How to Understand Remote Key Injection

From wizarPOS
Revision as of 02:18, 14 January 2024 by Simon (talk | contribs) (Simon moved page Remote Key Injection to How to Understand Remote Key Injection: Normalize the title)

PCI PIN 3.1 Certified OTA Remote Key Injection Anywhere

Overview

  • WizarPOS has developed a Remote Key Injection (RKI) system that is PCI PIN 3.1 certified, meeting the needs for secure, remote key injection.
  • This system allows customers to inject keys into their terminals remotely and securely, particularly useful for those without their own key injection systems or a secure key injection environment.

Benefits of WizarPOS RKI:

  • Enhanced Security: Prevents interception or manual manipulation of keys and data.
  • Cost-Effective: Reduces the need for personnel training and certification, lowering overall costs.
  • Scalability: Ideal for distributors or service providers needing to inject keys into multiple POS terminals at different locations.
  • PCI PIN 3.1 Approval: Ensures compliance with industry security standards.

Key Features

  • Mutual Authentication: Ensures a secure channel between devices and servers.
  • Protocol Support: Complies with TR31 and TR34 key exchange block protocols.
  • Key Type Support: Compatible with all major key types.

Remote Key Injection (RKI) solution

RKMS user manual

Developing Remote Key Injection

Integrating to Existing Host Server

  • For integrating with an existing host server, provide documentation on how the server works with the terminal side for customized agent adaptor development.
  • AIDL Interface: WizarPOS offers two terminal AIDL interfaces, as demonstrated in 'For Systems Without an Existing Host Server'.
    int importKeyInfo(in byte[] keyInfo);
    byte[] getAuthInfo();

For Systems Without an Existing Host Server:

  • Developing a remote key injection system from scratch is time-consuming and typically uncertified by PCI, making it suitable only for testing or internal use.
  • WizarPOS offers a demo system for reference, including:
    • Terminal APP and Server Application.
    • Documentation:
      • wizarPOS_remote_key_injection_demo_system.docx, it describes the whole demo system, and the detail information for the certificates, core process.
      • Remote_Key_Inject_Deployment.docx, it describes how to deploy and run the keyinjection jar in server.
  • The demo uses a certificate that replaces the original terminal certificate. Download the initialize certificate APK and run it to initialize the demo certificate. Clearing the demo certificate is necessary after use.

Note: While WizarPOS provides a comprehensive RKI solution, the demo system is for reference and testing purposes only. When deploying in a live environment, ensure to replace the demo certificate with a valid, secure certificate.