Freely subscribe to our NEWSLETTER

The continuous effort of keeping ATMs secure is growing increasingly
expensive. The battle to keep ATMs locked down and protected from
criminals has become more complicated with the requirement for PINs to
boost 3DES encryption using unique keys.

These additional requirements have added to the cost and complexity of
key management by necessitating longer keys and more hands-on
interaction. For example, traditional key loading requires two different
employees to visit each individual ATM to enter the parts of the master
key. In addition to increased personnel costs, this method also doubles
the potential for error.

Remote Key Load, or RKL, technology eliminates these concerns. According
to Lars Clausen, Vice President of Sagem Denmark, "As long as a system
meets some basic requirements, installing the first 3DES master key is a
matter of connecting the ATM to the host via regular channels and
running the Remote Keyload Protocol. The installation takes place in
about 10 seconds - without the need for human involvement."

According to Sagem Denmark, these basic requirements include: the ATM,
host-ATM protocol, ATM’s EPP and the host’s HSM must all support RKL;
the host must have a host key pair and a suitable certificate on the
public key; and the EPP must have two key pairs with corresponding
certificates. Sagem Denmark will assist and support the customer with a
correct and efficient implementation of the RKL solution.

In addition to cutting costs and simplifying key management, RKL also
incorporates several security features. One such benefit is Mutual
Authentication, which means the host and the EPP can verify each other
in the same operation. Other advantages include protection against
reinstallation of old key values, encrypted transport of the master key,
and a cryptographically signed message after a successful key transfer.