|
|
(One intermediate revision by one other user not shown) |
Line 1: |
Line 1: |
| == Description ==
| | {{Migrating|https://smartpossdk.gitbook.io/cloudpossdk/faq/key-injection/understand-dukpt}} |
| * DUKPT is a key management method that generates a unique key for each transaction, ensuring the security of transaction-originating TRSMs (Transaction-Related Security Modules).
| |
| * It is designed to prevent the disclosure of any past keys used in transactions.
| |
| * The unique Transaction Keys are derived from a base derivation key, using non-secret data transmitted as part of each transaction.
| |
| == Key Features of DUKPT ==
| |
| * '''Secure Transaction Processing:''' Allows the encryption process to be decentralized from devices holding the shared secret.
| |
| * '''Derived Keys for Each Transaction:''' Utilizes derived keys for encryption, which are not reused post-transaction, enhancing security.
| |
| * '''Widespread Application:''' Commonly used in electronic commerce transactions, especially for encrypting PIN information in POS (Point-Of-Sale) devices.
| |
| * '''Key Management Technique:''' DUKPT is not an encryption standard but a technique for managing keys.
| |
| * '''Distinct Transaction Keys:''' Ensures each transaction has a unique key, separate from others.
| |
| * '''Security of Past and Future Keys:''' If a current key is compromised, previously and subsequently used keys remain secure.
| |
| * '''No Interactive Key Agreement:''' Avoids the need for originators and receivers of encrypted messages to perform an interactive key-agreement protocol.
| |
| == Support in PINPad ==
| |
| * Our internal PINPad supports three types of DUKPT keys: PIN key, MAC key, and data key. Each key type is used to encrypt different types of data.
| |
| == Key Injection and Usage ==
| |
| * '''Key Injection:''' For information on injecting DUKPT keys, refer to [[How to Remotely Inject Test Keys (Master Key or DUKPT Key) into a Terminal]] or [[How to Use TMK Delivery System for KeyLoader POS and Master POS]].
| |
| * '''Usage in SDK:''' Details on using DUKPT keys are available in our SDK, particularly in the description of the PINPad.
| |
| * '''Demo App:''' A [http://ftp.wizarpos.com/advanceSDK/DukptDemo.zip dukpt demo application] is available for download to demonstrate practical usage.
| |