened by a custodian, the components are used and destroyed. The A98-KLB provides “Components on Demand” – an industry first.
For more information on how the A98-Key Lock Box can help your organization maintain compliant key management and storage, contact info@trustedsecurity.com.
* PCI PIN Security Requirement v2 Control Objective 6, Requirement 24-2.3 states “Key components for keys other than the HSM MFK that have been successfully loaded and confirmed as operational must also be destroyed unless the HSM does not store the encrypted values on a DB but only stores the subordinate keys internal to the HSM.”