EMV Payment Security - Merchants

EMV Payment Security - Merchants

 

Merchants are one of the corners of the ‘four corner’ model in the payment world. In what follows, we will explain some of the security mechanisms for Merchants to prevent unauthorized transactions and payment card fraud.

EMV Payment Security - Issuers

EMV Payment Security - Issuers

An issuer is one of the corners in the ‘four corner’ model. An issuer is a financial organization (e.g. a bank) that produces payment cards and allows the cardholders to use them.

EMV Payment Security - Cardholders

EMV Payment Security - Cardholders

Cardholders (or consumers) are one of the corners of the ‘four corner’ model in the payment card world. Here we take a brief look at the payment security in relation to cardholders.

An Overview of the Different Key Block Formats

An Overview of the Different Key Block Formats

A key block is a unique cryptographic structure designed to protect cryptographic keys during transport over potentially insecure networks. A team around Mohammed M Atalla invented the concept of the key block with his Atalla key block. This solved several issues created by “key variants” that were then used for transporting keys.

TR-34 Key Blocks for the TR-34 Exchange Protocol: Basic Principles

TR-34 Key Blocks for the TR-34 Exchange Protocol: Basic Principles

Among all the various key block formats, the TR-34 format is undoubtedly one of the most sophisticated formats.

The TR-34 norm is an implementation of the X9.24-2 norm. It proposes a realistic and efficient way of exchanging symmetric keys using asymmetric cryptography. This is basically a certificate-based Remote Key Loading (RKL) protocol. 

Introduction to Cryptographic Key Blocks - FAQs

Introduction to Cryptographic Key Blocks - FAQs

This article proposes answers to a series of frequently asked questions (FAQs) about key blocks.

ANSI X9.24-1-2017: Key Replacement, Destruction, and Archiving

ANSI X9.24-1-2017: Key Replacement, Destruction, and Archiving

One aspect of key management is dealing with what happens when a symmetric cryptographic key is no longer needed. The section ‘Key Replacement, Destruction and Archiving’ within ANSI X9.24-1-2017 explains what needs to happen.

Cardholder, Merchant, Issuer & Acquirer - The Four Corners Model for Payment Security and Key Management

Cardholder, Merchant, Issuer & Acquirer - The Four Corners Model for Payment Security and Key Management

The “Four Corners'' model, also called the Four Party Scheme, is utilized in almost all standard card payment systems across the globe. Here we introduce that model and explain what type of hardware security module (HSM) is needed for each of its components involved in the cryptographic process.

ANSI X9.24-1-2017:  Key Compromise

ANSI X9.24-1-2017:  Key Compromise

In a retail financial services environment, the compromise of a symmetric cryptographic key is a critical security breach. Such a situation is described by the ANSI X9.24-1-2017 standard. Here, we summarize the ANSI guidance on how to respond if a potential compromise has been identified.