For security environments, organizations may need to implement end-to-end application layer
encryption security to protect PINs and other sensitive data in communications between terminals
and hosts. E2EE usually refers to End-to-End Password Protection for security sensitive
applications such as Internet Banking, etc.
E2EE creates a security domain between the Customer's terminal and the service provider's
Hardware Security Module (HSM) e.g. Internet Banking application. In this security domain,
the Password is encrypted at the Customer's PC (customer's end) and the Password can only be
decrypted for verification at the Bank's HSM (bank's end). Thus, with this End-to-End Password
Protection, the Password is not exposed anywhere; not even to the bank's Host. Since the HSM is
an isolated and tamper-resistant environment, the only real space where the PIN can be exposed
is on the Customer PC.
The integration with HSM and the encryption infrastructure require complex programming. With our
AccessMatrix UAS E2EE solution, applications developers can easily integrate E2EE authentication
without any low level complex coding to integrate with hardware security modules (HSM) and front
end component for encrypting the user password during user login.
AccessMatrix UAS E2EE solution supports most leading HSMs available in the market and the
following operations can be performed inside the HSM:
Encryption/Decryption
Hash
Protection of master encryption key
Random number generation
Initial pin generation
PIN verification
For more details information, please visit our
E2EE site.
