STRATEGIC PARTNERS
July 23, 2002
WESTON, Fla. -- A consortium of electronic payments industry suppliers is proposing the first global interoperable method for Triple DES session key management.
ACI Worldwide, Diebold, Thales e-Security and VeriFone have published a draft security specification that they plan to implement in their products and services, according to a news release.
Triple DES is a key encryption algorithm that raises the level of fraud protection for PIN-based debit transactions at ATMs and POS terminals. While standards exist for Triple DES master key management, there is a lack of standards for session key management. Instead, each vendor is required to develop proprietary implementations, according to the release.
The consortium is encouraging the financial industry to adopt a global Triple DES standard to increase interoperability between each element of an end-to-end payment solution from the host software to host security modules, ATMs and POS terminals.
The group plans to work with leading card associations, other vendors and industry standards organizations worldwide to finalize and adopt the specification. A copy of the draft specification can be downloaded at www.aciworldwide.com/3des/. Comments on the specification can be submitted online.
