This application note takes advantage of the MAXQ1850- based two-chip architecture to explore a highly secure payment terminal design and analyzes the weaknesses of manufacturers facing PCI-PED PTS product certification.
New terminals, new trends
Financial terminals have become a new type of delivery service provided by payment product companies. Financial terminals are no longer limited to simple card readers, but are gradually becoming sophisticated computing devices capable of processing transactions, managing inventory, and operating commercial operations. A notable sign of this role shift is a new term defined for the terminal: from a point-of-sale (POS) device to a interactive terminal (POI) system. The POI system must have fast communication capabilities and be more convenient to use (for example, USB, Ethernet, WiFi® or Bluetooth® can be connected) to support multi-application coordination and handle complex card transactions (payment cards, loyalty cards, etc.).
In addition, the conditions of use have also changed. Sometimes the POI must work in a humid environment, outdoors or indoors. In most cases, these devices require a humanized, portable design that meets the dealer's need for a stylish look. Due to the integration and reuse of related technologies, end products are everywhere, such as smart phones, notebook computers, game consoles, and the like. Modern POI devices introduce a similar aesthetic design that incorporates rich display technology, sophisticated touch screen interfaces and convenient connectivity for easy integration into information systems. The in-depth development of hardware technology has also led to the reuse of software design. From commercial operating systems to software stacks, hardware circuits can be directly extracted. All in all, software reuse helps speed development, reduce the risk of product failure, and bring products to market faster with lower R&D costs.
Terminal security
The main difference between POI and consumer (CE) devices is security. The global development of EMV cards means that the threats to the system are also global. If you do not take appropriate countermeasures, you may be attacked from different parts of the world in an instant. On the other hand, due to the huge returns from high investment (development tools, time, etc.), criminal gangs will carry out attacks at all costs. This shows that the biggest threat to equipment security comes from these criminal gangs.
The interoperability of financial terminals, communication interfaces, and advanced services have become "stepping stones" for attackers. The Payment Card Industry Security Standards Council (PCI SSC), created by industry-leading payment products companies—including Express, JCB, MasterCard, and Visa—is designed to standardize industry-wide safety standards.
The PCI PIN Transaction Security (PCI PTS) standard developed by PCI SSC defines the security requirements for financial terminals. The previous PCI PIN Input Device (PCI PED) standard (PCI PTS) focused on responding to physical and logical attacks that attempted to extract PIN codes and encryption keys from POIs. Based on field experience and laboratory research, PCI PTS summarizes security mechanisms for various attacks (material tampering, environmental changes, software interface attacks, cryptanalysis crack attacks, policy threats). The PCI PTS is designed to protect the PIN code in the normal format of the terminal or smart card connection channel.
The physical mechanism requires that the intruder open the terminal, insert the PIN recording device, prevent data from being captured at the PIN input or the transmitting end, and prevent modification of the terminal operation. It is logically necessary to prevent an intruder from modifying the card reader and controlling the running program of the terminal, thereby achieving the purpose of recovering, recording or transmitting the PIN code and other sensitive data.
Other requirements include effective protection of the magnetic stripe data. Each requirement of the PCI PTS corresponds to a specific attack category, related to the level of confrontation, and is usually expressed in numbers ranging from 16 to 35. In order to achieve the design goals, the payment terminal must be able to minimize the risk of tampering (so-called tampering).
In accordance with the ITSEC Joint Lab Statement (JIL) provisions for smart cards, the attack value scheme is based on the knowledge gained, the duration of the attack, the resources of the attacker, and the expertise. Each anti-attack capability is divided into several levels for evaluation, and each level has a corresponding rating. When considering an attack form, it can be expressed by the sum of the attack strength values ​​for each type. For example, file class protection includes three levels: public, restricted, and encrypted. If a restricted file is attacked, the level of attack (restricted file) needs to be added to the attack sum.
The anti-attack capability assessment needs to be conducted in a qualified laboratory, and the final decision on whether to obtain approval is controlled by the PCI PTS members. Since the attacker has access to the payment terminal device, the PCI PTS specifies a security level that is resistant to various threats and protects the card holder's sensitive data. PCI PTS does not provide a solution and requires manufacturers to find ways to meet these requirements. PCI PTS 3.1 has replaced the PCI PED 2.1 standard in March 2012. As security levels continue to increase, terminal vendors will face even more severe design challenges.
