Key Management - Clover Mini Security Policy

2. If a device's tamper mechanism has been tripped, the device's keys have
been erased and the device needs to be returned to Clover.
3. If a device is damaged in any way that prevents the user from checking
the commissioning status of the device, the device needs to be returned
to Clover.
4. If the device needs to be disposed of by the user for any other reason,
the device should be returned to Clover for decommissioning. Devices
should not be disposed of by the user.

Key Management

5. Key Management System
Clover Mobile Security Policy
a. The device uses a Remote Key Injection (RKI) process to distribute
symmetric keys used to secure transactions. The keys are
protected during distribution by a Public key Infrastructure (PKI)
with X509 certificates.
b. The process distributes 3 keys to terminals:
i. PIN IPEK
ii. SRED IPEK
iii. MAC IPEK
c. Although IPEK is an abbreviation for Initial Pin Encryption Key, it is
used to refer to any initial symmetric key in a DUKPT key
management system.
d. The RKI process uses ANSI X9 TR-31 to distribute symmetric keys.
Under TR-31, the key to be authenticated is both encrypted and
authenticated via a symmetric Key Encryption Key (KEK).
e. Before a device is delivered to a merchant, the device generates
an RSA key pair. The public key is exported in a Certificate Signing
Request (CSR). The CSR is then used to create an X509 certificate.
The certificate is used to securely identify the device. The key
generation and certificate issuance process is part of a PKI.
f. When the merchant receives a device, it generates a RSA session
key pair. The device then sends a RKI request to the Key
Distribution Host (KDH). The RKI request consists of the public
session key, the device metadata, the request's cryptological
signature and the device's X509 certificate.
g. When a device receives an RKI response, it first verifies the
response signature. The device then uses the private session key
15