SlideShare una empresa de Scribd logo

Futurex SKI9000 Secure Key Injection Solution Overview

G
Greg Stone

Futurex provides encryption solutions including the SKI9000 device for direct key injection. The SKI9000 allows loading keys securely into up to sixteen POS terminals or ATM PIN pads at once using a graphical interface. It stores keys as encrypted cryptograms for security and supports DUKPT key standards. Futurex helps customers comply with regulations by providing expertise on secure key injection rooms and key management.

TecnologíaEmpresariales
1 de 17
Futurex Solutions Overview SKI9000 Direct Key Injection Solution
Agenda • About Futurex • SKI Series Overview • Security Features • Regulatory Compliance • DUKPT Key Injection Overview • Contact Details
Futurex. An Innovative Leader in Encryption Solutions. • For over 30 years, more than 15,000 customers worldwide have trusted Futurex solutions to protect their highly sensitive data • Hardware-based solutions with diverse applications in electronic payments and general-purpose data security • Entrepreneurial culture, fostering agility and innovation in the development of hardware encryption solutions with cross- platform, multidimensional applications • Results-oriented engineering team based entirely out of our U.S. Technology Campus, with significant experience delivering First-to-Market Customer Initiatives
SKI Series – Secure Key Injection Futurex SKI Series ATM PIN Pads Key Comp 2 Point of Sale Terminals Secure Injection Facility Cost Effective •Inject up to sixteen POS terminals or ATM PIN pads at a time •Graphical user interface reduces training and administration costs Versatile •Supports most major terminal manufacturers and most key types, including Master/Session and 3DES DUKPT •Provides detailed audit records and the ability to generate key reports Key Comp 1
Why Did Futurex Develop the SKI Series? • Adoption of ASC X9.24 - Part 1, which mandates the use of hardware-based encryption devices, by the major card brands has made it no longer acceptable to use software-based encryption to protect payment keys. • Existing key injection solutions are limited in capability and are outdated, often lacking support for multiple terminal manufacturers and a graphical user interface. • Storing keys as cryptograms or in a Tamper-Resistant Security Module (TRSM) dramatically reduces the risk of key exposure. • As key usage expands, the complexity of managing and tracking keys increases.
SKI Series Features • Eliminates the costly manual process of loading multiple keys • Supports all major key types • Prints labels with device ID and key serial number for convenient tracking • Scalable to perform up to sixteen injections at once • Easy-to-use GUI significantly reduces training and administration costs • Keys exportable to the Futurex RKMS Series Remote Key Management Server
Security Features Physical Security • Two independent front panel locks protected by individual barrel keys that are highly resistant to picking and/or duplication • CD-ROM drive hidden behind front panel • “Puzzle Box” design with hardened steel casing and interlocking components • TRSM with epoxy barrier and sensor wires to protect processor and system memory • Serial ports connected directly to TRSM Logical Security • Dual logins required to access application • User group permissions control privileges within application • Keys stored as cryptograms under MFK or KEK • Key component entry occurs in separate steps, each with individual check digit display • Complete, authenticated audit log files of all activity and access • Standard reports and customizable queries from audit log files
Additional Features and Benefits Feature Benefit Supports easy, compliant direct key loading into POS terminals - Provides flexibility in key loading operations - Reduces training for key loaders - Reduces errors and re-work Loads keys directly from a FIPS 140-2 Level 3-certified Tamper Resistant Security Module (TRSM) - Meets new industry requirements for secure key injection - Improves the security of your online transactions POS terminal keys to be injected can be stored on the hard drive as cryptograms - It is not necessary to re-enter the key for each injection, dramatically improving total injection speed Detailed audit records and ability to easily generate reports from these records - Ability to easily manage internal and external TR-39 audits Easy to use Graphical User Interface (GUI) - Reduces training requirements for key loaders - Reduces errors and re-work
Regulatory Compliance – Secure Room • Required for any organization that must undergo a TR-39 audit • Secure room requirements: o Mandatory dual access o No connection to outside networks o Auditable use and visitor logs o Access restricted to authorized personnel • How does the secure room apply to Point of Sale terminal manufacturers? o Clear keys must be loaded within a secure room o Certificate authorities must be generated, stored, and managed within a secure room • Futurex’s CTGA-certified Solutions Architects have secure room expertise and can provide training assistance in the design and implementation process
Overview – DUKPT Key Injection
DUKPT Features • DUKPT (Derived Unique Key Per Transaction) ensures that a different key is used for every transaction • A DUKPT key consists of two parts: – BDK (Base Derivation Key), the working key that is used for encryption – KSN (Key Serial Number), the unique serial number that is injected into each device • After every transaction, a new DUKPT key is derived from the incremented KSN which is used to encrypt the PIN SKI Series Point of Sale Terminals Secure Injection Facility BDK KSN
Overview – DUKPT Key Injection SKI Series POS Terminal Secure Room The SKI Series is fully compliant with the Triple-DES DUKPT standard and is capable of automatically deriving unique IDs for each terminal injected. This is designed to maintain high injection throughput and requires an absolute minimum of configuration and input from key officers Key Comp(BDK) 2 Key Comp(BDK) 1 KSN Point of Sale Host/Bank Excrypt™ SSP Series Hardware Security Module (HSM)
Key Serial Number • The Key Serial Number (KSN) is the unique serial number that is injected into each POS terminal • The KSN consists of five parts concatenated together – Issuer Identification Number • Unique per issuer – Customer ID Number – Group Identifier Number – Unique Device ID • Incremented after every device injection – Transaction Counter • Incremented after every transaction • The KSN ensures that all transactions use a unique key which has been derived from the original BDK
Overview – DUKPT Key Injection SKI Series POS Terminal Secure Room From within a secure room or facility, the Base Derivation Key (BDK) and Key Serial Number (KSN) are loaded onto the SKI Series. To ease the process of loading multiple keys on multiple different terminals, the device is designed with a cryptogram export and import feature. Key Comp(BDK) 2 Key Comp(BDK) 1 KSN Once the BDK and the KSN have both been loaded, the POS terminal can be injected via the point-and-click GUI. The KSN will also increment automatically when keys are shared between multiple terminal types. KSN Components Bit Range Byte Range ID Definition 1-24 1-3 IIN Issuer Identifier Number 25-32 4 CID Customer ID Number 32-40 5 GID Group Identifier Number 41-59 6-~8 DID Unique Device ID 60-80 ~8-10 TC Transaction Counter
Overview – DUKPT Key Injection Once injected, the POS terminals can be instantly deployed into a production environment. The KSN will automatically increment after each transaction, ensuring compliance with the ANSI X9.24 regulations requiring the use of DUKPT. Point of Sale Host/Bank Excrypt™ SSP Series Hardware Security Module (HSM) Host Database
Futurex SKI9000 – Key Exchange Process Flow Diagram This procedure outlines the process by which users may export keys from an external host and import them into the SKI9000, encrypted under a mutually-shared Key Exchange Key (KEK). Futurex SKI9000 External Host Generate Key Exchange Key (KEK) Export KEK Components* *If desired, the generation and export of KEK components may also be performed on the SKI9000 and imported into the external host instead. This functionality requires the SKI9000 Key Generation Add-On Module. Insert KEK via Hosts/Networks Menu Translate Base Derivation Keys (BDK) to Encryption Under KEK Export Key Cryptograms Import Key Cryptograms
Contact Us Visit http://www.futurex.com for more information Greg Stone Sr. Product Marketing Engineer, Enterprise Sales and Virtual Markets Direct: +1 830-980-9782 x1316 Mobile: +1 210-287-2729 gstone@futurex.com

