CubeIQ Limited - Remote Key Loading

Remote Key Loading
Go to content
C u b e I Q
Enabling Technologies for Financial Services

Remote Key Loading

Remote Key Loading for eft/pos and ATM terminals is a mechanism for transferring, securely, a Terminal Master Key from a centralized cryptographic device to the ATM and eft/pos cryptographic device - Pin Pad.

ANSI Standard X9.24, Retail Key Management, VISA and MasterCard PIN security mandates and PCI require each PIN encryption device to contain a unique key.



Over the past years VISA and MasterCard security regulations indicate that Terminal Master Keys in any ATM and/or eft/pos fleet has to be:
(a) unique and
(b) change frequently

Although the "frequency" of updating TMKs it is not clearly defined, changing TMKs once per year would be considered an appropriate TMK update frequency.

On relatively small terminal fleets consisted of 100 ... 500 and up to 1.000 terminals (ATMs or eft/pos) updating manually the TMK could be feasible within one year period. In reality very few eft-pos fleets are consisted of less than 1.000 terminals. Most of eft-pos fleets (owned by a single legal entity or authorizing transactions to the same acquirer) are consisted of thousands, ten of thousands or even hundreds of thousands of terminals.

When organizations have to manage thousands of eft/pos terminals (as well as thousands of ATMs) it is not possible to update its TMK "frequently" within reasonable business time using the traditional methods and remaining PCI compliant. Moreover the cost of traditional methods is prohibiting of updating TMKs with a frequency that would cover VISA and MasterCard security regulations.

An automated, secure and PCI compliant TMK update technology should be introduced.

This technology is implemeted in CubeIQ's CIQ/RKL™ system.

CubeIQ in association with international colaborators is using PKI technology to ecrypt and transfer the new TMK to eft/pos and ATM terminals with CIQ/RKL system.

TMKs are random numbers generated inside a crypto device (HSM), encrypted with a public key, inserted into a financial message and then tranfered to eft/pos terminals.

eft/pos and ATM terminals purge the message, extract TMK encrypted value and decrypt the TMK using their own private key.

TMK is then stored inside eft/pos or ATM terminals crypto device (secure chip).
How we Differentiate

Vendor Neutral

CIQ/RKL™ is the only device vendor neutral key loading platform in the marker.

Different Device Brands

CIQ/RKL™ is the only key loading platform that supports all Tier-I ATM vendors such as NCR, Deibold, Wincor-Nixdorf, Hyosung – Nautilus and GRG International along with a number of international brands such as Tranax and Triton and a number of Serf-Service ATM dial-up terminal

Different Technologies

CIQ/RKL™ is the only key loading platform that supports Manual Keying terminals and Remote Key Loading - RKL capable terminals.

Different Device Type Keying

CIQ/RKL™ is the only key loading platform in the marker that can load keys to both eft/pos and ATM devices.
HQ: 78 Vyzantiou & Vithinia's St., 14234, Nea Ionia, Athens, Greece.
Tel:  (+30)-210-9530-242
Fax: (+30)-210-6255-672
General Inquiries: info[at]cubeiq[dot]gr
Sales: sales[at]cubeiq[dot]gr
Technical Support: support[at]cubeiq[dot]gr
Human resources: hr[at]cubeiq[dot]gr

© Copyright 2003 - 2024 CubeIQ Limited. All rights reserved.
CubeIQ Limited
CubeIQ Limited is an IT company specialized in Business Process Re-engineering, focused in the Banking and Electronic Transaction Processing Market. Our leading-edge software solutions can transform  business processes in a more efficient, more productive and cost saving way.   
Back to content