Keep cardholder’s PIN safe with AES DUKPT encryption
AES DUKPT becomes the new standard for improved data protection at POS systems. Sensitive transaction data processed in the payment network require a high-end level of security to withstand fraudulent attacks. In a new version of the PIN Security standard document, the PCI Security council announced changes in encryption methods that POS vendors must implement to process transaction data online such as cardholder’s PIN.
TDES, widely used in the payment industry, is considered as a weakened technique of PIN encryption to face the threats of elaborated fraud attempts. According the document, TDES PIN encryption will be disallowed to the benefit of AES cryptographic algorithm.
AES enhances encryption robustness, as compared to TDES. It offers a larger set of secret keys (from 128 to 256 bits), that can be generated during the whole lifespan of the terminal.
The combination of AES cryptographic algorithm and DUKPT (Derived Unique Key Per Transaction) key management scheme provide an upper level of protection for transaction data.
The challenge for terminal manufacturers is to develop innovative and convenient payment solutions for merchants and consumers, while complying with state-of-the-art technologies and the latest security standards.
At the forefront of data integrity challenges and software-based security, Alcinéo has already developed AES DUKPT key encryption solution for our customers’ secure payment solutions in transit, retail or mPOS environments.
The modular approach of our PCI logical package allow them to obtain customized PCI PTS compliant products, according their needs and supporting the most advanced security requirements in the payment landscape.
Do not hesitate to require further information on our PCI PTS POI package at : firstname.lastname@example.org.
The full set of documents on PIN security requirements is available on PCI Security Standard website : www.pcisecuritystandards.org.