Recomendados

Key management
Key managementKey management
Key managementBrandon Byungyong Jo
 
IBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxIBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxFIDO Alliance
 
Google & FIDO Authentication
Google & FIDO AuthenticationGoogle & FIDO Authentication
Google & FIDO AuthenticationFIDO Alliance
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and ApplicationsSvetlin Nakov
 
WebAuthn
WebAuthnWebAuthn
WebAuthnKelley Robinson
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEELinaro
 
Idcon25 FIDO2 の概要と YubiKey の実装
Idcon25 FIDO2 の概要と YubiKey の実装Idcon25 FIDO2 の概要と YubiKey の実装
Idcon25 FIDO2 の概要と YubiKey の実装Haniyama Wataru
 
Secure boot general
Secure boot generalSecure boot general
Secure boot generalPrabhu Swamy
 

Recomendados

Key management
Key managementKey management
Key managementBrandon Byungyong Jo
 
IBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxIBM: Hey FIDO, Meet Passkey!.pptx
IBM: Hey FIDO, Meet Passkey!.pptxFIDO Alliance
 
Google & FIDO Authentication
Google & FIDO AuthenticationGoogle & FIDO Authentication
Google & FIDO AuthenticationFIDO Alliance
 
PKI and Applications
PKI and ApplicationsPKI and Applications
PKI and ApplicationsSvetlin Nakov
 
WebAuthn
WebAuthnWebAuthn
WebAuthnKelley Robinson
 
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEEBKK16-110 A Gentle Introduction to Trusted Execution and OP-TEE
BKK16-110 A Gentle Introduction to Trusted Execution and OP-TEELinaro
 
Idcon25 FIDO2 の概要と YubiKey の実装
Idcon25 FIDO2 の概要と YubiKey の実装Idcon25 FIDO2 の概要と YubiKey の実装
Idcon25 FIDO2 の概要と YubiKey の実装Haniyama Wataru
 
Secure boot general
Secure boot generalSecure boot general
Secure boot generalPrabhu Swamy
 
