Advice in Phases PCI PIN 3.1
From the diagnosis to the certification, a comprehensive approach.
Are you ready for PCI PIN?
We guide you at every stage
The PCI standard PIN see 3.1 included within the requirements (18-3) the implementation of the blocks of keys (Key Blocks) for all keys symmetric relevant PIN exchanged or stored under another symmetric key (Zone Master Keys (ZMKs), Key-Encipherment Keys (KEKs), Base Derivation Keys (BDKs), Terminal Master Keys (TMKs), and PIN-Encryption Keys (PEKs).
A block of key PIN is a structured format commonly used to store and transport encryption keys for the PIN in a secure way. Contains a key protected, use restrictions, and other data that are encrypted.
We have expert advice on the different phases of implementation of the standard PCI PIN 3.1since the diagnosis of compliance to the design of architectures cryptographic support the use of Key Blocks. Our approach encompasses the assessment of HSM devices, generation and distribution of keys safe, as well as the adaptation of existing systems to the current requirements of the standard, ensuring an effective transition and aligned with industry best practices.
The PCI standard PIN see 3.1 defines a stage of implementation of the block of keys of PIN:
PHASE I
Implements “Key Blocks” for the internal connections and the storage of the keys within service provider”
Effective date of implementation 1 June 2019.
This phase aims to change the block in the cryptogram of the keys of the format VARIANT to a block format of keys as (AKB, TR-31, Thales Block).
ACTIVITIES:
- Uprising of information architecture transactional .
- Review of the processes cryptographic.
- Accompaniment in the lifting of the inventory of the keys that should be impacted
- Advise the staff of the entity to understand and implement the format of blocks and their application to convert VARIANT to the format supported by your brand of HSM.
- Accompaniment in the definition of the work plan for the migration of the format of the current block to the format supported by your HSM
Deliverable
A document with the plan of activities for the implementation of the requirements described in the PCI Pin Security in numbers 18-3, phase 1.
Are you ready to begin with PCI PIN?
PHASE II
Implements “Key Blocks” for external connections to Associations and networks ”
Effective date 1 January 2023.
This phase aims to deploy the blocks of the keys, PIN with all the entities with which the institution swap keys for PIN.
ACTIVITIES:
- Uprising of information architecture transactional related to the connection with a third party. .
- Review of the processes cryptographic.
- Accompaniment in the lifting of the inventory of the keys that should be impacted
- Advise the staff of the entity to understand and implement the format of blocks and their application.
- Accompaniment in the definition of the work plan for the migration of the format of the current block to the format supported by your HSM
Deliverable
A document with the plan of activities for the implementation of the requirements described in the PCI Pin Security in numbers 18-3, phase II.
PHASE III
Implements “Key Blocks” for connections to the host of retail, POS, and ATM”
Effective date of implementation is 1 January 2025.
This phase aims to advise the organization in the implementation of the blocks of the keys of the PIN for links to the POS and ATMs.
ACTIVITIES:
- Uprising of information architecture transactional related to the POS /ATM .
- Review of the processes cryptographic.
- Accompaniment in the lifting of the inventory of the keys that should be impacted
- Advise the staff of the entity to understand and implement the format of blocks and their application.
- Accompaniment in the definition of the work plan for the migration of the format of the current block to the format supported by your HSM
Deliverable
A document with the plan of activities for the implementation of the requirements described in the PCI Pin Security in numbers 18-3, phase III.
