Consortium endorses 3DES spec. (News and Products).
A consortium of suppliers in the electronic payments industry- ACI ACI American Concrete Institute
ACI Arch Coal Inc
ACI Airports Council International (formerly Airport Associations Coordinating Council)
ACI Automobile Club d'Italia
ACI American Competitiveness Initiative Worldwide, Diebold Incorporated, Thales e-Security, and VeriFone, Inc. have published a draft security specification proposing the first global interoperable method for triple DES See DES.
(cryptography) triple DES - A product cipher which, like DES, operates on 64-bit data blocks. There are several forms, each of which uses the DES cipher 3 times. Some forms use two 56-bit keys, some use three. The DES "modes of operation" may also be used with triple-DES. (3DES) session key management. The suppliers also announced their intention to implement the specification, once finalized, in their products and solutions.
3DES is a state-of-the-art key encryption algorithm that raises the level of fraud protection for PIN-based debit transactions initiated at automated teller machines automated teller machine (ATM), device used by bank customers to process account transactions. Typically, a user inserts into the ATM a special plastic card that is encoded with information on a magnetic strip. (ATMS) and point-of-sale (POS (1) See point of sale and packet over SONET.
(2) "Parent over shoulder." See digispeak.
POS - point of sale ) terminals. The increasing sophistication so·phis·ti·cate
v. so·phis·ti·cat·ed, so·phis·ti·cat·ing, so·phis·ti·cates
1. To cause to become less natural, especially to make less naive and more worldly.
2. and power of mainstream computing equipment shortens the useful life of the current single DES key management systems and requires the industry to proactively address the need for security upgrades.
While standards currently exist for 3DES master key management and 3DES DUKPT DUKPT Derived Unique Key Per Transaction (Derived Unique Key, Per Transaction) there is a lack of standards for session key management.
Without standards, each vendor is required to develop proprietary implementations, placing an added interoperability burden on the systems that must transport session keys.
The consortium is actively encouraging the financial industry to adopt a global 3DES standard to increase/enhance interoperability between each element of an end-to-end payment solution from the host software, to host security modules, ATMs and POS terminals.