Review Injected PIN Encryption Keys or Point to Point Encryption Keys on Ingenico Telium Devices

Description: Utilize the steps below to determine if an encryption key is present on Ingenico Telium devices.

Note: The steps below only confirm an encryption key is present, not that it is valid. Only the Key Injection Facility (KIF) can validate a PIN Encryption Key.

To verify whether encryption is in place on the device, perform the following:

1. Reboot the PIN pad.

2. Wait for the PIN Pad to display the Retail Base (RBA) version information screen.
   
   
3. When the Ingenico Copyright screen appears, press 2 6 3 4 and then Enter. Shortly after this, the device will ask you to either press (+) Plus or (F) Function for menu. If successful, the Functions menu should display. If it does not, please reboot and try performing the code entry again.
   Note: If the device requests (F) Function for menu, but there is no (F) key simply press (+) Plus instead.
   
4. Navigate to the TSA menu and press Enter.

5. Select DUKPT KSN.
   

   

   6. You may use the relevant keys to scroll up and down to view every index. Any value other than No Key indicates a key is in place.

   
   
   

   7. More than one Key may be present if the merchant is utilizing PIN entry or P2PE. The PIN Encryption Key will generally be located in Slot 0 or Slot 1, more commonly the former. The P2PE Key will be located in Slot 4 in almost every case.

Another way of checking if a device has encryption keys injected is through a device info text file.

Prerequisites:

• Have access to UTG that the pin pad is connected to.
• Have last 6 digits of the device serial number in question.

How to check for encryption keys in deviceinfo.txt :

1. Follow this path C:\Shift4\UTG2\Trace
2. Locate a file with the last 6 of the device serial number and _deviceinfo at the end.
3. Check for DUKPT 1 through 4, if there are any values that means there are encryption keys injected.