PCI PTS 3.x
PCI has made significant improvements to the security requirements of payment terminals, strengthening the defense against the latest attack threats. In addition, the proposed new solution also promotes modular development to simplify production. The hallmark of this evolution is the change of the PIN input device (PED) to a POI device, reflecting changes in the use end. The terminal device needs to perform financial transactions as before, but now it needs to perform more tasks. The new requirements also indicate that the manufacturer has considered the expansion capability of PCI SSC.
Throughout the process, the certification process has been simplified to a one-time assessment of all types of devices (POS, EPP, vending machines, kiosks), divided into two mandatory evaluation modules: the core requirements and integration requirements of the equipment. There are also two new evaluation modules for manufacturers to choose from.
To ensure safety, the specific requirements were slightly modified and enhanced based on on-site feedback. Some key requirements have increased their attack value from 1 to 2, especially for attacks related to physical attacks (keyboards, magnetic strips, and card slots). Attack cost values ​​range from 16 to 35 (14 to 35 for PCI PED 2.1). In addition, the rules for specifying requests are now more restrictive. Earlier standards only required that the sum of attack preparation and attack development values ​​be equal to a minimum; now, the attack development value itself must have a minimum value (attack preparation is the identification phase during which the attacker studies the problem, design method, and test Equipment. In the development phase, the attacker enters the public place and actually performs data theft.
Other new requirements are explicitly targeted at new POI architectures and services. For example, B17 is required to consider the case of running multiple applications on the same terminal, which fully reflects the software architecture of modern terminals. Another example is the creation of a new optional evaluation module: the Open Protocol module handles security issues on open/public networks, typically addressing terminal security issues from IP connections, similar to the daily attack threats of PCs. The Secure Read and Data Exchange (SRED) module specifies the protection requirements for cardholder account data in the terminal. Table 1 lists most of the key safety requirements and functional requirements for designing efficient, cost-effective terminals.
Control the cost of the security solution
In order to meet strict security standards, terminal manufacturers face enormous challenges in designing powerful and stylish POI devices. Terminal manufacturers themselves can develop and maintain security devices at a significant cost, as this will require terminal vendors to build a team of experts to occupy considerable R&D resources. This has also become a huge obstacle for the new force to enter the security market, but it does not represent the obvious competitive advantage of the existing manufacturers. After all, all the security certification conditions of the payment terminal are mandatory.
Standardization creates huge business opportunities for professional manufacturers' security modules. Since the certification standards are uniform, terminal manufacturers can choose a commercial security solution to meet the requirements of the security certification standards. These modular designs offer several significant advantages over self-developed security solutions.
They can ease the design burden of the terminal manufacturer and only pay attention to the system value-added features. Although security is not a special feature of the device, it is the most basic standardization requirement for the terminal product. By working with security product vendors, terminal vendors are able to focus on value-added services in the financial end market.
Cost-effective design allows for the development of more complex security mechanisms. Because multiple users share the cost of R&D, high-tech development resources will not form an exclusive situation. As the complexity of security products increases, these factors that reduce design costs become more important. It can be seen that the financial terminal market also relies on professional security product suppliers who can propose effective countermeasures.
Use approved modules to reduce risk and accelerate POI certification. By performing a safety assessment of the commercialization solution and obtaining a PCI PTS approval, the module supplier can reduce the development risk of the terminal designer. This simplifies the integration of security systems and speeds up the adoption of terminal authentication.
MAXQ1850 Chinese data, pdf datasheet: http://
Our company is specialized in supplying Remote Control / Air conditioner remote control / A/C Universal Remote Control
Including air conditioner remote control.LCD display with nice appearance .large code library.menu function and powerful saving mode.Prompt delivery time.power by AAA batteries*2 . good replacement to broken/old remote . It has a powerful codebase and can control most air-conditioners of all brands in the world.It has a memory function during the electricity failure .Also has a function of manually searching (plus or minus) or automatically searching for adaptable type of air-conditioners, which makes it easy and convenient for you to search for a suitable type of air-conditioner.It has complete functions and a comfortable hand feeling, which bring you enjoyment to the maximal extent.
Remote Control
Remote Control,Rf Universal Remote,Universal Remote,Universal Remote Control
ZHEJIANG ICE LOONG ENVIRONMENTAL SCI-TECH CO.,LTD. , https://www.ice-loong.com