whiteCryption Secure Key Box Delivers New Capabilities Simplifying Crucial Payment Infrastructure Security Development
Out-of-the-Box DUKPT Key Management and TR-31 Key Block Capabilities Boost Security and Decrease Development Time of ‘Tap-to-Phone’ Payment Systems
SUNNYVALE, Calif.—March 16, 2021—Intertrust subsidiary whiteCryption today announced enhancements to its Secure Key Box™ (SKB) product that significantly improve payment transaction security. These capabilities allow developers of software-based payment systems to bring highly secure, standards-compliant solutions to market more quickly.
whiteCryption® SKB customers can now automate the implementation of cryptographic protocols critical for protecting payment transactions, specifically DUKPT key management and TR-31 key blocks. Implementation of these protocols helps financial apps comply with standards set by the Payment Card Industry (PCI) Security Standards Council and other regulatory bodies.
These advancements come on the heels of another recent SKB enhancement that lets developers link multiple white-box libraries into a single application, making it easy to separate card and PIN data as required by PCI standards. Together, these new capabilities enable payment system companies to quickly embed the crypto key security methods needed to build secure ‘Tap-to-Phone’ payment and mPOS (mobile point-of-sale) applications.
“Innovative software-based payment terminal solutions can’t fully rely on the security of the underlying hardware platform. These mobile applications must protect themselves against well-funded, expert attackers,” said Tim Hartog, Director Mobile Payment at Riscure Security Lab. “We have seen first-hand that developing secure Tap-to-Phone with PIN solutions is a challenging task for solution developers. The initiative of whiteCryption to include specific security measures like DUKPT and TR-31 as an integral part of SKB can be of significant support to developers of Tap-to-Phone with PIN and CPoC (Contactless Payments on COTS) solutions.”
“Payment companies need simple, turnkey solutions that do the heavy lifting when it comes to security so they can better focus on what’s important, their business and their customers,” said Andrew Snyder, Technical Solutions Director at Intertrust. “These new capabilities further our mission to provide financial services companies with the means to build and implement frictionless payment systems that comply with and exceed security standards in a greatly reduced timeframe.”
DUKPT, or “Derived Unique Key Per Transaction” describes a key management scheme where every transaction uses a unique key that has been derived from a fixed key. This ensures that even if a transaction key is compromised, it affects only that transaction. Future and past transaction data remains protected.
The TR-31 key block is a format defined by the American National Standards Institute (ANSI) to securely exchange keys by binding them with unique identifying information that protects keys from unauthorized substitution, key replacement, or misuse. For example, PCI standards require that PIN encryption keys are transferred using secure key blocks.
Payment software companies can find more information on financial application protection here.
whiteCryption is a leading provider of application shielding, software code protection and the world’s most advanced white-box cryptography products. whiteCryption is managed by Intertrust Technologies, which supplies its patented technologies to the world’s leading software, hardware and content companies in the entertainment, automotive, IoT, healthcare, finance, banking, and digital payment industries. whiteCryption security solutions protect mobile apps, desktop applications, firmware and embedded applications, and are available for all popular platforms such as Android, iOS, Windows, macOS, and Linux, as well as embedded systems. For more information visit www.intertrust.com/whitecryption/.