http://www.paymentsystemsblog.com/2009/01/20/when-end-to-end-encryption-is-really-not-end-to-end/ David D. Bergert Sun, 11 Apr 2010 04:11:23 +0000 http://wordpress.org/?v=2.9.2 hourly 1 http://www.paymentsystemsblog.com/2009/01/20/when-end-to-end-encryption-is-really-not-end-to-end/comment-page-1/#comment-1057 Timothy Johnson Mon, 23 Mar 2009 17:29:33 +0000 http://www.paymentsystemsblog.com/2009/01/20/when-end-to-end-encryption-is-really-not-end-to-end/#comment-1057 DISCLOSURE: My company provides encryption technology for the diagram above. Your PowerPoint demonstrates Where we encrypt Layer @ 2,3, and 4. DISCLOSURE: My company provides encryption technology for the diagram above. Your PowerPoint demonstrates Where we encrypt Layer @ 2,3, and 4.

]]> http://www.paymentsystemsblog.com/2009/01/20/when-end-to-end-encryption-is-really-not-end-to-end/comment-page-1/#comment-861 Patrick Hazel Fri, 23 Jan 2009 17:54:51 +0000 http://www.paymentsystemsblog.com/2009/01/20/when-end-to-end-encryption-is-really-not-end-to-end/#comment-861 End to end encryption, as you properly define it, has been commercially deployed in the US. The underlying crypto uses what is called "format preserving encryption" and uses either Triple DES or AES. In the US, VeriFone has deployed this in a product they call "VSP". I would strongly emphasize your point as well that most "end to end" encryption claims wilt under qualified review. DISCLOSURE: My company provides the crypto and supporting systems to VeriFone so be aware of my bias. End to end encryption, as you properly define it, has been commercially deployed in the US. The underlying crypto uses what is called “format preserving encryption” and uses either Triple DES or AES. In the US, VeriFone has deployed this in a product they call “VSP”. I would strongly emphasize your point as well that most “end to end” encryption claims wilt under qualified review. DISCLOSURE: My company provides the crypto and supporting systems to VeriFone so be aware of my bias.

]]> http://www.paymentsystemsblog.com/2009/01/20/when-end-to-end-encryption-is-really-not-end-to-end/comment-page-1/#comment-847 Heartland Payment Systems Breach - My Thoughts | Payment Systems Blog Wed, 21 Jan 2009 15:24:08 +0000 http://www.paymentsystemsblog.com/2009/01/20/when-end-to-end-encryption-is-really-not-end-to-end/#comment-847 [...] And lastly End-to-End Encryption solutions would not of prevented this either: see my post here: When End-to-End Encryption is really not End-to-End. No TweetBacks yet. (Be the first to Tweet this post) Possibly Related Posts (automatically [...] [...] And lastly End-to-End Encryption solutions would not of prevented this either: see my post here: When End-to-End Encryption is really not End-to-End. No TweetBacks yet. (Be the first to Tweet this post) Possibly Related Posts (automatically [...]

]]>