Overview

For security environments, organizations may need to implement end-to-end application layer encryption security to protect PINs and other sensitive data in communications between terminals and hosts. E2EE usually refers to End-to-End Password Protection for security sensitive applications such as Internet Banking, etc.

E2EE creates a security domain between the Customer’s terminal and the service provider’s Hardware Security Module (HSM) e.g. Internet Banking application. In this security domain, the Password is encrypted at the Customer’s PC (customer’s end) and the Password can only be decrypted for verification at the Bank’s HSM (bank’s end). Thus, with this End-to-End Password Protection, the Password is not exposed anywhere; not even to the bank’s Host. Since the HSM is an isolated and tamper-resistant environment, the only real space where the PIN can be exposed is on the Customer PC.

The integration with HSM and the encryption infrastructure require complex programming. With our AccessMatrix UAS E2EE solution, applications developers can easily integrate E2EE authentication without any low level complex coding to integrate with hardware security modules (HSM) and front end component for encrypting the user password during user login.

AccessMatrix UAS E2EE solution supports most leading HSMs available in the market and the following operations can be performed inside the HSM:

  • Encryption/Decryption
  • Hash
  • Protection of master encryption key
  • Random number generation
  • Initial pin generation
  • PIN verification

Click to know more about our Versatile Authentication Server solution.