Sample PIN Key Hierarchy
Color Legend As Coordinated With Original Blog Post:
MN HSMKey Hierarchy MMM Distribution Key Hierarchy MENNIINI Deviation Key Hierarchy
Dread
sm Master ey
ees
i Sea
Generated bythe HSN
er eererer ey
aeons
es
‘Created atistalaion
Unique perdevice/
CLT
Other (describe)
Unique tothe HH
Zone ke usedto|
synchronize keys
2crossHSMs
Gererated by the HSN.
Enerypted wth MFK
Unique the HSH
Tosuerworkinghey to
encrypt the Pil andexchange
data withissurs
‘Acquirer werkinghey to
encrypt the Pl andexchange
data wth acqurers
xs 256 ‘ser
xs 256 Acquirer
Loaded viarecehed
ey components
Loaded viarecthed
eycomponents
Unique to each issuer
Unique each acquirer
‘Base derivation kes usedto
Gererated bythe HSN.
Encrypted with 20K
Unique per merchant
Key ended into Pol from
which DUKPT heys ae crested
DUKPTkey which sunique
foreach PIN transaction
Puble/priate key pair
ed tsign and
authenticate applicators
Generated by the KI
ung device ley eral
umber and 80K
Create the PO!
Acquirer
Notapplcable:
Ephemealkey leadedinto PO!
Loaded rt PO!
Stored in SCD
Unique perdevice
Unique perdevice
Only presenton CO
sed to sign applicationsSample P2PE Key Hierarchy
“Theinfomatinentred hetelsintededony providea guideline helporganzationto understand are create the own ey hraches. isnt represertatveofanypartialar stem,
Color Legend As Coordinated With Original Blog Post:
ll HSMKeyHierarchy INN Distribution Key Hierarchy NNN Deviation Key Hierarchy
Key Key
ee ert Cee eee
i) cc
Desciption&Pupose: | HSMMasterkey
Creation: eNOV2ORL
concn
Distrbutin: None
Storage: Hsu
Destruction Zereize HSM
Desciptio &Pupose: | Synchronize keys across HSMS
Creation: eNoVzOM
rooney
weet Distro None
Storage Hsu
Destruction ‘Secure delete incor within the HSM
Ercaypk working keys shared with ssueh and acquTers
eNovzoaL
ncn
= Received componente
Hsu
‘Secure delete incor within the HSM
Digital signatures
None
sw
‘Secure delete unctiors within the HSM
‘Authenticate key Blocks fr symmetric
keysexchangeduithanotherentiy
Novae
Local SW)
‘Secare delet incor within the HSM
Bare doin ay fornealation of layr on POI
7Novz0a1
Local (HSN) and remote (Ki 3s comporentsndin HSM)
HS, Components
Forbeal, ecuredeletefuncionswithinthe HSM
Forremot, secure detruction fhe components
andzeroing ofkeysin HSM
Key loaded nto POI fram which DUKPT keys are crested
‘Setly KiFattime of Plinjection
if Not stributed unique tothe POlon whichis installed
None
None, procedures enforce ephemeral nature PEK
Unique-pertransaction encyptionofcard data
‘ety KiF atime ofPOlinjection
Not stributed, unique tothe POlon whichis installed
POL
Destucton of PO or zeroized PO!
Key loaded nto POl rom which DUKDT hoy ar crested
‘Setly KiFattime of POlinjection
coe
Not stributed unique tothe POlon whichis installed
| None:
None, procedures enfere ephemeral nature IFEX
‘Unique-pertransaction encyptionofcard data
‘Set KIEattims of POinjection
Not stributed unique tothe POlon whichis installed
PO!
Destruction of POI or aroized POI
Maser hey/Session Key used to provide mutual
uthentiction for remte dsribution ofAES 28 bitheys
TOV
Local (HSM) andremote (PO)
Hs SCO
Ce
Forbeal, ecuredeletefuncionswithinthe HSM
Forremot, destruction of PO orzerozed POL
“Terminal mastorused?o enayptlays or PO!
TNoVzOa
Local (HSH) andremote (Ki, as comporents nd in #SM)
Rr HS Components
Forlcal, ecuredeletefuncions withinthe HSM
Forremoty, secure detrtion of ky components
andzeroing ofkeysin HSM