EDITRAN 5.2

How to migrate to version 5.2 of EDItran to comply with PSD2 regulations. What is AES cryptography and RSA confidentiality algorithm? Do I need an electronic signature?

EDITRAN is a communications platform, developed by Indra, on data networks and the Internet that enables direct communication between computer applications resident in different machines and operating systems of different companies, organizations and public or private entities.

Provided that EDITRAN is updated to the latest versions and is properly and securely configured, it is considered to be a secure corporate payment protocol that guarantees at least a level of security equivalent to those provided for in Directive (EU) 2015/2366 already what:

  1. EDITRAN allows the use of an intermediate connection element (proxy) and the verification of the remote IP. It also allows encrypting end-to-end communication. All this guarantees a minimum level of security in the communication and sending of information.
  2. EDITRAN allows the authentication of the client and the association of an authentication element to the transaction by electronic signature (the private key of the electronic signature can be considered as an element of possession and the keyword that allows access to the private key of the electronic signature It can be considered an element of knowledge, in addition the firm itself is associated with the transaction being a dynamic element).

Since the security level depends decisively on both the version of EDITRAN installed and the specific configuration (the level of flexibility allowed at the configuration level is very large), the following instructions must be followed:

  1. You should upgrade to the latest available EDITRAN version whenever possible. Due to the security improvements that it introduces, it is recommended to have at least version 5.2 installed: EDITRAN 5.2 uses the new version of EDITRAN 4.0 cryptography, eliminates DES encryption as an endpoint authentication mechanism, extends support for RSA keys of length 2048 and 4096 bits and incorporates the AES encryption algorithm.
  2. The installation of the EDITRAN / PX component is recommended, placing it in the DMZ, in the case of not having an equivalent security level configuration (eg proxy or general-purpose gateway located in the DMZ and supporting EDITRAN).
  3. It is recommended that the sending of files containing data related to payment services within the scope of the PSD2 must be signed, in case it is not possible, comparable alternative authentication mechanisms should be available. The signature can be integrated into EDITRAN using the EDITRAN / FF module or it can be done with other alternative electronic signature mechanisms. It is essential to guarantee the use of authentication mechanisms comparable to the reinforced authentication required in the PSD2.
  4. It is essential to guarantee the use of authentication mechanisms comparable to the reinforced authentication required in the PSD2. Data encryption Secure encryption should be applied that uses reinforced and widely recognized techniques by relevant cybersecurity entities, such as the European Union Agency for Cybersecurity (ENISA).

    1. Data encryption should always be enabled, when possible, an additional security element (eg VPN tunnels) may be added.
    2. The connection and exchange of symmetric keys should be done preferably using secure algorithms such as RSA (preference for key lengths of 2048 or 4096 bits over 1024 bits). The DES algorithm should not be used, unless there are additional security measures that eliminate the risks associated with the use of said algorithm, such as the implementation of a VPN.
    3. Data encryption algorithms:
      • DES encryption DES with simple key: It should not be used unless there are additional security measures that eliminate the risks associated with the use of said algorithm, such as the implementation of a VPN.
      • TD2 Triple DES encryption with double key: Not recommended, should be avoided whenever possible in new installations and / or updates and migrate to recommended algorithms.
      • TD3 Triple DES encryption with triple key: Not recommended, should be avoided whenever possible in new installations and / or updates and migrate to recommended algorithms.
      • AES encryption AES-128: Recommended.
      • AE2 encryption AES-192: Recommended.
      • AE3 AES-256 encryption: Recommended and preferred.

ALLOWS THE DIRECT DATA EXCHANGE, WITHOUT MANUAL INTERVENTION BETWEEN INFORMATION SYSTEMS THROUGH THE COMPUTERS SUPPORT OF THE SAME

INFORMATION REQUEST FOR EDITRAN

+ info 918 057 351

Want us to call you?



I accept the terms of use

INFORMATION REQUEST FOR EDITRAN

Find out how QLM services can help you with your business objectives.




+ info 918 057 351
* I ACCEPT THE TERMS AND CONDITIONS OF USE.
PLEASE PROCEED TO THE DISPLAY OF THE LOPD CLAUSES