Posted On: Jan 24, 2024

AWS Payment Cryptography now supports RSA Wrap and IPEK generation, two new features for customers looking for additional options when transferring cryptographic keys into or out of the service. These capabilities bring more flexibility for key exchange in addition to existing support for industry norms such as TR-34 and TR-31/X9.143. With AWS Payment Cryptography, you can simplify cryptography operations in your cloud-hosted payment applications with a service that grows elastically with your business and has been assessed as compliant with PCI PIN Security requirements.

With RSA wrap, AWS Payment Cryptography adds additional support for importing or exporting keys to provide customers with a wider range of key exchange options when TR-34 or TR-31 based implementations may not be appropriate. Customers can also use IPEK generation to create and export and transfer unique terminal-specific keys to other systems as defined in X9.24 Part 3.

These features are available in all AWS Regions where AWS Payment Cryptography is available. For detailed information and samples for utilizing the RSA wrap and IPEK generation features, please download the latest AWS CLI/SDK and review importing and exporting keys in the AWS Payment Cryptography Developer Guide.