MagneSafe Security Architecture
MagneSafe® is a digital identification and authentication architecture that safeguards consumers and their personal data.
MagneSafe Security Architecture
MagneSafe Security Architecture is a foundation you can build on. The MagneSafe Security Architecture (MSA) has evolved exponentially from its inception in 2006 when MagTek delivered the industry's first Secure Card Reader Authenticators (SCRAs) for secure electronic transactions.
Designed to Exceed PCI Regulations
MagneSafe leverages strong encryption, secure tokenization, counterfeit detection, tamper recognition, data relevance and integrity, and dynamic digital transaction signatures, which together validate and protect the entire transaction and each of its components.
MagneSafe is Supported by the Entire Payment and Identification Industry
Retail, financial institutions, and government agencies depend on MagneSafe. MagneSafe is supported in MagTek POS terminals; other POS terminals including Verifone, Hypercom, and Ingenico; ATM machines, in teller lines, back offices, PCs; and mobile devices including iOS and Android devices.
Magensa Transaction Security Combines a Layered Approach to Secure Sensitive Data
The use of encryption and tokenization when combined with dynamic authentication, protects cardholder data throughout the payment infrastructure. Secure your sensitive data, increase customer confidence, exceed current PCI DSS requirements, and expand your market while maintaining a return on your investment.
Secure the Acceptance of All Major Payment Types
Whether you need to accept Magstripe, barcode, EMV Contact, EMV Contactless, NFC Contactless Mobile wallets including Google® Pay, Apple® Pay, Samsung® Pay, we have you covered. We also allow for payments via QR Codes, Barcodes and Links, through invoicing and subscriptions, cards on file, in-app payments, touch-free payments, unattended payments, manual entry, and Apple VAS for faster transactions.
MagneSafe’s Multi-layer Security
Deliver unmatched protection and flexibility for safer digital transactions. MagTek’s MagneSafe Security Architecture is an open, flexible, and secure core architecture to build upon, backed by MagTek’s over four decades of commitment to continue to deliver the highest quality secure products, services, and support for your evolving needs.
Open-standard and Industry Proven Triple DES Encryption and DUKPT Key Management
Provide a comprehensive security solution that protects cardholder data. The open platform does not require you to invest in costly, untested, proprietary solutions that can limit your long-term flexibility and options. MagTek secure card reader authenticators and PIN PEDs deliver instant encryption inside the hardware, which is more secure than software. This places only encrypted data into the transaction environment and secures the data while in the systems under test. DUKPT, derived unique key per transaction, delivers a unique key with every swipe, tap, and insertion.
Device Authentication
Protection against rogue devices with secure key injection and mutual authentication between the payment device and the host.
Data Protection for Payment and Digital Transactions
Magensa’s data protection, tokenization, encryption, and authentication services secure today’s traditional applications with tomorrow’s advanced security requirements. Software developers, ISVs, and systems integrators bring their applications to market faster and more securely using Magensa services, applications, and remote services. These secure services protect sensitive data at every point of the transaction, increase brand value, counter skimming, and limit fraud.
MagneSafe Security Architecture Specifications
| Recommended Hardware | Secure card reader authenticator |
| Encryption Method |
3DES (TDEA) encryption
Generate a unique encryption key per swipe |
| Key Management | DUKPT |
| Authentications |
Device & Host Authentication
MagnePrint Card Authentication |
| Digital Identifiers |
Manage time bound sessions
Capture and transmit the dynamic digital identifiers Generate a unique token of the transaction Masked Data Unique, non-changeable device serial numbering |
| Features | Secure Tokenization |