Wednesday, December 19, 2012
Visting Visa - Discussion on End to End Encryption
I was at Visa's Foster City headquarters recently. The EMV Migration Forum meeting was taking place. I'm looking forward to hearing what came out of what looked to be a well attend event. I ran into Paul Tomasofsky, president of the Remote Payments Security Council who is working with EFT operators who own the knotty problem of EMV, debit cards, and PIN handling in the US.
But my purpose was to talk about encryption, Visa's new Consumer Authentication Service, and get a little background on V.me. This post is about encryption.
I spoke with Phil Kumnick, Head of Acquirer Processing. Our topic was end-to-end (E2EE) and point-to-point encryption (P2PE).
In August, Visa announced Merchant Data Secure with Point-to-Point Encryption, a service that will be made available to merchants through acquirers. An approach that uses existing standards, format preserving encryption, and multi-zone encryption, the network is entering a space with no little competition.
Phil said one of its reasons for entering the market now was the end of the wait for the PCI DSS to firm its hardware-based encryption standards. It’s hardware approach is based on the broadly deployed TDES encryption algorithm and DUKPT key management scheme, the most commonly installed terminal hardware security scheme out there. Visa's approach is also meant to be interoperable with terminals using Voltage Security's IBE, VeriShield Protect from VeriFone and others.
Visa's offer supports zone-based encryption. Zones provide flexibility. In one example Phil gave, a merchant could use a home grown encryption scheme between its terminals and its central system. In the next zone, the connections between the enterprise switch and the acquirer could be based on Voltage Security's IBE method. The next zone into the Visa network would use Visa's scheme.
Visa's longer term view is not just for encryption. It includes tokenization. Given the rising density of dynamically generated signals - from EMV to mobile devices - that are associated with each transaction, the PAN itself can become a token once there is ubiquitous use of dynamic data for all risk scoring and fraud management. The transaction ID field, for example, could be made mandatory as an additional dynamic data element. In that future, the PAN alone will no longer have value. Obviously, given how early we are with dynamic data, the "PAN as token" is some ways off.
The company plans to take a similar approach with software-based encryption, waiting for the PCI SSC to solidify its approach, now expected some time in 2013. The wait and see approach is to ensure the Visa offering would be fully in compliance with the PCI standards.
From my point of view, software-based encryption is a key tool if risk assessment is based on the layered approach that relies on the net risk posture calculated from from multiple signals. Obviously, software-based encryption schemes will have significantly easier deployment hurdles, important especially for consumer uptake of mobile apps with embedded payment capabilities. But, as the amount of sensitive data increases, so does the need for hardware-based approaches.
Long term, this has important implications for mobile transactions. Dynamic data based on all kinds of available signals, not just payments-related data, will let us make the important distinction between card holder present and simple card present transactions. If Phil knows to a very near certainty that George is the one using his mobile phone to conduct a transaction, Phil's risk in approving it drops accordingly. You could even argue, quite successfully, that this rich data mobile context could be more secure than the magstripe. If not today, it won't be long before that claim can be made.
The acquiring industry's been nervous about what the card brands were going to do once they became public companies. Guessed at for a long time, it's now become a certainty that the card giants, and Visa in particular, will offer a widening array of acquiring functions to acquirers to help accelerate key capabilities deployment in the marketplace. Encryption is one of them. Tokenization another.
The extent to which the incumbents should be nervous, however, is debatable. Visa operates a network, it sets technical standards for connecting to that network, and manages the rules that govern the network. That's a very different discipline than providing technical services directly to the acquiring industry, itself principally based on services. Larger issuers, too, have long standing relationships with their service providers over whom they exert considerable power. Purchasing acquiring-side services from a traditional revenue provider makes some issuers uneasy. At the least, the contrasting combination of Visa's traditional functions and its nascent services set is producing some skepticism. Visa will have challenges in pushing further into the services business.
Format preserving encryption (FPE) is a key feature for smoothing deployment of encryption services in applications that make use of the 16 digit PAN structure. Often, the vendor's method retains the first six digits and last four digits in the clear, to facilitate routing (based on the first six) and receipting (the last four). That leaves just six digits for obfuscation.
The variability of FPE approaches is such that even the National Institute for Standards and Technology (NIST) is working on an FPE-related standard:
"NIST is currently developing an addition to the 800-38 series of Special Publications, which will specify schemes for format preserving encryption based on the FFX framework. NIST is also considering specifying an online authenticated encryption mode to support Smart Grid as another addition to the series."
Visa as a service provider has to compete, at least in the US, with a number of acquiring processors and approaches, for the encryption business. The specifics of Visa's encryption and tokenization plans are not without critics. The format preserving encryption approach that Visa suggests cannot be used, at least according to Voltage Security, for storage. Clarifying that concern will be required because no one wants to deal with multiple format preserving encryption standards within the enterprise's walls. Life is already complicated enough.
Given the continuing evolution of standards, everyone should be keeping a close eye on the NIST efforts. The PCI SSC issues strongly worded suggestions. NIST provides technical standards.