Secure Key Management for PCI Payment Devices

Becoming and staying compliant with PCI key management is a real challenge. You need to establish a secure room, have a proper organization, detailed instructions and logging of all actions.

Rather than doing all this yourself, leave the hardened security to us and reduce time-to-market with Cryptera’s key loading services. Save the vast expenses of establishing a PCI compliant secure room, maintaining state-of-the art cryptographic knowledge and PCI audits.

Use FirmwareGuard – Keys  wherever you wish to inject keys into your devices. We deliver a complete solution including workstations, HSM and secure room, all with an easy and flexible setup.

Customer Benefirs of FirmwareGuard – Keys

  • Reduced time-to-market for payment devices

  • Physical secure room not needed

  • Global setup, central management from Denmark, EU

  • Easy deployment—Cryptera delivers a complete package

  • Compliant loading of keys and certifi cates

  • Key management for PTS and P2PE devices

  • Centralized logging

  • Based on a firmware library for the devices

  • Based on a public key

  • All secret or private keys are distributed in encrypted form

  • Can manage many different devices

FirmwareGuard – Keys offers:

  • Easy setup, based on PC HW

  • Load of these key types:
    2K3DES, 3K3DES, AES128, RSA2048 Key Pairs, X.509 Certificates

  • Supports derived (DUKPT) keys

  • No secret or private keys are transferred in clear

  • Centralized secure logging

  • Centralized Key Management

  • Distributed Key Loading workstations to be installed in access controlled room (not physical secure room)

  • Dual Control using tokens and Biometry

  • PCI PIN v3 Ready