Quick Start Guide | Pulsar Axion 2 XQ35 | Optics Trade
Quick Start Guide | Pulsar Axion 2 XQ35 | Optics TradeQuick Start Guide | Pulsar Axion 2 XQ35 | Optics Trade
Quick Start Guide | Pulsar Axion 2 XQ35 | Optics TradeOptics-Trade
 
Google FIDO Authentication Case Study
Google FIDO Authentication Case StudyGoogle FIDO Authentication Case Study
Google FIDO Authentication Case StudyFIDO Alliance
 
Trusted firmware deep_dive_v1.0_
Trusted firmware deep_dive_v1.0_Trusted firmware deep_dive_v1.0_
Trusted firmware deep_dive_v1.0_Linaro
 
Public Vs. Private Keys
Public Vs. Private KeysPublic Vs. Private Keys
Public Vs. Private Keys101 Blockchains
 
Disk health prediction for Ceph
Disk health prediction for CephDisk health prediction for Ceph
Disk health prediction for CephCeph Community
 
Asset Tokenization as an Industry Game Changer
Asset Tokenization as an Industry Game ChangerAsset Tokenization as an Industry Game Changer
Asset Tokenization as an Industry Game ChangerJongseung Kim
 
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3Linaro
 
Ssl in a nutshell
Ssl in a nutshellSsl in a nutshell
Ssl in a nutshellFrank Kelly
 
Go passwordless with fido2
Go passwordless with fido2Go passwordless with fido2
Go passwordless with fido2Rob Dudley
 
Image encryption using aes key expansion
Image encryption using aes key expansionImage encryption using aes key expansion
Image encryption using aes key expansionSreeda Perikamana
 
Admission controllers - PSP, OPA, Kyverno and more!
Admission controllers - PSP, OPA, Kyverno and more!Admission controllers - PSP, OPA, Kyverno and more!
Admission controllers - PSP, OPA, Kyverno and more!SebastienSEYMARC
 
ARM: Trusted Zone on Android
ARM: Trusted Zone on AndroidARM: Trusted Zone on Android
ARM: Trusted Zone on AndroidKan-Han (John) Lu
 
OPTEE on QEMU - Build Tutorial
OPTEE on QEMU - Build TutorialOPTEE on QEMU - Build Tutorial
OPTEE on QEMU - Build TutorialDalton Valadares
 
FIDO UAF Specifications: Overview & Tutorial
FIDO UAF Specifications: Overview & Tutorial FIDO UAF Specifications: Overview & Tutorial
FIDO UAF Specifications: Overview & Tutorial FIDO Alliance
 
HKG18-402 - Build secure key management services in OP-TEE
HKG18-402 - Build secure key management services in OP-TEEHKG18-402 - Build secure key management services in OP-TEE
HKG18-402 - Build secure key management services in OP-TEELinaro
 
SSI DIDs VCs 入門資料
SSI DIDs VCs 入門資料SSI DIDs VCs 入門資料
SSI DIDs VCs 入門資料KAYATO SAITO
 
Kerberos
KerberosKerberos
KerberosSparkbit
 
An Overview of Stablecoin
An Overview of StablecoinAn Overview of Stablecoin
An Overview of Stablecoin101 Blockchains
 
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...Torsten Lodderstedt
 
CKA Certified Kubernetes Administrator Notes
CKA Certified Kubernetes Administrator Notes CKA Certified Kubernetes Administrator Notes
CKA Certified Kubernetes Administrator Notes Adnan Rashid
 
RBMovil Powered by CHARGE Anywhere: MWC
RBMovil Powered by CHARGE Anywhere: MWCRBMovil Powered by CHARGE Anywhere: MWC
RBMovil Powered by CHARGE Anywhere: MWCCHARGE Anywhere
 
Snort
SnortSnort
SnortMichael Boman
 

Más contenido relacionado

La actualidad más candente

Quick Start Guide | Pulsar Axion 2 XQ35 | Optics Trade
Quick Start Guide | Pulsar Axion 2 XQ35 | Optics TradeQuick Start Guide | Pulsar Axion 2 XQ35 | Optics Trade
Quick Start Guide | Pulsar Axion 2 XQ35 | Optics TradeOptics-Trade
 
Google FIDO Authentication Case Study
Google FIDO Authentication Case StudyGoogle FIDO Authentication Case Study
Google FIDO Authentication Case StudyFIDO Alliance
 
Trusted firmware deep_dive_v1.0_
Trusted firmware deep_dive_v1.0_Trusted firmware deep_dive_v1.0_
Trusted firmware deep_dive_v1.0_Linaro
 
Disk health prediction for Ceph
Disk health prediction for CephDisk health prediction for Ceph
Disk health prediction for CephCeph Community
 
Asset Tokenization as an Industry Game Changer
Asset Tokenization as an Industry Game ChangerAsset Tokenization as an Industry Game Changer
Asset Tokenization as an Industry Game ChangerJongseung Kim
 
