 |
|---|
Overview of A98's Service Bureau
Trusted Security Solutions (TSS) offers a Service Bureau for the management of initial ATM keys for organizations with a modest number of ATMs.
The Service Bureau Customer registers his ATMs by providing the ATM manufacturer and model along with a unique identification number and the type of key management employed by the ATM. Comvelopes are purchased from TSS in quantities of 100. The Customer's servicers load the contents of the Comvelopes into ATMs as required and place a phone call to the A98 located at TSS in Charlotte, North Carolina. The servicers report the ATM ID and Comvelope ID. The A98 retrieves the contents of the Comvelopes within the Tamper Resistant Security Module (TRSM) and creates the same key that was just loaded into the ATM. A unique Key Encrypting Key (KEK) is shared between each Service Bureau Customer and TSS encrypts the just loaded ATM key under that particular KEK. The A98 sends this cryptogram and the ID of the ATM to the Customer. The information in the message is extracted and entered into the database of the Host ATM Software package. This process could be manual or automated. Each time the A98 Service Bureau is used, a new unique key is established in that ATM in a fully compliant manner.
Service Bureau Description
1. Establish the KEK - A Key Encrypting Key (KEK) is established between TSS and the Customer using manual key management methods. TSS will generate this KEK and send the components to the key custodians designated by the Customer. This KEK is generated as three (3) double length (112 bits) components and is printed directly into tamper evident envelopes. The three components are sent to each of the three key custodians using three separate express couriers. The ATMs will also be registered at this time. The ATM vendor and model, the type of key management as well as a unique numeric identifier, is established for each ATM. The Servicer IDs and their initial Access Codes will also be established at this time.
2. Print and Distribute the Comvelopes - TSS will generate and print the Comvelopes. A Single ADMIN role can generate the Comvelopes and the Cipher Key to protect them, but two (2) TSS key custodians are required to enter their passwords to emit the Comvelopes to the printer. The printed Comvelopes exit the printer attached to the TSS A98 face down. None of the contents of any Comvelope are visible. The face down Comvelopes are taken to the pressure sealer under dual custodianship and sealed on the Moore PS-5 pressure sealer. The contents of the Comvelopes are encrypted by the cipher key and copied to a diskette. The Cipher key is encrypted by the KEK established in 1 above and the cryptogram copied to the diskette. The Cipher Key and Comvelope contents are imported into the TSS A98 by a TSS ADMIN role. The physical Comvelopes are packaged together and sent to the Customer. The customer then distributes the Comvelopes to the various ATMs or to the appropriate staging locations.
3. Load Key into ATM - When it is time to load an initial key into an ATM, two people selected by the Customer each select a Comvelope at random from the population of Comvelopes. The first person inspects the Comvelope for any signs of tampering. If it has not been tampered, the Comvelope is opened and the contents loaded into the ATM following the manufacturer's instructions. If the ATM reports the Key Check Value (KCV), this person then verifies that the KCV corresponds to the one printed in the Comvelope.
4. Report the Terminal ID and Comvelope ID - The first person calls the TSS A98 and enters their Servicer ID and Access Code. After verification, the Servicer is invited to enter the ATM ID and Comvelope ID. The A98 reports the KCV back via the IVR and the first person verifies the KCV is as expected.
5. The Second Servicer - A second person selects a Comvelope at random from those available and repeats steps 3 and 4. At this point, a unique key has been established in the ATM. That same key now exists on the A98 encrypted under the KEK shared with the Customer.
6. Cryptogram of ATM Keys are sent to the Host - The TSS A98 formats an E-mail message containing the ATM ID, the cryptograms of the ATM keys just established and the Key Check Values for the KEK and the newly established ATM Keys. The E-Mail message is sent to the Customer.
7. The Customer receives the E-Mail message - The E-Mail message is received at the Customer and is processed to parse out the Terminal ID, the Cryptograms of the ATM keys and the KCV's. The ATM keys must be translated from encryption under the KEK to encryption under MFK. For an HSM that implements the Atalla architecture, a CMD 13 - Translate Working Key for Storage - is used. Thales and other HSMs have similar commands for translation.
8. Enter the information into the Host ATM Software - A manual process can be used to enter the cryptograms and ATM ID information into the Host ATM Software. Alternatively, the process may be automated.
9. A New PIN Encryption Key is sent to the ATM - After the ATM reconnects, most ATM software packages will send a new PIN encryption key to the ATM encrypted by the ATM key that was just established and normal operations resume.
Related documents:
A98 Service Bureau Guide (PDF 237kb)
| Home | ATM Solutions | Other Products and Solutions | Resources | About Us | Contact Us |
| Legal Notice | Site Map | Privacy Statement |
Trusted Security Solutions, Inc. | 704.849.0036 | info@trustedsecurity.com
© 2011 Trusted Security Solutions, Inc. All Rights reserved in all media.
