Virtually Instant Card-Swipe Encryption Device To Be Unveiled Next Week

Amidst the sea of security announcements slated for next week is a card swipe device that claims almost instant encryption of cards, avoiding the problem of card data being grabbed before encryption.

Such claims are commonplace, but the VeriShield Protect from Verifone is making claims that—if ultimately proven true—would significantly advance retail payment security.

The new unit uses Hidden Triple Data Encryption Standard (H-TDES) from a company called Semtek Innovation Solutions Corp.. It's hardware unit is designed to deactivate if anyone succeeds in opening the case, making the planting of physical data-capture devices more challenging.

"As soon as the device is opened, it's supposed to shut down and blow away the security module" and "internal security shields" have been added to "prevent anyone from drilling holes," said Jeff Wakefield, Verifone's VP of marketing.

It is being as an upgrade to existing MX800 devices and will be available to upgrade Vx devices later this year, the vendor said.

Like all hardware encryption, the Verifone card swipe device still allows a small window where the data is captured and it resides in memory before it's encrypted. "There is a slight window, a fraction of a second. Literally a millisecond," he said, before amending that to "a matter of milliseconds." But he argues—and most security consultants agree—that the time is likely too short to be of major opportunity for cyber thieves. "It would take several people working in collusion," Wakefield said.

"There's nothing we can do to make breaches impossible, but I think this is a significant leap forward because we're protecting the data at the millisecond it enters the system," Wakefield said.

The company's position is that VeriShield "encrypts the personal account number and magnetic-stripe track data in a manner that other applications interpret as valid card data," according to a Verifone document. "The data is encrypted within the tamper resistant security modules of VeriFone's PCI PED-approved payment systems so that it can safely be transmitted over retailer networks to a centralized secure decryption appliance from Semtek Innovative Solutions Corp., the developer of H-TDES."

It will also include a real-time status and alert system "to monitor compliance of each and every transaction as it occurs," the company said, dubbing that part of the offering a Cipher Device Metrics Server (CDMS).

Wakefield said the pricing was quite varied, but said that the terminals themselves will run from about $25 to $50 per terminal but he added in that "in addition there may be key injection, module loading and deployment fees involved."

One retailer—who is in negotiations with Verifone and asked that he remain anonymous—said the last bid received from Verifone was about $100/terminal (including many of the other fees), but he added it needs to be much lower.

Wakefield, who said five retailers are negotiating to buy the units, although he wouldn't say who, argues that it's the hardware-based encryption that makes his firm's offering interesting.

"There's no one else doing hardware-based encryption. If you do software-based encryption, by default, that key is stored somewhere in software," he said, adding that they ship the hardware keys to retailers in three shipping methods. "I'd almost say that software encryption is not sure. Software encryption is proven to be breakable. Hardware encryption has never been broken yet."

Security vendors and consultants generally agreed that hardware-based encryption is superior, but there are some questions (admittedly, many from security vendor rivals) about the strength of the encryption being used by Verifone.

Steve Sommers, an applications development VP for rival Shift4, for example, questioned whether Verifone is placing compatibility over security. "While I don't consider myself an encryption expert, my 20-plus years of experience with encryption technology at the bit and byte level tells me that squeezing 128+ bit encrypted data (a PCI requirement) into the confines of what 'existing POS applications interpret as valid card data' is not possible without data loss or sacrificing encryption strength," Sommers said.

Wakefield replied that, by adhering to today's standards, it will be easier to integrate into existing retail POS environments.

"By maintaining the same format used to transmit transactions as is used today, the only systems that need to change are the systems that need to decrypt the data," Wakefield said. "If the (package) required a change in message formats, then the entire retail system that processed messages would have to change."

Some questioned just how compatible these systems will be for anyone who isn't already using not only equipment from Verifone, but the latest equipment from Verifone.

"This won't work for merchants that don't have Verifone equipment capable of upgrading to this newest version," said Gartner security analyst Avivah Litan. "So, personally, I think it's too bad that Verifone has an exclusive on this technology in the U.S. It locks lots of merchants out if they are not using Verifone equipment. It's not at all clear that their vendors will enable interoperability with the Verifone readers. I suspect they won't without a price."

Asked about Sommers' encryption comment, Semtek CEO Patrick Hazel replied in effect that pragmatics require some compromises but that that is true for all security.

"The question correctly alludes to several constraints when dealing with ciphers across existing track data without a modification of length. A block cipher using 112 bit TDES keys on a 64 bit block requires a ciphertext of 20 decimal digits or 16 hex characters, both difficult to characterize in a short decimal track 2. (AES with a block size of 128 bits underscores this problem to an even greater extent.) Fixed length ciphers do not work well against the length variabilities present in track data," Hazel said. "So the breakthrough here was to create a variable length cipher while still maintaining cipher integrity. We used some attributes of Feistel or Rijndael techniques to overcome some of these limitations."

"Encryption techniques are formally evaluated based on their ability to protect both data and keys from various types of attacks when the attacker is circumscribed by fixed resources or time. Otherwise, no crypto technique would be judged 'secure' since the theoretical ability always exists to break any cipher given infinite resources and time," Hazel said. "This point is important, and crucial, to having any kind of practical discussion about the commercial legitimacy of any new cipher technique. Any cipher technique can be theoretically dismissed and what does that gain any of us?"