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3Linaro
 
Ssl in a nutshell
Ssl in a nutshellSsl in a nutshell
Ssl in a nutshellFrank Kelly
 
Go passwordless with fido2
Go passwordless with fido2Go passwordless with fido2
Go passwordless with fido2Rob Dudley
 
Image encryption using aes key expansion
Image encryption using aes key expansionImage encryption using aes key expansion
Image encryption using aes key expansionSreeda Perikamana
 
Admission controllers - PSP, OPA, Kyverno and more!
Admission controllers - PSP, OPA, Kyverno and more!Admission controllers - PSP, OPA, Kyverno and more!
Admission controllers - PSP, OPA, Kyverno and more!SebastienSEYMARC
 
ARM: Trusted Zone on Android
ARM: Trusted Zone on AndroidARM: Trusted Zone on Android
ARM: Trusted Zone on AndroidKan-Han (John) Lu
 
OPTEE on QEMU - Build Tutorial
OPTEE on QEMU - Build TutorialOPTEE on QEMU - Build Tutorial
OPTEE on QEMU - Build TutorialDalton Valadares
 
FIDO UAF Specifications: Overview & Tutorial
FIDO UAF Specifications: Overview & Tutorial FIDO UAF Specifications: Overview & Tutorial
FIDO UAF Specifications: Overview & Tutorial FIDO Alliance
 
HKG18-402 - Build secure key management services in OP-TEE
HKG18-402 - Build secure key management services in OP-TEEHKG18-402 - Build secure key management services in OP-TEE
HKG18-402 - Build secure key management services in OP-TEELinaro
 
SSI DIDs VCs 入門資料
SSI DIDs VCs 入門資料SSI DIDs VCs 入門資料
SSI DIDs VCs 入門資料KAYATO SAITO
 
An Overview of Stablecoin
An Overview of StablecoinAn Overview of Stablecoin
An Overview of Stablecoin101 Blockchains
 
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...Torsten Lodderstedt
 
CKA Certified Kubernetes Administrator Notes
CKA Certified Kubernetes Administrator Notes CKA Certified Kubernetes Administrator Notes
CKA Certified Kubernetes Administrator Notes Adnan Rashid
 

La actualidad más candente (20)

Quick Start Guide | Pulsar Axion 2 XQ35 | Optics Trade
Quick Start Guide | Pulsar Axion 2 XQ35 | Optics TradeQuick Start Guide | Pulsar Axion 2 XQ35 | Optics Trade
Quick Start Guide | Pulsar Axion 2 XQ35 | Optics Trade
 
Google FIDO Authentication Case Study
Google FIDO Authentication Case StudyGoogle FIDO Authentication Case Study
Google FIDO Authentication Case Study
 
Trusted firmware deep_dive_v1.0_
Trusted firmware deep_dive_v1.0_Trusted firmware deep_dive_v1.0_
Trusted firmware deep_dive_v1.0_
 
Public Vs. Private Keys
Public Vs. Private KeysPublic Vs. Private Keys
Public Vs. Private Keys
 
Disk health prediction for Ceph
Disk health prediction for CephDisk health prediction for Ceph
Disk health prediction for Ceph
 
Asset Tokenization as an Industry Game Changer
Asset Tokenization as an Industry Game ChangerAsset Tokenization as an Industry Game Changer
Asset Tokenization as an Industry Game Changer
 
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
LAS16-111: Easing Access to ARM TrustZone – OP-TEE and Raspberry Pi 3
 
Ssl in a nutshell
Ssl in a nutshellSsl in a nutshell
Ssl in a nutshell
 
Go passwordless with fido2
Go passwordless with fido2Go passwordless with fido2
Go passwordless with fido2
 
Image encryption using aes key expansion
Image encryption using aes key expansionImage encryption using aes key expansion
Image encryption using aes key expansion
 
Admission controllers - PSP, OPA, Kyverno and more!
Admission controllers - PSP, OPA, Kyverno and more!Admission controllers - PSP, OPA, Kyverno and more!
Admission controllers - PSP, OPA, Kyverno and more!
 
ARM: Trusted Zone on Android
ARM: Trusted Zone on AndroidARM: Trusted Zone on Android
ARM: Trusted Zone on Android
 
OPTEE on QEMU - Build Tutorial
OPTEE on QEMU - Build TutorialOPTEE on QEMU - Build Tutorial
OPTEE on QEMU - Build Tutorial
 
FIDO UAF Specifications: Overview & Tutorial
FIDO UAF Specifications: Overview & Tutorial FIDO UAF Specifications: Overview & Tutorial
FIDO UAF Specifications: Overview & Tutorial
 
HKG18-402 - Build secure key management services in OP-TEE
HKG18-402 - Build secure key management services in OP-TEEHKG18-402 - Build secure key management services in OP-TEE
HKG18-402 - Build secure key management services in OP-TEE
 
SSI DIDs VCs 入門資料
SSI DIDs VCs 入門資料SSI DIDs VCs 入門資料
SSI DIDs VCs 入門資料
 
Kerberos
KerberosKerberos
Kerberos
 
An Overview of Stablecoin
An Overview of StablecoinAn Overview of Stablecoin
An Overview of Stablecoin
 
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
How to Build Interoperable Decentralized Identity Systems with OpenID for Ver...
 
