Welcome the PCI 5.x generation of Encrypting PIN pads
Cryptera has upgraded their Encrypting PIN pads (EPPs) to the newest security standard PCI PTS 5.x. The product family includes four EPPs with different dimensions to complement the ATM and Unattended segment, including the EPP2200 with a display for a guided payment experience.
For easy compliance with the latest PCI requirements, the new firmware includes features as:
- 24-hour reboot
- 15 min timeout on manual key entry
- AES PIN encryption with ISO format 4
- Stricter use of keys for the intended purpose, a separation between Customer and Manufacturer key hierarchies
- PAN encryption
- TR-34 Remote Key Load (RKL)
“PCI 5.x requires EPPs to reboot once every 24 hours to maintain a secure state. This can be a challenge for integrators to plan into their solution – but the Cryptera EPPs allow integrators to schedule the reboot and obtain important event information from the EPPs that software can react upon,” Mads Rasmussen, Product Manager.
The firmware is updated to support only SHA-256, as the hash function SHA-1 is prohibited by PCI PTS 5.x, and a 15-minute timeout is now present for the entire key entry process. For key management, every key loading mechanism is supported: Secure key entry with and without the use of password and RKL based on signatures, certificates as well as the latest TR-34 certificate-based standard.
The PCI PTS 5.x standard still requires activation of the EPPs before an encrypted PIN block can be generated as a result of a PIN code entry. For the first installation, this is easily managed and integrators can acquire activation codes from Cryptera should they have removed the EPPs after installation.
On the hardware side, Cryptera releases enhanced security features as a double-layered mesh to improve protection against physical attacks. As part of the personalization process, the products will be configured with customer keys, preferred layout, and graphics to match the payment environment.
For customers who need a full payment solution, Cryptera offers EPPs, contact and contactless card readers, and a payment controller.
For ATM customers, Cryptera offers a licensed XFS Service Provider designed to bring effectiveness and simplicity when integrating PIN entry devices in ATM applications.
Likewise, for the Unattended segment, the Cryptera Protocol will ease the integration in kiosks with both Windows and Linux systems.
Cryptera delivers an integration package together with test devices comprising integration guide, command specification, scripts, etc.
For more details please visit the product page or contact the Cryptera Sales Organization. Test modules are available with a short lead time.