Positive Pay and Cryptosystem Authentication
To combat increasing losses from bank check fraud large
banks and corporations established Positive Pay systems so that the
transaction information, printed on bank checks, could be
authenticated before payment. Cryptosystem authentication, as
discussed below, focuses on mathematical representations of the
transaction information printed on bank checks. See Ethent Views:
"Shared Secret Key Authentication", Ethent Views:
"Hash Function Authentication" and Ethent
Views: "Public Key Authentication" for
a more detailed discussion.
Positive Pay Authentication
Each
day, thousands of bank check issuers send bank check transaction
information to their paying banks. This transaction data, which is
called Positive Pay information, usually includes the checking
account number, check number, date, dollar amount and payee for each
check issued for each day. When individual bank checks are presented
to the paying bank for payment, the information in the bank's
Positive Pay file is compared to the information printed on the bank
check presented for payment. If this comparison does not result in
an exact match, the bank will usually assume that the presented check is a counterfeit or an
alteration, and will not pay the check presented for
payment.
Presented
bank checks can be authenticated by both bank tellers and the bank's
High Speed Check Processing System, which may process millions of
checks per day. Printed at the bottom of each bank check is the
Magnetic Ink Character Recognition (MICR) Line, which contains the
checking account number, the check number and dollar amount of the
check. A bank teller can key in this information, or it can be
machine read, so that the information can be compared to the
information contained in the Positive Pay file.
Each
check's MICR Line is also read, during check processing, by
MICR Readers which are part of every bank's check processing system.
This captured information can be compared to the information in the
bank's Positive Pay file.
In
addition to the MICR processing, a bank's High Speed Imaging
Processor can capture payee information printed on each check. This
information can then be processed and compared to the payee
information contained in the Positive Pay file. The Payee
information on any check can also be compared manually to the
information contained in the Positive Pay file. Regardless of what
information is compared, if the information printed on the bank
check and that contained in the Positive Pay file do not match, the
paying bank will assume that the bank check presented for payment is
a counterfeit or alteration.
Cryptosystem Authentication
A
cryptosystem, secret communication procedure, is usually composed of an algorithm and a
key, which are used to create encrypted (scrambled) information from
'to be authenticated' information, like a bank check's dollar amount
and check, account and bank numbers. The encrypted information
calculated from the 'to be authenticated' information is printed on
each bank check. If fraud perpetrators do not know the correct key,
they cannot create alterations or counterfeits and then create the
necessary encrypted information needed to pass the system's
authentication tests.
There
are two general cryptosystem approaches: 'shared secret key' and
'public key'. Here are examples of each of these systems which
can be used to authenticate the transaction information printed on
bank checks.
With this
'shared secret key' cryptosystem each bank check's transaction
information is entered into an encryption algorithm along with a
'shared secret key', which is known only to the check issuer and the
paying bank - thus, the 'shared secret key'. The algorithm's
output is an encrypted representation of the check's
transaction information. A Message Authentication Code (MAC),
which is a truncation of the
encrypted representation, is then created. For
example, this truncation produces a 4 digit number,
the Message Authentication Code or MAC.
The
check issuer prints each calculated MAC on the
corresponding check. When a check is presented to the paying bank, the bank reads the
transaction information printed on the check, and then enters the
information and the 'shared secret key' into the same encryption
algorithm used by the check issuer to create the MAC. The bank
also reads the MAC printed on the check. The bank's computer
completes the appropriate mathematical calculations to produce a new
MAC, which is compared to the MAC printed on the check.
If
the MAC printed on the check is not equal to the
calculated MAC, then the check is assumed to be a counterfeit or
alteration.
With this
'public key' cryptosystem each check's transaction information is
first entered into a Hash Function and then the output is
entered into an encryption algorithm along with the check issuer's
'private key', which is known only by the check issuer - not known
by the paying bank or any other potential check payer.
The algorithm's output is an encrypted
representation of the check's transaction information and is
called a Digital Signature.
The
check issuer prints each calculated Digital Signature on the
corresponding check. Because of the large number of characters
needed to represent a Digital Signature, it is usually printed
on each check in a machine-readable form such as a 2D Barcode.
Only
the check issuer has access to the 'private key' that created the
Digital Signature, but the paying bank and other check payers may
have access to the check issuer's 'public key' (mathematically
related to the 'private key') which can be used to authenticate the
Digital Signature created with the 'private key'.
When
a check is presented to a check payer for payment, the check payer
reads the transaction information and Digital Signature printed
on the check and then enters the Digital Signature and the
'public key' into the same encryption algorithm used by the check
issuer to create the Digital Signature. The same Hash Function
used by the check issuer is also used and a computer completes
the appropriate mathematical calculations to determine if the
Digital Signature was produced with the transaction information
printed on the check.
If
it is determined that the Digital Signature was not produced with
the transaction information printed on the check, then the
check is assumed to be a counterfeit or
alteration.
Ethent Views
1)
Positive Pay systems provide very strong authentication, because
paying banks compare actual bank check transaction information
contained in the banks' files with transaction information printed
on bank checks presented for payment.
2)
Cryptosystems provide very strong authentication, because they
compare encrypted representations of actual bank check transaction
information.
3)
Positive Pay systems are usually available only to the paying bank,
while 'public key' Cryptosystems can be made available to all check
payers.