How to Understand Remote Key Injection: Difference between revisions
No edit summary |
|||
Line 1: | Line 1: | ||
== PCI PIN 3.1 Certified OTA Remote Key Injection Anywhere == | == PCI PIN 3.1 Certified OTA Remote Key Injection Anywhere == | ||
In order to meet the needs of customers for remote key injection, we have developed a remote key injection system and passed PCI authentication. Customers can directly use this system to inject keys into their terminals. For customers who do not have their own key injection system and do not have a secure environment for key injection, we recommend using WizarPOS RKI. | |||
The WizarPOS Remote Key Injection (RKI) solution turbocharges data encryption in a hassle-free and cost-effective manner. Remote Key Injection is a process for the secure transfer of encryption keys between a payment terminal and a remote server. Compared to its on-premises counterpart, RKI prevents keys or data from interception or manual manipulation. It is also scalable when a distributor or service provider injects keys to unlimited POS terminals in different locations. In addition, RKI eliminates personnel training and certification costs. | The WizarPOS Remote Key Injection (RKI) solution turbocharges data encryption in a hassle-free and cost-effective manner. Remote Key Injection is a process for the secure transfer of encryption keys between a payment terminal and a remote server. Compared to its on-premises counterpart, RKI prevents keys or data from interception or manual manipulation. It is also scalable when a distributor or service provider injects keys to unlimited POS terminals in different locations. In addition, RKI eliminates personnel training and certification costs. | ||
* WizarPOS RKMS allows you remote key injection of your devices. | * WizarPOS RKMS allows you remote key injection of your devices. | ||
Line 8: | Line 9: | ||
=== [http://ftp.wizarpos.com/advanceSDK/RemoteKeyManagementSystem.pdf Remote Key Injection (RKI) solution] === | === [http://ftp.wizarpos.com/advanceSDK/RemoteKeyManagementSystem.pdf Remote Key Injection (RKI) solution] === | ||
=== [http://ftp.wizarpos.com/advanceSDK/RKMSUserManual.pdf RKMS user manual] === | === [http://ftp.wizarpos.com/advanceSDK/RKMSUserManual.pdf RKMS user manual] === | ||
== | == Developing Remote Key Injection == | ||
=== | === Integrating to existed host server === | ||
==== Agent | ==== Agent Adaptor ==== | ||
Please provide the document about how it works with terminal side. Then we can develop and provide the agent adaptor. | Please provide the document about how it works with terminal side. Then we can develop and provide the agent adaptor. | ||
==== AIDL | ==== AIDL Interface==== | ||
We have provided two terminal AIDL interfaces. Please refer to that demo system in [[No existed host server]], which provides detailed instructions on how to call these two interfaces. | |||
<syntaxhighlight lang="java"> | <syntaxhighlight lang="java"> | ||
int importKeyInfo(in byte[] keyInfo); | int importKeyInfo(in byte[] keyInfo); | ||
byte[] getAuthInfo(); | byte[] getAuthInfo(); | ||
</syntaxhighlight> | </syntaxhighlight> | ||
=== No host server === | === No existed host server === | ||
If | If developing a remote injection key system from scratch, both the server and terminal injection applications need to be developed simultaneously, which will be a very time-consuming task. Moreover, the developed system has not been certified by PCI and can only be used for testing or internal use. Therefore, it is recommended to use a WizarPOS Remote Key Injection. But we also provide a [http://ftp.wizarpos.com/advanceSDK/remotekeyinjectiondemosystem_20220307.zip demo system] that can be used as a reference for development needs. | ||
In the demo system zip package includes: | |||
''Terminal APP'' | ''Terminal APP'' | ||
Line 32: | Line 34: | ||
''Remote_Key_Inject_Deployment.docx'', it describes how to deploy and run the keyinjection jar in server. | ''Remote_Key_Inject_Deployment.docx'', it describes how to deploy and run the keyinjection jar in server. | ||
* '''In | * '''In the demo system, we use the demo certificate, so download the [http://ftp.wizarpos.com/advanceSDK/InitCertForRemotekeyInject_201903131833.apk initialize certificate APK] and run it to initialize the demo certificate.''' | ||
Note | Note: the demo above will replace the original certificate of the terminal. When you no longer need demo, you need to [http://sdkwiki.wizarpos.com/index.php/How_to_clear_terminal_certificate clear the demo certificate]. |
Revision as of 08:43, 11 September 2023
PCI PIN 3.1 Certified OTA Remote Key Injection Anywhere
In order to meet the needs of customers for remote key injection, we have developed a remote key injection system and passed PCI authentication. Customers can directly use this system to inject keys into their terminals. For customers who do not have their own key injection system and do not have a secure environment for key injection, we recommend using WizarPOS RKI. The WizarPOS Remote Key Injection (RKI) solution turbocharges data encryption in a hassle-free and cost-effective manner. Remote Key Injection is a process for the secure transfer of encryption keys between a payment terminal and a remote server. Compared to its on-premises counterpart, RKI prevents keys or data from interception or manual manipulation. It is also scalable when a distributor or service provider injects keys to unlimited POS terminals in different locations. In addition, RKI eliminates personnel training and certification costs.
- WizarPOS RKMS allows you remote key injection of your devices.
- WizarPOS RKMS is PCI PIN 3.1 approved.
- All devices and servers are connected in mutual authenticated secure channel.
- Support TR31 and TR34 key exchange block protocol.
- Support all major key types.
Remote Key Injection (RKI) solution
RKMS user manual
Developing Remote Key Injection
Integrating to existed host server
Agent Adaptor
Please provide the document about how it works with terminal side. Then we can develop and provide the agent adaptor.
AIDL Interface
We have provided two terminal AIDL interfaces. Please refer to that demo system in No existed host server, which provides detailed instructions on how to call these two interfaces.
int importKeyInfo(in byte[] keyInfo);
byte[] getAuthInfo();
No existed host server
If developing a remote injection key system from scratch, both the server and terminal injection applications need to be developed simultaneously, which will be a very time-consuming task. Moreover, the developed system has not been certified by PCI and can only be used for testing or internal use. Therefore, it is recommended to use a WizarPOS Remote Key Injection. But we also provide a demo system that can be used as a reference for development needs.
In the demo system zip package includes:
Terminal APP
Server Application
Documents:
wizarPOS_remote_key_injection_demo_system.docx, it describes the whole demo system, and the detail information for the certificates, core process.
Remote_Key_Inject_Deployment.docx, it describes how to deploy and run the keyinjection jar in server.
- In the demo system, we use the demo certificate, so download the initialize certificate APK and run it to initialize the demo certificate.
Note: the demo above will replace the original certificate of the terminal. When you no longer need demo, you need to clear the demo certificate.