- Centralized and secure key storage
- Detailed key inventory
- Manages unlimited Key Encryption Keys (KEKs)
- Single & double length Master/Session keys
- Ability to update the SMK for periodic key rotation
- POS key erasure functionality to clear production keys from POS devices prior to transporting
- Supported keys include:
- Double & triple-length TDES keys
- 128, 192 & 256-bit AES keys
- DUKPT for PIN
- DUKPT for PAN/Data
- DUKPT for MAC
The KeyBRIDGE Point of Interaction (POI) platform is a vendor agnostic solution that performs both DUKPT and MK/SK key injection for payment terminals and peripheral devices. This use case supports compliant key injection for devices that must be managed in a secure facility where physical access controls are relied upon for the establishment of a new key that has no other basis for trust, other than the dual control, split knowledge, and chain of custody achieved through external process and procedure.
Full support for all key types, including but not limited to DUKPT (PIN, MAC, or Data), standard E2E keys, KEKs, Master Session methods as well as alternative derivation techniques. The platform streamlines key injection operational efficiency while automatically capturing all relevant audit log details that can be exported and validated with ease, further reducing overhead associated with audit cycles. KeyBRIDGE is now deployed to support key injection for both TDES DUKPT as well as AES DUKPT.