Wouldn't it be awesome if we could limit the exposure of sensitive information (ok, small amounts of it) while it travels over the internet and through devices?
Wonder no further, DUKPT to the rescue. Derviced Unique Key per Transaction is a method to generate a key for each time a device is used. These all have the ability to be decrypted with a master key given only the addition of what amounts to a sequence identifier. These typically show up in swipers, and I suspect that most commercial swiper products use this when needing to exchange keys.
The trick is that a unique transaction key is derived from a base key using only non-secret data. The non-secret data can then be transmitted along with what you've encoded (for instance the CC) and the master can decode.
No comments:
Post a Comment