CKA Certified Kubernetes Administrator Notes
CKA Certified Kubernetes Administrator Notes CKA Certified Kubernetes Administrator Notes
CKA Certified Kubernetes Administrator Notes
 

Destacado

RBMovil Powered by CHARGE Anywhere: MWC
RBMovil Powered by CHARGE Anywhere: MWCRBMovil Powered by CHARGE Anywhere: MWC
RBMovil Powered by CHARGE Anywhere: MWCCHARGE Anywhere
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection SystemDevil's Cafe
 
Key management and distribution
Key management and distributionKey management and distribution
Key management and distributionRiya Choudhary
 
Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin
 
Essential Guide to Protect Your Data [Key Management Techniques]
Essential Guide to Protect Your Data [Key Management Techniques]Essential Guide to Protect Your Data [Key Management Techniques]
Essential Guide to Protect Your Data [Key Management Techniques]SISA Information Security Pvt.Ltd
 
Improving intrusion detection system by honeypot
Improving intrusion detection system by honeypotImproving intrusion detection system by honeypot
Improving intrusion detection system by honeypotmmubashirkhan
 
Computer and Network Security
Computer and Network SecurityComputer and Network Security
Computer and Network Securityprimeteacher32
 
Industrial Training - Network Intrusion Detection System Using Snort
Industrial Training - Network Intrusion Detection System Using SnortIndustrial Training - Network Intrusion Detection System Using Snort
Industrial Training - Network Intrusion Detection System Using SnortDisha Bedi
 
Network Intrusion Detection System Using Snort
Network Intrusion Detection System Using SnortNetwork Intrusion Detection System Using Snort
Network Intrusion Detection System Using SnortDisha Bedi
 
Intrusion Detection System(IDS)
Intrusion Detection System(IDS)Intrusion Detection System(IDS)
Intrusion Detection System(IDS)shraddha_b
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection systemAparna Bhadran
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detectionUmesh Dhital
 

Destacado (20)

RBMovil Powered by CHARGE Anywhere: MWC
RBMovil Powered by CHARGE Anywhere: MWCRBMovil Powered by CHARGE Anywhere: MWC
RBMovil Powered by CHARGE Anywhere: MWC
 
Snort
SnortSnort
Snort
 
Intrusion Detection System
Intrusion Detection SystemIntrusion Detection System
Intrusion Detection System
 
Key management and distribution
Key management and distributionKey management and distribution
Key management and distribution
 
Snort ppt
Snort pptSnort ppt
Snort ppt
 
Anton Chuvakin on Honeypots
Anton Chuvakin on HoneypotsAnton Chuvakin on Honeypots
Anton Chuvakin on Honeypots
 
Database Firewall with Snort
Database Firewall with SnortDatabase Firewall with Snort
Database Firewall with Snort
 
Wireshark Basics
Wireshark BasicsWireshark Basics
Wireshark Basics
 
Essential Guide to Protect Your Data [Key Management Techniques]
Essential Guide to Protect Your Data [Key Management Techniques]Essential Guide to Protect Your Data [Key Management Techniques]
Essential Guide to Protect Your Data [Key Management Techniques]
 
Hcl
HclHcl
Hcl
 
Intrusion Prevention System
Intrusion Prevention SystemIntrusion Prevention System
Intrusion Prevention System
 
Improving intrusion detection system by honeypot
Improving intrusion detection system by honeypotImproving intrusion detection system by honeypot
Improving intrusion detection system by honeypot
 
Computer and Network Security
Computer and Network SecurityComputer and Network Security
Computer and Network Security
 
Snort IDS/IPS Basics
Snort IDS/IPS BasicsSnort IDS/IPS Basics
Snort IDS/IPS Basics
 
Industrial Training - Network Intrusion Detection System Using Snort
Industrial Training - Network Intrusion Detection System Using SnortIndustrial Training - Network Intrusion Detection System Using Snort
Industrial Training - Network Intrusion Detection System Using Snort
 
Network Intrusion Detection System Using Snort
Network Intrusion Detection System Using SnortNetwork Intrusion Detection System Using Snort
Network Intrusion Detection System Using Snort
 
Wireshark
WiresharkWireshark
Wireshark
 
Intrusion Detection System(IDS)
Intrusion Detection System(IDS)Intrusion Detection System(IDS)
Intrusion Detection System(IDS)
 
