KeyBRIDGE™ Platform


KeyBRIDGE is a self-contained hardware based centralized key management platform that solves many distinct business requirements related to the utilization of cryptography.  As its name suggests, KeyBRIDGE closes the gaps within the industry that are caused by proprietary key naming and key formatting scenarios.  KeyBRIDGE leverages an internal FIPS 140-2 Level 3 HSM and supports both symmetric and asymmetric cryptographic key management, distribution, and lifecycle tracking.

KeyBRIDGE stores all keys as bundles that are encrypted under a 256-bit AES System Master Key (SMK). Additionally, KeyBRIDGE provides support for both TR-31 and other manufacturer proprietary bundling techniques. By forging cooperative development relationships with dozens of worldwide PED manufacturers and all major HSM vendors, KeyBRIDGE has achieved key format interoperability.

With built-in dual control and split knowledge enforcement, detailed audit logging, and centralized key management, KeyBRIDGE automates many time consuming compliance-based activities.  KeyBRIDGE increases productivity by automating compliance requirements and supporting key injection for multiple devices through a single system.

  • A clear, easy-to-navigate, Windows-based user interface
  • Role-based access and user administration
  • System-enforced dual control required for all sensitive operations
  • Detailed audit logging for all system activities
  • Secure key injection for POS devices
  • Physically secure enclosure, designed to meet FIPS140-2 Level 3
  • Third party HSM integration
  • Secure clear component entry
  • Management and protection of key meta data
  • Remote customizable API
  • Remote key distribution
  • Key relationship management
KeyBRIDGE Appliance

 

KeyBRIDGE is designed to comply with the following industry key management standards:

  • ANSI X9.24-1-2009: Retail Financial Services Symmetric Key Management Part 1: Using Symmetric Techniques
  • ANSI X9.8-1-2003: Personal Identification Number Management and Security.
  • ANSI/X9 TR-39-2009: TG-3 Retail Financial Services Compliance Guideline Part 1: PIN Security and Key Management
  • ANSI X9 TR-31 2010: Interoperable Secure Key Exchange Key Block Specification for Symmetric Algorithms
  • ANSI X9.97-2009: Financial Services – Secure Cryptographic Devices (Retail) Part 1: Concepts, Requirements and Evaluation Methods
  • ANSI X9.52-1998: Triple Data Encryption Algorithm Modes of Operation
  • ISO 9564:  Banking – Personal Identification Number Management and Security
  • ISO 13491-1-2007: Banking – Secure Cryptographic Devices (Retail), Part 1 Concepts, Requirements and Evaluation methods.
  • Payment Card Industry (PCI) PIN Security Requirements
  • FIPS 140-2: Security Requirements for Cryptographic Modules,  Security Level 3

 

 

To learn more about KeyBRIDGE, please contact us at sales@geobridge.net.