|
|
| (4 intermediate revisions by 2 users not shown) |
| Line 1: |
Line 1: |
| == PCI PIN 3.1 Certified OTA Remote Key Injection Anywhere ==
| | {{Migrating|https://smartpossdk.gitbook.io/cloudpossdk/faq/key-injection/understand-remote-key-injection}} |
| === Overview ===
| |
| * WizarPOS has developed a Remote Key Injection (RKI) system that is PCI PIN 3.1 certified, meeting the needs for secure, remote key injection.
| |
| * This system allows customers to inject keys into their terminals remotely and securely, particularly useful for those without their own key injection systems or a secure key injection environment.
| |
| === Benefits of WizarPOS RKI: ===
| |
| * '''Enhanced Security:''' Prevents interception or manual manipulation of keys and data.
| |
| * '''Cost-Effective:''' Reduces the need for personnel training and certification, lowering overall costs.
| |
| * '''Scalability:''' Ideal for distributors or service providers needing to inject keys into multiple POS terminals at different locations.
| |
| * '''PCI PIN 3.1 Approval:''' Ensures compliance with industry security standards.
| |
| === Key Features ===
| |
| * '''Mutual Authentication:''' Ensures a secure channel between devices and servers.
| |
| * '''Protocol Support:''' Complies with TR31 and TR34 key exchange block protocols.
| |
| * '''Key Type Support:''' Compatible with all major key types.
| |
| === [http://ftp.wizarpos.com/advanceSDK/RemoteKeyManagementSystem.pdf Remote Key Injection (RKI) solution] ===
| |
| === [http://ftp.wizarpos.com/advanceSDK/RKMSUserManual.pdf RKMS user manual] ===
| |
| == Developing Remote Key Injection ==
| |
| === Integrating to Existing Host Server ===
| |
| * For integrating with an existing host server, provide documentation on how the server works with the terminal side for customized agent adaptor development.
| |
| * AIDL Interface: WizarPOS offers two terminal AIDL interfaces, as demonstrated in ''''For Systems Without an Existing Host Server''''.
| |
| <syntaxhighlight lang="java">
| |
| int importKeyInfo(in byte[] keyInfo);
| |
| byte[] getAuthInfo();
| |
| </syntaxhighlight>
| |
| === For Systems Without an Existing Host Server: ===
| |
| * Developing a remote key injection system from scratch is time-consuming and typically uncertified by PCI, making it suitable only for testing or internal use.
| |
| * WizarPOS offers a [http://ftp.wizarpos.com/advanceSDK/remotekeyinjectiondemosystem_20220307.zip demo system] for reference, including:
| |
| ** ''Terminal APP'' and ''Server Application''.
| |
| ** Documentation:
| |
| *** ''wizarPOS_remote_key_injection_demo_system.docx'', it describes the whole demo system, and the detail information for the certificates, core process.
| |
| *** ''Remote_Key_Inject_Deployment.docx'', it describes how to deploy and run the keyinjection jar in server.
| |
| * The demo uses a certificate that replaces the original terminal certificate. Download the [http://ftp.wizarpos.com/advanceSDK/InitCertForRemotekeyInject_201903131833.apk initialize certificate APK] and run it to initialize the demo certificate. [http://sdkwiki.wizarpos.com/index.php?title=How_to_Clear_Terminal_Certificates Clearing the demo certificate] is necessary after use.
| |
| '''Note:'''
| |
| While WizarPOS provides a comprehensive RKI solution, the demo system is for reference and testing purposes only. When deploying in a live environment, ensure to replace the demo certificate with a valid, secure certificate.
| |
