News

GFG:Secure Mailer to automate cryptographic key management

10 April 2006

GFG is now shipping GFG:Secure Mailer, an off-the-shelf way to automate the remote use and management of secure cryptographic keys, removing the need for multiple personnel to contribute different parts of a key.

GFG:Secure Mailer is a Windows Application designed for use with a THALES Host Security Module (HSM). It’s designed to generate PIN Mailers, Interchange Key Mailers, Public and Private RSA keys and Public Key Verification codes. These can be either printed or securely emailed as encrypted data, further protected by the PGP Corporation.

GFG developed GFG:Secure Mailer in response to customers asking for advice on simplifying management and use of secure cryptographic keys, says GFG Account Director Ewan Wilson.

“When we’re doing implementations onsite, customers often speak of encryption and decryption as a source of pain,” he says.

“It’s an increasingly complicated area – in a single customer there can be literally thousands of different keys in their interchange and terminal management environments. Almost every customer we see has developed their own management method in-house. This usually involves multiple staff members holding different parts of the same key, which is a hassle in terms of always having to get the right staff together at the same time. We also see a lot of customers having to physically go out and visit individual ATM machines. We decided to develop an off-the-shelf way to achieve automated, remote key management, and so GFG:Secure Mailer was born.”

GFG:Secure Mailer provides support for the generation and printing of a range of keys used in the card payments system. These include - but are not limited to - support for the ANSI and ISO standards for Interchange key exchange; support for the AS2805 standards for terminal initialisation; and support for the APCA interchange standards.

In a ANSI or ISO interchange environment each party has to generate the high level DES keys in component form, and transport these components to their partner. In an APCA interchange environment each party exchanges RSA public Keys so they can then exchange KEK’s securely. GFG:Secure Mailer has been developed to fully support these requirements.

DES keys can be printed in component form or output under a higher level key, e.g. a Zone Master Key to be sent to a card association would be generated and printed in a minimum of 3 components, whereas a Terminal Master Key for a ATM may be either printed in component form or output encrypted under a ZMK for transmission to a partner loading the key into an ATM.

With RSA keys the Secret Key is always output under the encryption of the Host Security Module Local Master Key. Whilst the Public Key can be output in clear format , or securely emailed direct from the mailer to a partner using PGP.

Major functions:

Administration Module

Access to the application is controlled by the Administration Module.
There is an Administration module where to allow set up numbers of users along with access rights and roles according to their security.

Key Mailer

RSA Key Management
DES Key Management
Support for Single, Double, or Triple for the key lengths
Support for two to nine components for each key generated
Support for component or part key formats

PIN Mailer

The PIN Mailer providing support for:
Random PIN Algorithm + IBM Offset Algorithm
IBM PIN Algorithm + IBM Offset Algorithm
Random PIN Algorithm + Visa PVV Offset Algorithm
IBM PIN Algorithm + Visa PVV Offset Algorithm

PVC Manager

Support for importing a partner Public Key.

< Back to News

"GFG's Cadencie gave us an off-the-shelf product, and this was key to moving our credit card business into profit."
Greg Devlin, Chief Manager Card Division, Bendigo Bank.
Greg Devlin At Australia's Bendigo Bank, GFG's Cadencie card management product solution for merchant acquiring and management has transformed the profitability of Bendigo's card systems and provided a stable platform for new value added services. GFG's combination of products and industry expertise have also cut Bendigo Bank's back office costs.
read more
In The News

GFG Group and Open Solutions Inc. Announce Partnership

OBSESSION: It seems everyone owns at least one cellphone these days, most people own several

The latest Strategic 100 issue from CIO Magazine names GFG Group as one of 25 ‘Rising Stars’.