The document discusses end-to-end encryption as a proposed solution following the 2008-2009 Heartland Payment Systems data breach that compromised over 100 million credit and debit cards. It provides an overview of the traditional credit card transaction process, Heartland's approach to implementing end-to-end encryption involving encrypting data at terminals using AES encryption and tokenization, and challenges with fully implementing end-to-end encryption across the entire transaction process. It also discusses other companies' approaches and the limitations of smartcards and encryption.

1. END TO END ENCRYPTION Heartland’s Silver Lining?

2. Overview Heartland breach as impetus for End-to-End Encryption Description of card transaction process Heartland’s approach to End-to-End Encryption Encryption and Key Management Methods used Other Processor & Merchant solutions Smartcard solutions

3. Heartland Payment Systems, Inc On Inauguration Day, HPS announced breach Occurred from May 2008 until January 2009 Approximately100 million credit and debit cards compromised from 650 financial institutions More electronic records were breached in 2008 than in the previous 4 years Track (magnetic strip) Data was obtained which includes card number and sometimes Name.

4. The Beginning of End-to-End Robert Carr, CEO, has hosted a ‘preliminary planning meeting’ on May 7 th for the Accredited Standards Committee X9 at Heartland headquarters. As of 9/1/09, X9 did not have a standard yet. The Goal – find a way to standardize End-to-End Encryption. This is being promoted as a panacea to external data threats. Enabling E2EE would, in theory, limit the scope of PCI-DSS security requirements and audits for merchants and Processors.

5. The Credit Debit Process

6. The Credit Debit Process

7. The Credit Debit Process Loyalty Programs

8. The Credit Debit Process Loyalty Programs

9. The Heartland-Voltage Security Plan E3 Tamper Resistant Terminal encrypts PAN with AES Equipment manages its own private keys Encrypted data is passed to and from Processor Unencrypted track data is not stored at Merchant Merchant stores all encrypted card data in a HSM. Encryption keys are stored with Processor All encryption/decryption happens at Processor’s HSM “ Securely Delivered” to the card brands Token is Card Brand reference#, date stamp & last 4 digits of the PAN Token is sent back to merchant for chargebacks and other post-processing 1234-56XX-XXXX-7899

10. FFSEM Mode AES and IBE FFSEM – Feistel Finite Set Encryption Mode Preserves the format of the data while encrypting the digits for system management purposes w/AES. Encrypts numbers only and data must be between 9 and 19 digits. Developed by Voltage, Heartland’s encryption partner, and not yet PCI authorized method. IBE – Identity Based Encryption uses shared information about cardholder as the public key. Public and private keys are managed by a trusted third party called the PKG (private key generator).

11. Hardware Security Module Secure cryptoprocessor Goals: Onboard secure key generation Onboard secure storage Use of cryptographic and sensitive data material Offloading application servers for complete asymmetric and symmetric cryptography. Provides both logical and physical protection from non-authorized use.

12. Steven Elefant, CIO HPS “ When we peel back the onion and look at the so-called end-to-end solutions out there, we find that they're really point-to-point solutions…True end-to-end encryption to us, … [starts] from the time the digits leave the magstripe on the consumer's card, and is turned from analog data into digital data, [and continues] all the way through the terminal, through the wires, through our host processing network until we securely deliver it to the brands.”

13. Other Hats in the Arena First Data and RSA have teamed up for a tokenization approach where the encrypted card data is at the Processor site and the merchant has only the token, created by the Processor. RBS Worldpay (another hacker victim) will market VeriFone secure swipe terminals. Also uses format-preserving AES encryption. Merchants are pursuing their own tokenization schemes. Fingerhut will tokenize all of their card data-at-rest and store encrypted card numbers in an HSM.

14. E2EE - Problems Not all transactions are initiated at a swipe machine. How often have you made a payment over the phone or on the internet? Virtual Point of Sale websites are replacing swipe machines, increasing web exposure to card data. Many business need to un-encrypt card data for recurring transactions, returns, pay on ship, etcetra. The one greatest point of weakness, the magnetic strip can still be lifted and cloned. Most End-to-End solutions do not extend past the processor.

15. E2EE – How It Would Work Visa’s recommendations: Limit clear-text cardholder and authentication data Use robust key management solutions that meet international standards Use recognized cryptographic algorithms Protect devices used to perform cryptographic functions Consider Tokenization as a data surrogate in place of credit card numbers. They are essentially recommending the use of the smartcard(chip) or something like a Speedpass

16. Other Security Measures - Smartcards EMV – Microprocessor Chip Card popular outside the US. Expensive to implement: Cryptographic coprocessor Public key certificate management at the terminal level Card data is still being stolen and transferred to the US for fraudulent transactions with mag-strip cloned cards. Contactless Token – (i.e. speedpass)

17. Other Security Measures - Smartcards Contactless Smartcards with Online Dynamic Cryptograms Cryptogram is a type of digital signature