Intrusion detection system
Intrusion detection systemIntrusion detection system
Intrusion detection system
 
Intrusion detection
Intrusion detectionIntrusion detection
Intrusion detection
 

Similar a Futurex SKI9000 Secure Key Injection Solution Overview

Axessor_Brochure_US_04-16
Axessor_Brochure_US_04-16Axessor_Brochure_US_04-16
Axessor_Brochure_US_04-16Axel de Blok
 
secure-manager-introduction-v1.pdf
secure-manager-introduction-v1.pdfsecure-manager-introduction-v1.pdf
secure-manager-introduction-v1.pdfssuser64a562
 
P2PE Solutions From Futurex
P2PE Solutions From FuturexP2PE Solutions From Futurex
P2PE Solutions From FuturexGreg Stone
 
Hardwar based Security of Systems
Hardwar based Security of SystemsHardwar based Security of Systems
Hardwar based Security of SystemsJamal Jamali
 
Pico-ITX vs. Q7 & SMARC form factors
Pico-ITX vs. Q7 & SMARC form factorsPico-ITX vs. Q7 & SMARC form factors
Pico-ITX vs. Q7 & SMARC form factorsVIA Embedded
 
The Mainframe's Role in Enterprise Security Management - Jean-Marc Darees
The Mainframe's Role in Enterprise Security Management - Jean-Marc DareesThe Mainframe's Role in Enterprise Security Management - Jean-Marc Darees
The Mainframe's Role in Enterprise Security Management - Jean-Marc DareesNRB
 
Semiconductor Design Services, IoT Solutions, IoT Consulting, IoT Solutions a...
Semiconductor Design Services, IoT Solutions, IoT Consulting, IoT Solutions a...Semiconductor Design Services, IoT Solutions, IoT Consulting, IoT Solutions a...
Semiconductor Design Services, IoT Solutions, IoT Consulting, IoT Solutions a...Moschip
 
RTOS based Confidential Area Security System
RTOS based Confidential Area Security SystemRTOS based Confidential Area Security System
RTOS based Confidential Area Security Systemajinky gadewar
 
Serie dei nuovi processori Xeon Scalabili - Yashi Italia
Serie dei nuovi processori Xeon Scalabili - Yashi ItaliaSerie dei nuovi processori Xeon Scalabili - Yashi Italia
Serie dei nuovi processori Xeon Scalabili - Yashi ItaliaYashi Italia
 
Keri Training ADI Presentation
Keri Training ADI PresentationKeri Training ADI Presentation
Keri Training ADI Presentationkeriwebmaster
 
Prez ispay 2014_us
Prez ispay 2014_usPrez ispay 2014_us
Prez ispay 2014_usEmma Garnier
 
FIPS 140-2 Validations in a Secure Enclave
FIPS 140-2 Validations in a Secure EnclaveFIPS 140-2 Validations in a Secure Enclave
FIPS 140-2 Validations in a Secure EnclavewolfSSL
 
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VStandardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VRISC-V International
 
Vindicator Overview
Vindicator OverviewVindicator Overview
Vindicator Overviewdp3b58
 

Similar a Futurex SKI9000 Secure Key Injection Solution Overview (20)

Quantum brochure
Quantum brochureQuantum brochure
Quantum brochure
 
System 6000
System 6000System 6000
System 6000
 
Axessor_Brochure_US_04-16
Axessor_Brochure_US_04-16Axessor_Brochure_US_04-16
Axessor_Brochure_US_04-16
 
secure-manager-introduction-v1.pdf
secure-manager-introduction-v1.pdfsecure-manager-introduction-v1.pdf
secure-manager-introduction-v1.pdf
 
P2PE Solutions From Futurex
P2PE Solutions From FuturexP2PE Solutions From Futurex
P2PE Solutions From Futurex
 
Hardwar based Security of Systems
Hardwar based Security of SystemsHardwar based Security of Systems
Hardwar based Security of Systems
 
Pico-ITX vs. Q7 & SMARC form factors
Pico-ITX vs. Q7 & SMARC form factorsPico-ITX vs. Q7 & SMARC form factors
Pico-ITX vs. Q7 & SMARC form factors
 
The Mainframe's Role in Enterprise Security Management - Jean-Marc Darees
The Mainframe's Role in Enterprise Security Management - Jean-Marc DareesThe Mainframe's Role in Enterprise Security Management - Jean-Marc Darees
The Mainframe's Role in Enterprise Security Management - Jean-Marc Darees
 
UTM Appliance Fact Sheet
UTM Appliance Fact SheetUTM Appliance Fact Sheet
UTM Appliance Fact Sheet
 
Semiconductor Design Services, IoT Solutions, IoT Consulting, IoT Solutions a...
Semiconductor Design Services, IoT Solutions, IoT Consulting, IoT Solutions a...Semiconductor Design Services, IoT Solutions, IoT Consulting, IoT Solutions a...
Semiconductor Design Services, IoT Solutions, IoT Consulting, IoT Solutions a...
 
