3 min read

Managing Keys for ATM Remote Key Loading using CKMS

Boris Schumperli : 23. April 2021

Key Management System Key Management Compliance IBM CCA
Managing Keys for ATM Remote Key Loading using CKMS

ATM Remote Key Loading has become a common practice in the industry. Yet managing the top-level keys to establish trust between the Host and the ATM units remains a challenge. This article describes how Cryptomathic CKMS addresses the challenges of key generation and distribution for ATM Remote Key Loading.

ATMs always feature an Encrypting Pin Pad, a so-called EPP device, which has to comply against with security requirements, namely the PCI PIN Security Requirements and Testing Procedures. This EPP unit is used to protect the PIN code entered by the cardholder from the ATM unit to the ATM Host. Symmetric keys referred to as Terminal Master Keys (TMK) are used in the ATM to protect the PIN block during the transaction. 

The ATM Remote Key Loading (ATM RKL) process consists of transporting securely these Terminal Master Keys from the Host/ATM Manager to the ATMs. Mutual-authentication of the host/ATM Manager and ATMs as well as the encryption of the Terminal Master Keys are based on asymmetric encryption, i.e. a key pair (a so called EPP Key). The encrypting pin pad (EPP) key is signed by a key entrusted by the ATM manufacturer which operates the certificate authority. Note here that some ATM manufacturers use certificates for this purpose (e.g., Diebold) while others use signatures (e.g., Wincor, NCR).

For compliance reasons, the Terminal Master Keys must be updated regularly. Most ATM vendors support Remote Key Loading protocols for this purpose, allowing to remotely update and distribute TMK keys over a proprietary protocol and ensure delivery of the payload to the ATM over a secure channel. 

But how do we solve the problem of managing and updating the asymmetric EPP keys on the Host/ATM Manager side? This can be a complex operation since most acquirers have different ATM brands (e.g. Diebold, NCR, Wincor) each handling the certificate management workflow and signatures format in a slightly different fashion.

This operation is also highly sensitive since this establishes the trust between the Host/ATM Manager and all ATMs managed for a specific brand.

 

The CKMS value proposition

The Crypto Key Management System (CKMS) can help with both:

  1. Terminal Master Key generation and
  2. EPP key pairs and signatures/certificates management and distribution

The solution offers advanced key life-cycle management for both symmetric and asymmetric keys, including certificates, and features a secure key distribution interface which allows for key material to be securely distributed to the Host or ATM Management depending of the architecture of the acquirer – which is sometimes merged into one single system (e.g., IBM mainframe). 

New Call-to-actionIn short, CKMS helps secure the crypto payload required for ATM RKL – the delivery of such payload being based on mechanisms in the ATM management system which implement ATM vendor specific transport protocol to push the generated keys to the ATM EPP.

In the case of the IBM Mainframe, CKMS will generate the public key data set (PKDS) files for RSA key pairs and cryptographic key data set (CKDS) files for Terminal Master Keys.

CKMS implements certificate workflow management for the main ATM vendor CAs. Key Custodians can therefore generate a key pair from CKMS and request certificates to Wincor, Diebold or NCR in the appropriate formats and receive certificates in return. Also, an ATM Vendor’s CA certificates can be imported into CKMS for validation of the received certificates. 

Figure-1-Integration-between-CKMS-and-ATM-Manager

Figure 1: Integration between CKMS and the ATM Manager

The procedure for this is depicted in Figure 1:

  1. The CKMS key custodians create an asymmetric key pair within the CKMS HSM. 
  2. The CKMS key custodians export a certificate request bound to a specific vendor CA. This certificate request is sent to the ATM vendor CA (offline in an email or similar) 
  3. After the CA has created a certificate from the certificate request the CKMS key custodians receive the certificate/signature and import it into the CKMS.
  4. The private key and the certificate are pushed securely to the Host / ATM Manager in the appropriate format. The private key is stored within the Host HSM and the certificate is kept.
  5. For every authentication process between the Host and any ATM, the Host or ATM signs some data with the private key and sends these together with the certificate or signature depending on the supported method to the other party.

Usability and Auditability

When designing CKMS, we have paid particular attention to usability, automation and audit compliance.New Call-to-action

To this extent, CKMS implements a state model and allows for key life-cycle management, from pre-defined templates to key generation, key push and key update. This allows for key ceremonies and life-cycle management to be made seamlessly using the same procedures for the different ATM vendors.

CKMS administrators log in using PIN and smart cards and the configurable role management allows for separation of duties and dual control for sensitive operations.  All actions are logged in a tamper evident database and it is therefore easy to demonstrate compliance during an audit.

 

Conclusion

Cryptomathic CKMS offers a compelling solution for handling the top-level EPP keys and certificates/signatures required for ATM Remote key loading as well as Terminal Master Key generation. Our solution is ATM vendor agnostic (Diebold, NCR, Wincor, etc.) and can integrate with any Host or ATM Manager. 

Beyond this use case, CKMS may naturally be used to manage virtually any other keys in your environment such as authorization keys, PIN transport keys, encryption keys and so on.

 

Read White Paper

References and further reading