Unattended Card Payments Inc. (UCP Inc.) is dedicated to providing EMV compliant Hardware and Payment Gateway solutions for Unattended card payment terminals in the North American market.
Acronyms in EMV: what do they all mean? Edition 4 DUKPT
Today we are going to discuss DUKPT (Derived Unique Key Per Transaction). The DUKPT is created using an initial master key also known as the BDK. The initial key and KSN (Key Serial Number) are injected into the device. Once the initial key is injected into the device it creates a group of future encryption keys. DUKPT generates a one-time encryption key for each transaction from the secret master key (BDK). The one time keys are discarded after each transaction, and the encrypted data has to be decrypted at the other end of the transaction (at the gateway or processor). The master key is shared with the decrypting device, but the master key isn't actually used for encrypting and cant be recoverable from the one time encryption key. DUKPT is a great and useful tool to help keep your clients card information secure.Last modified on
Please login first in order for you to submit comments