![background image](http://html2.mh-extra.com/html/ncr/5945/5945_user-manual_3729157087.webp)
Appendix A: Commonly Asked Questions
A-3
What is PIN management?
PIN management refers to the process used to protect the PIN. The
first component is “encryption”, a process used to conceal the PIN and
therefore secure it from fraudulent interception. The result of
encryption is a PIN block that, when received by the bank computer
that verified the PIN, must be “decrypted” prior to processing.
Decryption is a reversal process that is used to obtain the PIN from the
PIN block. The encryption and decryption are done using the Data
Encryption Standard (DES) in the US. Other algorithms are used in
different parts of the world.
PIN verification is on-line in the US. Off-line PIN verification is
usually done in conjunction with a “smart card” and will not be
covered here. One of the prominent countries using off-line PIN
verification is France.
What is Key Management?
Key management is the process to protect the key(s) used in the DES
algorithm.
DES, used in the PIN encryption process, is an algorithm that exists in
the public domain. DES employs a key in the PIN encryption process
and the same key to decrypt the PIN. Since the keys read the hidden
part of the algorithm, it is critical to protect them. The two methods for
key management used in the US are:
•
Master/session key management system
•
Derived Unique Key Per Transaction (DUKPT)
Summary of Contents for 5945
Page 1: ...NCR 5945 Electronic Payment Terminal Release 1 1 User s Guide B005 0000 1104 Issue B...
Page 9: ...Revision Record Issue Date Remarks A Apr 99 First issue B Apr 2000 Revision...
Page 28: ......
Page 36: ......
Page 54: ......
Page 72: ......
Page 88: ......
Page 92: ...B005 0000 1104 Apr 2000 Printed on recycled paper...