RTOS based Confidential Area Security System
RTOS based Confidential Area Security SystemRTOS based Confidential Area Security System
RTOS based Confidential Area Security System
 
Serie dei nuovi processori Xeon Scalabili - Yashi Italia
Serie dei nuovi processori Xeon Scalabili - Yashi ItaliaSerie dei nuovi processori Xeon Scalabili - Yashi Italia
Serie dei nuovi processori Xeon Scalabili - Yashi Italia
 
Keri Training ADI Presentation
Keri Training ADI PresentationKeri Training ADI Presentation
Keri Training ADI Presentation
 
Prez ispay 2014_us
Prez ispay 2014_usPrez ispay 2014_us
Prez ispay 2014_us
 
FIPS 140-2 Validations in a Secure Enclave
FIPS 140-2 Validations in a Secure EnclaveFIPS 140-2 Validations in a Secure Enclave
FIPS 140-2 Validations in a Secure Enclave
 
Standardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-VStandardizing the tee with global platform and RISC-V
Standardizing the tee with global platform and RISC-V
 
Atlas brochure
Atlas brochureAtlas brochure
Atlas brochure
 
Vindicator Overview
Vindicator OverviewVindicator Overview
Vindicator Overview
 
PKI-In-A-Box
PKI-In-A-BoxPKI-In-A-Box
PKI-In-A-Box
 
Phytec_Intro_092018
Phytec_Intro_092018Phytec_Intro_092018
Phytec_Intro_092018
 

Último

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxhariprasad279825
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLScyllaDB
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Mark Simos
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity PlanDatabarracks
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 

Último (20)

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Artificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptxArtificial intelligence in cctv survelliance.pptx
Artificial intelligence in cctv survelliance.pptx
 
Developer Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQLDeveloper Data Modeling Mistakes: From Postgres to NoSQL
Developer Data Modeling Mistakes: From Postgres to NoSQL
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
Tampa BSides - Chef's Tour of Microsoft Security Adoption Framework (SAF)
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
How to write a Business Continuity Plan
How to write a Business Continuity PlanHow to write a Business Continuity Plan
How to write a Business Continuity Plan
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 

