Filter
Top Products
CCA Release 2.54
Using Specific Key Types and Key-Usage Bits to Help Ensure
PIN Security
The control vectors (see Appendix C, “CCA Control-Vector Definitions and Key
Encryption” on page C-1) associated with obtaining and verifying PINs enable you
to minimize certain security exposures. The class of keys designated PINGEN
operates in the verbs that create and validate PIN values, whereas the PINVER
class operates only in those verbs that validate a PIN. Reduce your exposure to
fraud by limiting the availability of the PINGEN keys to those applications and times
when it is legitimate to create new PIN values. Use the PINVER key class to
validate PINs. You can also further restrict those verbs in which a PINGEN key will
perform by selectively turning off bits in the default PINGEN control vector.
Those verbs that encrypt a PIN block require the encrypting key to be of the class
OPINENC, output PIN (block) encrypting key. Those verbs that decrypt a PIN
block require the encrypting key to be of the class IPINENC, input PIN (block)
encrypting key. The actual input and output key values are the same, but the use
of two different types of control vectors aids in defeating certain insider attacks that
might enable redirection of encrypted PIN values to an unintended service to the
attacker's benefit. You can also turn off selected bits in the default OPINENC and
IPINENC control vectors to limit those verbs in which a given key can operate to
further reduce exposure to insider fraud.
Point-of-sale terminals that accept a customer's PIN often use the
unique-key-per-transaction mechanism specified in ANSI X9.24 to ensure that
tampering with the device will not reveal keys used to encrypt previous PIN
encryptions. The Encrypted_PIN_Translate and Encrypted_PIN_Verify verbs
optionally support processing PIN blocks encrypted according to ANSI X9.24. In
these cases you supply the “base key” and a “current key serial number” (CKSN)
and the verb derives the appropriate key and employs a special PIN-block
encryption technique to decrypt or encrypt the PIN block.
In summary, the PIN verbs use these key types:
PINGEN (PIN-generating) key type
The PIN verbs that generate and verify a PIN require the PIN-generating
key to have a control vector that specifies a PINGEN key type.
The Encrypted_PIN_Verify verb can also use a key with a PINGEN key
type if bit 22 is set to one to specify that the key can be used to verify a
PIN.
PINVER (PIN-verifying) key type
The Encrypted_PIN_Verify verb, which verifies an encrypted PIN by
using the PIN calculation method, requires the PIN-generating key to
have a control vector that specifies the PINVER key type, or a control
vector that specifies the PINGEN key type and has bit 22 set to 1. Note
that the PINVER key type cannot be used to create a PIN value, and
therefore is the preferred key type in a system that only needs to
validate PINs.
IPINENC (input PIN-block encrypting) key type
The PIN verbs that decrypt a PIN block require the decrypting key to
have a control vector that specifies an IPINENC key type.
Chapter 8. Financial Services Support Verbs 8-7