How to Understand Remote Key Injection

From wizarPOS
Revision as of 08:06, 11 September 2023 by Mahong (talk | contribs) (Created page with "== PCI PIN 3.1 Certified OTA Remote Key Injection Anywhere == The WizarPOS Remote Key Injection (RKI) solution turbocharges data encryption in a hassle-free and cost-effecti...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

PCI PIN 3.1 Certified OTA Remote Key Injection Anywhere

 The WizarPOS Remote Key Injection (RKI) solution turbocharges data encryption in a hassle-free and cost-effective manner. Remote Key Injection is a process for the secure transfer of encryption keys between a payment terminal and a remote server. Compared to its on-premises counterpart, RKI prevents keys or data from interception or manual manipulation. It is also scalable when a distributor or service provider injects keys to unlimited POS terminals in different locations. In addition, RKI eliminates personnel training and certification costs.
  • WizarPOS RKMS allows you remote key injection of your devices.
  • WizarPOS RKMS is PCI PIN 3.1 approved.
  • All devices and servers are connected in mutual authenticated secure channel.
  • Support TR31 and TR34 key exchange block protocol.
  • Support all major key types.

Remote Key Injection (RKI) solution

RKMS user manual

Develop remote Key Injection

Integrated to existed host server

Agent adaptor

Please provide the document about how it works with terminal side. Then we can develop and provide the agent adaptor.

AIDL API

The terminal provided the two apis, detail information, please refer to No host server.

    int importKeyInfo(in byte[] keyInfo);
    byte[] getAuthInfo();

No host server

 If develop from starting, need develop server and terminal injection apk, here is a demo system, but it is only a demo system, don't suggest to use it directly.

The zip package includes:

Terminal APP

Server Application

Documents:

wizarPOS_remote_key_injection_demo_system.docx, it describes the whole demo system, and the detail information for the certificates, core process.

Remote_Key_Inject_Deployment.docx, it describes how to deploy and run the keyinjection jar in server.

  • In our demo system, we use the demo certificate, so download the initialize certificate APK and run it to initialize the demo certificate.

Note that the demo above will replace the original certificate of the terminal. When you no longer need demo, you need to clear the demo certificate.