TransKrypt – Security Optimization
TransKrypt, consumed via virtual application or hardware server, provides Point to Point Encryption (P2PE) secure transaction transport between POS systems and ATMs and their host servers in the payment ecosystem. TransKrypt works together with the NewNet’s AccessGuard and Secure Transaction solutions, consumed virtually and or server-based, to enhance security for IP and dial-up POS & ATM systems.
Bi-directional encryption including authorization response from the Host server to the POS terminal ensures high security.
Key Benefits
- Upgrade Path: Interconnection for legacy payment ecosystem hosts with next generation consumer initiation devices via virtual application or physical server.
- Enhanced Throughput: Bi-directional encryption including authorization response from the Host server to the POS terminal ensures high security.
- Transport Confidence: Architected compliant to PCI Security standards for P2PE systems to decrypt transaction data, as well as generate and store keys used to obtain unique keys per transaction.
- Reliability & Scalability: Redundancy with a standby Server and HSM cloning in both virtual applications and hardware.
- Technology Progression Roadmap: TransKrypt is architected to be deployed as a virtualized application or physical hardware server, which supports a road map to future forward technology.
- Management Insight: Detailed information includes processing resources, memory, interface status, and real-time traffic volume. Availability of host servers can also be monitored through either virtualized applications or physical hardware installations.
Technical Specifications
| TransKrypt | |
|---|---|
| Chassis Specifications | 2U Rack Servers, redundant units WxHxD : 445x86x749 mm WxHxD : 17.5×3.4×29.5 in |
| Physical Interface | WAN/LAN: RJ-45 (4 ports of 10/100/1000 Mbps) Optional 2 ports of 1/10Gbps |
| Security Software | OpenSSL and TurboSSL PKCS#11 Crypto OpenSSH |
| Security Storage | Physical and logical Cryptographic boundaries Secure and tamper evident enclosure All keys are secured within cryptographic boundary API libraries for Card and key management |
| Encryption Algorithms | 3DES or AES crypto algorithm is used for encryption. |
| Key Generation | Based on DUKPT standards as specified by ANSI X9.24 Cavium HSM PCI-e card to generate and store keys securely. |
| Standards Compliance | Compliant to PCI Security standards for P2PE systems for the process of decrypting the transaction data and generation and storage mechanism for the keys used for obtaining unique keys per transaction. |
Contact [email protected] for additional information.
Additional Resources
Datasheet
TransKrypt Security Server is a comprehensive provides hardware accelerated Point to Point Encryption (P2PE) for secure data transport from POS terminals to host servers. Secure cryptographic devices used for cryptographic-key management and decryption of account data are host/hardware security modules (HSMs), which are approved and configured to FIPS 140-2 (levels 2 & 3).
Product Brief
TransKrypt Product Brief provide more detail on data encryption from POS terminals, certificate verification of the client POS devices’ certificates, and tokenization of card holder data. Information is provided payment transaction data originating from payment initiating devices flowing through public networks comprising dial, broadband and mobile technologies.