CONTINUE TO SITE »
or wait 15 seconds

News

Cutting costs on key management

October 11, 2005

Updating cryptographic keys at ATMs is becoming a fact of life for financial institutions (FIs). And for most machines, that means having two technicians visit each ATM to load the key.

In order to meet the new Visa/MasterCard standard, manual key loading requires two components individually and separately loaded into the ATM every couple of months.


This story and all the great free content on ATMmarketplace is supported by:

Trusted Security

Request free info
from this company!

"The dual control requirement translates into increased costs for the ATM operator for dispatching two individuals to the ATM," said David Pharr, director of business development for Matthews, N.C.-based Trusted Security Solutions. "This cost is often a deterrent to compliance, resulting in an increased risk of key compromise."

For FIs with newer machines or the ability to invest in upgrading legacy ATMs, the answer could be remote key loading. But for those that cannot or chose not to undertake remote key loading, they may still avoid the cost of having two technicians visit every ATM.

Persistent key component (PKC) technology enables one person to establish a new cryptographic key in an ATM after the first key is loaded.

It works like this: One custodian loads the first key component, which is held in a tamper-resistant security module such as the encrypted PIN pad of an ATM. The second key is manually loaded by another technician.

In the future, to re-key the ATM it is necessary for only one individual to visit the ATM and enter the contents of a key component. The new key component combined with the previously entered persistent key component forms a new unique key.

ATM manufacturer NexTran Group expects to be the first ATM manufacturer to provide PKC in its machines, said Harry Whitman, the South Hackensack, N.J.-based company's executive vice president for sales and marketing. "Within 60 to 90 days we plan to have PKC loaded onto all of our new machines and also have an upgrade for our machines already in the field," he said. "The upgrade is a fairly minor software change; there is no real hardware that needs to be added."

By reducing the number of technicians needed to re-key a machine, PKC is expected not only to cut the cost of updating keys by half, but also to save the time required to coordinate the schedules of two techs, Whitman said.

While the technology would be attractive to all ATM deployers because it would be the lowest-cost solution for key loading, Pharr said, PKC would be particularly attractive to FIs with older ATMs that are not able to - or are too expensive to - upgrade to remote key loading capability.

Or, as Whitman said, "We expect that a wider variety of ATMs (will) be able to use PKC than remote key."

NexTran's ATM processing division, Innobeta Systems, has agreed to work together with Trusted Security in an effort to co-develop PKC.

"We are always looking for innovative ways to enhance the service that we provide to our customers and we recognize PKC having great potential to do that for us," said Innobeta president Eric Parks.

Related Media

Recent Posts
SEC accuses former ATM businessman Daryl Heller of funneling $185M from investors
Fifth Third named as top veteran friendly employer
DC AG sues Bitcoin ATM operator Athena Bitcoin for allegedly exploiting scam victims
NCR Atleos earns #5 rank in fintech rankings
SEC to revamp cryptocurrency policies amid Trump's pro crypto push


©2025 Networld Media Group, LLC. All rights reserved.
b'S2-NEW'