eft transaction security april-2007
TRANSCRIPT
EFT Transaction Security (EFTSec)A Secure Transaction Solution for EDC Transaction
Introduction
• Recent trend in the electronic payment industry showed an increased level of credit card fraud sophistication:
– “Skimming”› Handheld readers› Embedded device in terminals
– “Wiretapping” : the illegal installation of monitoring devices on telephone lines to extract or view credit/debit card information from the terminals’ data traffic
How does Skimming work ?
Skimming by Clerks at the Merchant Locations
Skimming During the Data Capture and Transmission Process
Handheld readers
Embedded device in terminals
How does Wiretapping work ?
The method obtains Transaction information (e.g. Track 2, CVV) from one terminal
How does Wiretapping work ?
The method obtains Transaction information (e.g. Track 2, CVV) from many terminal
Payment transactions sent in the clear
Introduction
• Current payment transactions are sent in the clear, making it possible for technically-savvy criminals to easily intercept sensitive information in the middle of the transaction transport
Terminal
TelcoNetwork Service
NAC
HostProcessor
Defense Against Skimming and Wiretapping
Hide the payment transaction information of terminal request transactions
Hide the payment transactions
Terminal
TelcoNetwork Service
NAC
HostProcessor
Methods: Hide Transaction Data
•Scramble the data– Fix formula and key to scramble
transaction data– Easy to break and get the data
•Encrypt the data– Standard DES or Triple DES– Same logic as Debit Transaction– Encrypt specific Field or whole massage
Encryption the transaction solution
Terminal
TelcoNetwork Service
NACHostProcessor
Encrypt transaction data Clear transaction data
Encryption the transaction solution
Terminal
TelcoNetwork Service
NACHostProcessor
Encrypt transaction data
SecurityProcessor
Clear transaction data
Hypercom Solutions:
Propose Two solutions
1. EFTSec® Network
–Encryption upto Network layer
2. EFTSec® Application
–Encryption upto Adaptive layer
Hypercom EFTSec®
• A secure solution to prevent “wiretapping” fraud– Allow all or a portion of the transaction data from a terminal
request message to be encrypted
• Design to be secure and less intrusive for implementation in an existing operating environment– No Host or host application changes required
• Support mix of EFTsec and non-EFTsec transactions– DES and 3DES encryption used
Hypercom EFTSec®
• Support multiple encryption keys with unique addressability for each acquirer
• Open standard solution available to other terminal vendors
EFTSec® Network Solution
EFTSec® Network Solution
A key index number (KIN) is used to associate mutltiple encryption keys with each acquirer
A key index number (KIN) is used to associate mutltiple encryption keys with each acquirer
Enhanced TPDU + encrypted transaction
Standard response in the ‘clear’
Standard transaction request
Standard transaction response
Dial port decryptstransaction using key
identified in theenhanced TPDU
TelcoNetwork Service
EFTSec® Network Components
1. Dial access port with encryption/decryption capability
2. HypercomView EFTsec Key Management System
3. Terminal application to support data encryption– Terminal SW development required
4. Terminal key management and key load system– Hypercom terminal uses the
Hypercom Key Loading and Management (HKLM)
• Proofed technology for secure dial access solution• Faster transaction processing time• No bottle-neck and Scalable• Support mix of non-EFTSec and EFTSec transaction• Open standard available for other terminal vendors
Summary: EFTSec® Network
EFTSec® Application Solution
EFTSec® Application
• A secure solution to prevent “wiretapping” fraud• Design to be secure and less intrusive for
implementation in an existing operating environment– No host & host application changes required– No Network changes required
• Support unique encryption key:– Unique key for each acquirer– Unique key for each terminal
• Available for terminal key management and key load• Open standard solution available for
other terminal vendors
EFTSec® Application Features
• Transaction encryption– Specific field encryption– Whole message encryption
• Highly Scalable and support Load sharing– Reduce bottleneck problem– Increase reliability, not to rely on single processor
