The “Four Corners” model, also called the “Four Party Scheme”, is utilized in almost all standard card payment systems across the globe. Here, we talk about that model and explain what kind of hardware security module (HSM) is needed for each of its components involved in the cryptographic process.
Among all the various key block formats, the TR-34 format is undoubtedly one of the most sophisticated.
The TR-34 norm is an implementation of the X9.24-2 norm. It proposes a realistic and efficient way of exchanging symmetric keys using asymmetric cryptography. This is basically a certificate-based Remote Key Loading (RKL) protocol.
Merchants are one of the corners of the ‘four corner’ model in the payment world. In what follows, we will explain some of the security mechanisms for Merchants to prevent unauthorized transactions and payment card fraud.
An issuer is one of the corners in the ‘four corner’ model. An issuer is a financial organization (e.g. a bank) that produces payment cards and allows the cardholders to use them.
A key block is a unique piece of cryptography that is used to protect cryptographic keys while they are being sent over networks that might not be secure. A team around Mohammed M. Atalla invented the concept of the key block with his Atalla key block. This solved several issues created by “key variants” that were then used for transporting keys.
Cardholders (or consumers) are one of the corners of the ‘four corner’ model in the payment card world. Here we take a brief look at the payment security in relation to cardholders.
One aspect of key management is dealing with what happens when a symmetric cryptographic key is no longer needed. The section ‘Key Replacement, Destruction and Archiving’ within ANSI X9.24-1-2017 explains what needs to happen.
The ANSI X9.24-1-2017 standard defines the requirements for the loading of key components or shares, and the loading of cleartext keys. The loading of encrypted keys is described in other parts of the standard.
The PCI Council requires most actors of payment networks to implement ANSI X9.24/TR-31-compliant key blocks to wrap and securely transmit, transfer, or translate key or PIN codes.
