Gartner says move would slow migration to stronger encryption for payment systemsJuly 8, 2009 06:50 PM ET
Computerworld - In a purported second major security change in recent weeks, MasterCard has decided to disallow merchants' use of remote key injection (RKI) services to install new encryption keys on point-of-sale (POS) systems, says a Gartner analyst.
Such a decision would mean that merchants hoping to upgrade the encryption on their POS terminals in an automated fashion over their networks wwould instead need to continue doing it manually and one terminal at a time in a secure off-site facility.
MasterCard's decision would also raise questions about the considerable investments made by payment systems vendors in developing remote key injection (RKI) capabilities over the past few years.
"Nobody understands the rationale for this," Gartner analyst Avivah Litan said, adding that she was informed recently of the development by two major retailers.
MasterCard did not respond to multple requests for comment and would neither confirm nor deny Litan's finding.
More:
http://www.computerworld.com/s/article/9135316/MasterCard_halts_remote_POS_security_upgrades