Encryption keys are vital to the secure operation of payment acceptance devices. But key transport protocols have not kept pace with the movement toward standardized encryption practices. This adds cost and complexity to payment infrastructure and processes.
Encryption keys for payment terminals are managed from host security modules (HSMs), typically within payment gateways. Updates to encryption on those payment devices can be loaded either remotely or by direct injection at the site of deployment. Currently, the industry standard key transport protocols only support the outdated 56-bit Data Encryption Standard (DES) and Triple DES (TDES).
With today’s powerful computing resources, DES/3DES is no longer considered sufficient to withstand brute force hacking attacks. The government and industry are well on the way to migrating to the Advanced Encryption Standard (AES), which provides for more robust encryption protocols using 128 bits (AES-128) and 256 bits (AES-256) formats.
Without going into depth on technical issues, the loading of encryption keys from HSMs to payment devices today represents a mishmash of processes that creates complexity for payment processors and merchants. For example, a bank using its HSM for loading ATM encryption keys has to rely on different methods for payment terminals.
Verifone and GEOBRIDGE hope to drive industry standards for key transport protocols across HSM and terminal vendors throughout the industry to further reduce complexity of payments and to promote and enable security best practices such as unique Key Per Terminal, Regular Key Rotation, and PCI P2PE Compliant Point to Point Encryption.
The two companies have submitted to American National Standards Institute (ANSI) committees an update to commonly used encryption key transport protocols ANSI TR-31 and TR-34 that would standardize both remote and direct key injection protocols to support AES-128 and AES-256 based encryption keys and ECC based authentication protocols. In addition to symmetric AES key support, the protocol updates also include features to support the remote transport of stronger, asymmetric RSA and ECC keys to the Payment Terminal via common networks.
As the world becomes increasingly connected, payment devices with more and more be remotely managed from host systems. The effort to upgrade key transport protocols, which Verifone has shared with both partners and competitors, is an important step at protecting the payment environment of the future.
Rob McMillon is vice president of product security for Verifone.