CubeIQ Limited | Products | Enterprise Applications | Key Management

A98-P™

EFT/POS Unique Key Establishment System

A98-P™ Remote On Site Operation
	The Key Injection Unit (KIU) is also capable of having one person compliantly establish a new key with a PIN pad while at a remote field location. A98-P™ supports fully compliant single custodian remote location key establishment for both Master Key Session Key (MKSK) and Derived Unique Key Per Device (DUKPT) eft/pos devices.
	Master Key Session Key (MKSK)
		A key custodian loads one key component into the KIU at the central repair depot, and this key component remains persistent in the KIU. The Persistent Key Component (PKC) remains in the KIU and is used for all subsequent key injections. A second key component is loaded into the KIU at the time a device is to be injected. A Comvelope is used as the source of the second key component. The second component is exclusive OR'd (XOR) with the PKC to form a new key for the target PIN pad. The KIU injects the newly created key into the target PIN pad. The FSR calls the A98-P™ VRU and reports the Comvelope ID, PIN pad ID, the store and lane (optional, only for deployments in a multi-lane environment) and the terminal number (or the terminal ID or the terminal serial number, whichever number the specific environment uses to identify an eft/pos terminal). The A98-P™ System Unit sends an ISO-8585 message to the host system enabling the update of the PIN pad key on the POS database.
	Derived Unique Key Per Device (DUKPT)
		A large number of initial DUKPT keys are derived by the A98-P™ System Unit and loaded into the KIU along with the corresponding Key Serial Numbers (KSN). At the remote location, the FSR connects the device to the KIU and a KSN and an initial key are injected into the device. The KSN and the Physical Serial Number (or the terminal ID or the terminal number, whichever number the specific environment uses to identify an eft/pos terminal) of the newly injected device are reported to the A98-P™ System Unit using the VRU. The A98-P™ System Unit sends an ISO8583 message to the host system to report the new KSN for the Physical Serial Number device.

Return