Futurex SKI9000 Secure Key Injection Solution Overview

  • 2. Agenda • About Futurex • SKI Series Overview • Security Features • Regulatory Compliance • DUKPT Key Injection Overview • Contact Details
  • 3. Futurex. An Innovative Leader in Encryption Solutions. • For over 30 years, more than 15,000 customers worldwide have trusted Futurex solutions to protect their highly sensitive data • Hardware-based solutions with diverse applications in electronic payments and general-purpose data security • Entrepreneurial culture, fostering agility and innovation in the development of hardware encryption solutions with cross- platform, multidimensional applications • Results-oriented engineering team based entirely out of our U.S. Technology Campus, with significant experience delivering First-to-Market Customer Initiatives
  • 4. SKI Series – Secure Key Injection Futurex SKI Series ATM PIN Pads Key Comp 2 Point of Sale Terminals Secure Injection Facility Cost Effective •Inject up to sixteen POS terminals or ATM PIN pads at a time •Graphical user interface reduces training and administration costs Versatile •Supports most major terminal manufacturers and most key types, including Master/Session and 3DES DUKPT •Provides detailed audit records and the ability to generate key reports Key Comp 1
  • 5. Why Did Futurex Develop the SKI Series? • Adoption of ASC X9.24 - Part 1, which mandates the use of hardware-based encryption devices, by the major card brands has made it no longer acceptable to use software-based encryption to protect payment keys. • Existing key injection solutions are limited in capability and are outdated, often lacking support for multiple terminal manufacturers and a graphical user interface. • Storing keys as cryptograms or in a Tamper-Resistant Security Module (TRSM) dramatically reduces the risk of key exposure. • As key usage expands, the complexity of managing and tracking keys increases.
  • 6. SKI Series Features • Eliminates the costly manual process of loading multiple keys • Supports all major key types • Prints labels with device ID and key serial number for convenient tracking • Scalable to perform up to sixteen injections at once • Easy-to-use GUI significantly reduces training and administration costs • Keys exportable to the Futurex RKMS Series Remote Key Management Server
  • 7. Security Features Physical Security • Two independent front panel locks protected by individual barrel keys that are highly resistant to picking and/or duplication • CD-ROM drive hidden behind front panel • “Puzzle Box” design with hardened steel casing and interlocking components • TRSM with epoxy barrier and sensor wires to protect processor and system memory • Serial ports connected directly to TRSM Logical Security • Dual logins required to access application • User group permissions control privileges within application • Keys stored as cryptograms under MFK or KEK • Key component entry occurs in separate steps, each with individual check digit display • Complete, authenticated audit log files of all activity and access • Standard reports and customizable queries from audit log files
  • 8. Additional Features and Benefits Feature Benefit Supports easy, compliant direct key loading into POS terminals - Provides flexibility in key loading operations - Reduces training for key loaders - Reduces errors and re-work Loads keys directly from a FIPS 140-2 Level 3-certified Tamper Resistant Security Module (TRSM) - Meets new industry requirements for secure key injection - Improves the security of your online transactions POS terminal keys to be injected can be stored on the hard drive as cryptograms - It is not necessary to re-enter the key for each injection, dramatically improving total injection speed Detailed audit records and ability to easily generate reports from these records - Ability to easily manage internal and external TR-39 audits Easy to use Graphical User Interface (GUI) - Reduces training requirements for key loaders - Reduces errors and re-work
  • 9. Regulatory Compliance – Secure Room • Required for any organization that must undergo a TR-39 audit • Secure room requirements: o Mandatory dual access o No connection to outside networks o Auditable use and visitor logs o Access restricted to authorized personnel • How does the secure room apply to Point of Sale terminal manufacturers? o Clear keys must be loaded within a secure room o Certificate authorities must be generated, stored, and managed within a secure room • Futurex’s CTGA-certified Solutions Architects have secure room expertise and can provide training assistance in the design and implementation process
  • 10. Overview – DUKPT Key Injection
  • 11. DUKPT Features • DUKPT (Derived Unique Key Per Transaction) ensures that a different key is used for every transaction • A DUKPT key consists of two parts: – BDK (Base Derivation Key), the working key that is used for encryption – KSN (Key Serial Number), the unique serial number that is injected into each device • After every transaction, a new DUKPT key is derived from the incremented KSN which is used to encrypt the PIN SKI Series Point of Sale Terminals Secure Injection Facility BDK KSN
  • 12. Overview – DUKPT Key Injection SKI Series POS Terminal Secure Room The SKI Series is fully compliant with the Triple-DES DUKPT standard and is capable of automatically deriving unique IDs for each terminal injected. This is designed to maintain high injection throughput and requires an absolute minimum of configuration and input from key officers Key Comp(BDK) 2 Key Comp(BDK) 1 KSN Point of Sale Host/Bank Excrypt™ SSP Series Hardware Security Module (HSM)
  • 13. Key Serial Number • The Key Serial Number (KSN) is the unique serial number that is injected into each POS terminal • The KSN consists of five parts concatenated together – Issuer Identification Number • Unique per issuer – Customer ID Number – Group Identifier Number – Unique Device ID • Incremented after every device injection – Transaction Counter • Incremented after every transaction • The KSN ensures that all transactions use a unique key which has been derived from the original BDK
  • 14. Overview – DUKPT Key Injection SKI Series POS Terminal Secure Room From within a secure room or facility, the Base Derivation Key (BDK) and Key Serial Number (KSN) are loaded onto the SKI Series. To ease the process of loading multiple keys on multiple different terminals, the device is designed with a cryptogram export and import feature. Key Comp(BDK) 2 Key Comp(BDK) 1 KSN Once the BDK and the KSN have both been loaded, the POS terminal can be injected via the point-and-click GUI. The KSN will also increment automatically when keys are shared between multiple terminal types. KSN Components Bit Range Byte Range ID Definition 1-24 1-3 IIN Issuer Identifier Number 25-32 4 CID Customer ID Number 32-40 5 GID Group Identifier Number 41-59 6-~8 DID Unique Device ID 60-80 ~8-10 TC Transaction Counter
  • 15. Overview – DUKPT Key Injection Once injected, the POS terminals can be instantly deployed into a production environment. The KSN will automatically increment after each transaction, ensuring compliance with the ANSI X9.24 regulations requiring the use of DUKPT. Point of Sale Host/Bank Excrypt™ SSP Series Hardware Security Module (HSM) Host Database
  • 16. Futurex SKI9000 – Key Exchange Process Flow Diagram This procedure outlines the process by which users may export keys from an external host and import them into the SKI9000, encrypted under a mutually-shared Key Exchange Key (KEK). Futurex SKI9000 External Host Generate Key Exchange Key (KEK) Export KEK Components* *If desired, the generation and export of KEK components may also be performed on the SKI9000 and imported into the external host instead. This functionality requires the SKI9000 Key Generation Add-On Module. Insert KEK via Hosts/Networks Menu Translate Base Derivation Keys (BDK) to Encryption Under KEK Export Key Cryptograms Import Key Cryptograms
  • 17. Contact Us Visit http://www.futurex.com for more information Greg Stone Sr. Product Marketing Engineer, Enterprise Sales and Virtual Markets Direct: +1 830-980-9782 x1316 Mobile: +1 210-287-2729 gstone@futurex.com