Johannesburg, 07 Aug 2003
SA banks and retailers have stepped up their efforts to meet the mandated Visa and MasterCard deadline for the security of their PIN-handling systems to comply with the global Triple DES (T-DES) algorithm standard.
In fact, JSE-listed secure electronic payments company, Prism Holdings, has supplied over R4 million worth of secure application modules (SAMs) to the financial and retail industries over the past eight months.
These SAMs - chipcards that can be programmed with a security application - are being used to upgrade the security levels of older POS devices, saving banks and retailers the expense of having to replace them.
According to Gerhard Claassen, Managing Director of Prism`s Crypto Business Unit, Visa and MasterCard have stated that by 2004, all new PIN-handling systems - such as POS devices - must be T-DES compliant while existing devices have to be upgraded.
"This involves upgrading the security on a number of entities: the POS terminal or PINpad (PIN encryption), the POS switch (PIN translation), the issuing bank (PIN verification), and the Trust Centre or Key Management system (PIN key and PIN generation).
"With huge investments in existing POS equipment, many banks and retailers wanting to satisfy T-DES requirements - including becoming EMV (Europay, MasterCard and Visa) smart card ready - are looking for ways to upgrade rather than replace their POS terminal infrastructure," he explains.
Claassen says some terminal vendors are offering EMV software libraries to support upgrade initiatives. The problem is that in many cases, the older terminals and PINpads simply don`t have enough horsepower or memory to handle these upgrades.
"However, many of these terminals provide internal support for one or more SAMs. The SAM can be used as a secure co-processor for off-loading CPU-intensive cryptographic operations - making them an ideal solution for older, under-powered terminals," he explains.
"For example, Prism`s Incognito TSM100 SAM can be supplied with a secure co-processor application that includes T-DES and EMV cryptographic functions and additional terminal memory saving features. This means the TSM100 can be used as a co-processor in older terminals and PINpads to extend their capability.
"In addition, Prism has packed a rich set of cryptographic support functions into the TSM100 SAM as well as memory saving features such as storage for EMV CA public keys."
Claassen points out that few security vendors can provide a complete solution to the T-DES and EMV challenge.
"But having to use multiple vendors can be very costly and time-consuming. It also leaves the bank or retailer with different key management systems and security procedures.
"Upgrading multiple-vendor systems can also lead to additional costly integration exercises to provide key management compatibility between different vendor systems.
"Prism`s security systems have often been integrated with other vendors` systems in the past, but Prism can also provide a total solution, thus simplifying key management and providing an overall cost-effective upgrade," Claassen concludes.
Share