Online remote key injection (RKI) allows merchants to automatically, quickly and securely complete payment terminal key injection at the point-of-sale. The system offers a more cost effective, faster and highly secure alternative to the industry’s traditional manual secure room key injection process.
Online vs. offline PIN verification
In the United States and most European countries card transactions need to be verified and authorised in real time via online PIN. Elsewhere, PIN verification and authentication takes place between the terminal and the card, known as offline PIN verification.
In countries with online PIN verification, payment terminals need to be injected with special keys to enable them to encrypt the PIN. Using today’s methodologies without RKI, this has to take place in a key injection facility (KIF) which is a highly secure environment subject to PCI PIN and often the TR-39 standards.
Manual key injection vs. remote key injection
Creditcall’s RKI eliminates the need for an off-site secure KIF and its associated cost, inventory complexities and distribution delays by utilizing a secure channel to remotely inject PIN pads. This enables PIN debit and other data encryption keys, such as those used for point to point encryption (P2PE), to be safely and securely injected, no matter where the PIN pad is located.
PCI PIN and TR-39 compliance
- RKI eliminates dependencies of a KIF as an unlimited number of PIN pads can be injected instantly no matter of their location
- RKI eliminates shipment cost, downtime and disruptions as there is no need to ship PIN pads to and from a KIF
- RKI eliminates administrative costs and overhead associated with the key management process