top of page

Code Signing Architecture for Software-Based PIN Entry on Android

Hardened cryptographic architecture for Android boot loader, firmware loader and application packaging to comply with the PCI Software-based PIN entry on COTS standard. Developed PKI infrastructure to support firmware and code signing. Traced Android boot loader code to identify gaps in Android security that needed to be addressed to comply with PCI requirements. #PCI #PKI #mobile #security

Cryptographic Key Distribution for a Payment Terminal Vendor

Developed cryptographic architecture for to support the distribution of third-party encryption keys to payment terminals in compliance with PCI PIN and PCI P2PE requirements. Supported the development and roll-out of the client's key distribution solution with key ceremonies and hands-on operation of PKI and HSM systems. #PKI #PCI #security #integration

PKI Architecture and Implementation for a Payment Vendor

Designed and implemented PKI infrastructure for a payment vendor, including Certificate Policy and Certification Practices Statements compliant with RFC 3647, EJBCA deployments on Linux, Windows Server 2012, and at AWS, using SafeNet and Thales HSMs. Developed and implemented key ceremony procedures for PCI PTS and PCI P2PE compliant certificate authorities. #PKI #PCI #security #integration #IoT

Certificate Authority Policies and Implementation for a Payment Terminal Manufacturer

Developed the certificate authority architecture, policies, and practices to allow testing, distribution and deployment of third-party applications on payment terminals. Provided technical support for the implementation of EJBCA and SafeNet HSMs at Amazon Web Services. Developed policies and procedures for HSMs used to distribute customer encryption keys to payment terminals. Proposed the certificate authority architecture for a wholesale upgrade of cryptographic functions fo

Projects: Blog2
bottom of page