How to Understand Remote Key Injection: Difference between revisions

From wizarPOS
No edit summary
Line 24: Line 24:
=== For Systems Without an Existing Host Server: ===
=== For Systems Without an Existing Host Server: ===
* Developing a remote key injection system from scratch is time-consuming and typically uncertified by PCI, making it suitable only for testing or internal use.
* Developing a remote key injection system from scratch is time-consuming and typically uncertified by PCI, making it suitable only for testing or internal use.
* WizarPOS offers a [http://ftp.wizarpos.com/advanceSDK/remotekeyinjectiondemosystem_20240117.zip demo system] for reference, including:
* WizarPOS offers a remote key injection demo system for reference, including:
** ''Terminal APP'' and ''Server Application''.
** [http://ftp.wizarpos.com/advanceSDK/cloudPOS_remote_key_injection_demo_system.pdf cloudPOS_remote_key_injection_demo_system manual], it describes the whole demo system, and the detail information for the certificates, core process.  
** Documentation:
** [https://github.com/SmartPOSSamples/InjectKeyDemo.git Terminal APP]
*** ''wizarPOS_remote_key_injection_demo_system.docx'', it describes the whole demo system, and the detail information for the certificates, core process.  
** [https://github.com/SmartPOSSamples/InjectKeyDemo.git Server Project]
*** ''Remote_Key_Inject_Deployment.docx'', it describes how to deploy and run the keyinjection jar in server.
*** ''Remote_Key_Inject_Deployment.docx'', it describes how to deploy and run the keyinjection jar in server.
* The demo uses a certificate that replaces the original terminal certificate. Download the [http://ftp.wizarpos.com/advanceSDK/InitCertForRemotekeyInject_201903131833.apk initialize certificate APK] and run it to initialize the demo certificate. [http://sdkwiki.wizarpos.com/index.php?title=How_to_Clear_Terminal_Certificates Clearing the demo certificate] is necessary after use.
* The demo uses a certificate that replaces the original terminal certificate. Download the [http://ftp.wizarpos.com/advanceSDK/InitCertForRemotekeyInject_201903131833.apk initialize certificate APK] and run it to initialize the demo certificate. [http://sdkwiki.wizarpos.com/index.php?title=How_to_Clear_Terminal_Certificates Clearing the demo certificate] is necessary after use.
'''Note:'''
'''Note:'''
While WizarPOS provides a comprehensive RKI solution, the demo system is for reference and testing purposes only. When deploying in a live environment, ensure to replace the demo certificate with a valid, secure certificate.
While WizarPOS provides a comprehensive RKI solution, the demo system is for reference and testing purposes only. When deploying in a live environment, ensure to replace the demo certificate with a valid, secure certificate.

Revision as of 07:35, 31 January 2024

PCI PIN 3.1 Certified OTA Remote Key Injection Anywhere

Overview

  • WizarPOS has developed a Remote Key Injection (RKI) system that is PCI PIN 3.1 certified, meeting the needs for secure, remote key injection.
  • This system allows customers to inject keys into their terminals remotely and securely, particularly useful for those without their own key injection systems or a secure key injection environment.

Benefits of WizarPOS RKI:

  • Enhanced Security: Prevents interception or manual manipulation of keys and data.
  • Cost-Effective: Reduces the need for personnel training and certification, lowering overall costs.
  • Scalability: Ideal for distributors or service providers needing to inject keys into multiple POS terminals at different locations.
  • PCI PIN 3.1 Approval: Ensures compliance with industry security standards.

Key Features

  • Mutual Authentication: Ensures a secure channel between devices and servers.
  • Protocol Support: Complies with TR31 and TR34 key exchange block protocols.
  • Key Type Support: Compatible with all major key types.

Remote Key Injection (RKI) solution

RKMS user manual

Developing Remote Key Injection

Integrating to Existing Host Server

  • For integrating with an existing host server, provide documentation on how the server works with the terminal side for customized agent adaptor development.
  • AIDL Interface: WizarPOS offers two terminal AIDL interfaces, as demonstrated in 'For Systems Without an Existing Host Server'.
    int importKeyInfo(in byte[] keyInfo);
    byte[] getAuthInfo();

For Systems Without an Existing Host Server:

  • Developing a remote key injection system from scratch is time-consuming and typically uncertified by PCI, making it suitable only for testing or internal use.
  • WizarPOS offers a remote key injection demo system for reference, including:
  • The demo uses a certificate that replaces the original terminal certificate. Download the initialize certificate APK and run it to initialize the demo certificate. Clearing the demo certificate is necessary after use.

Note: While WizarPOS provides a comprehensive RKI solution, the demo system is for reference and testing purposes only. When deploying in a live environment, ensure to replace the demo certificate with a valid, secure certificate.