• Support all access network and media– Dial up and Leased line– IP and GPRS
• Proven high performance:– Benchmarked at 100 TPS/processor
Terminal
TelcoNetwork Service
NACHostProcessor
Encrypted transaction data EFTSecSecurity
Processor
Clear transaction data
Standard transaction request
Clear transaction data
Standard transaction response
Architecture of EFTSec® Solution
Bank Host
Transaction fromExisting EDC Network
Non Secure
Transaction
SwitchingNAC
EFTSec® Network Configuration
EFTSec Secure Processor
TCP/IP
HSM HSM
Encrypted
Transaction
Normal
Transaction
Bank Host
Non Secure
Transaction
SwitchingNAC
EFTSec® Network Configuration
Existing EDC Network
Application 1(Credit Host)
Credit Debit Other
Secure Terminal
Application 2(Debit Host)
ExistingSwitchingNAC
EFTSec Secure Processor
Ethernet LAN TCP/IP
HSMKMSTLES
HSMKMSTLES
Concentration NAC
Encrypted
Transaction
Normal
Transaction
1
2
Application 3(e.g. Fleet, MCC, EPP)
Secure Acquire
3
4
TMKTWK
EFTSec® System Applications
EFTSec System: consists of the following components:
• Key Management System• Terminal Line Encryption system• Hardware Security• POS Terminal
Key Management Module
•Function of the Key Management Module – Key Generation– Encrypting Key and Store– Support Hardware Security Module (HSM) to
encrypt and store Local Master Key (LMK)– Support encryption keys export/import
operations.– POS terminal encryption key download
Terminal Line Encryption Module
• Terminal Line Encryption Module– Message validation and decryption– Message regeneration and routing for Host authorization
processing– Support Multiple encryption algorithms, DES, 3DES, AES.– Support MAC message authentication
• Field encryptedo Field 2, Primary Account Number (PAN)o Field 14 , Card Expiration Dateo Field 35 , Track II data
Terminal Line Encryption Module
• HSM (Hardware Security Module) Secure and store Local Master KeyG enerate all other master key and working key Support Decrypt/Encrypt message data
• POS Terminal Support Key downloading and storing keys. Support sensitive data fields encryption/decryption Support MAC generation & validation processing. - Support multiple secure and non secure acquirer function,
Key Components
•Key Encryption Key (KEK)– Individual key generated by Acquire, Vender.– Use for TMK Downloading during the terminal
installation process.
•Terminal Master Key (TMK)– Protected online Terminal Working Key– Stored in the terminal
Key Components
•Terminal Working Key (TWK)– TWK consists of Two working keys:
›Data Encryption Key (DEK)›MAC Authentication Key (MAK)
– Protected online transaction data
KEK Key Generation
KMS
Acquirer &Vendor
Info
KEK SIM CardCard Info HSM
SIMCardSIM
CardSIMCard
SIMCardSIM
CardSIMCard
Vendor A.Vendor A.
Vendor B.Vendor B.
Key Download Flow
EFTSec Secure Processor
TCP/IP
HSM HSM
Terminal Master Key (TMK) Initialization
TMK Generated Individual byIndividual terminalKEKe(TMK) response to Terminal
Terminal Working Key (TWK) Logon
TWK Generated Individual by individual terminalTMKe(TWK) response to Terminal
SIMCard
Key Download
Bank Host
Switching Transaction From Existing EDC Network
HSMKMSTLES
Host Acquire 1
EFTSecBank Host
HSMKMSTLES
Host Acquire 3
EFTSecBank Host
Host Acquire 2
Secure TerminalACQ1 ACQ2 ACQ3
SIMCard
SIMCard
xxxx NOT xxxxIMPLEMENT
Line Encryption
TMKTWK
TMKTWK
1
2
4
5
3 6
Encryption & MAC Algorithms support
• Encryption algorithms support– DES (single key length, 64 bits)– 3DEC (double key length, 128 bits)– AES (double key length, 128 bits)
• MAC algorithms support – ANSI X9.19 MAC using SHA-1 hashing– ANSI X9.9 MAC
• Encryption Method selection by transaction
System Platform & Performance
Platform Windows Platform
Hardware Dual-Intel CPU
Operating System Windows2000
Database Oracle
Peak Load > 100 TPS
Remark: Hardware specification will depend on the requirement & traffic which will be discussed.Remark: Hardware specification will depend on the requirement & traffic which will be discussed.
• Highly Trusted Security Solution• High performance with Load sharing• No single point of failure• Support mix of non-EFTSec and EFTSec transaction• Open standard available for other terminal vendors• Protect investment
Summary: EFTSec® Application
Thank you