Increasingly consumers are conducting financial transactions through Self-Service Terminals (SSTs) without the assistance of a teller or clerk. In fact, in many cases these transactions are conducted without any individual, other than a consumer, in the vicinity of the SSTs; other than, perhaps, a security camera integrated into the SSTs or in proximity to the SSTs.
The most common SST transaction occurs by a customer at an Automated Teller Machine (ATM). Contrary to what the general public believes, ATMs can be compromised. To prevent exploitation of SSTs, end-to-end encryption is utilized between SST peripheral input and output devices (i.e., personal identification number (PIN) input devices, touch screens, cash dispensers, etc.) and a transaction processing host, or more simply a host. For this end-to-end encryption to be functional, public/private encryption key pairs are exchanged between each peripheral device and the host. As each SST typically has a plurality of peripheral devices and there may be hundreds of thousands and perhaps even millions of SSTs, a host may have many million encryption keys to establish, manage, and keep secure. Additionally, two devices may replicate certain functionality. For example, with the addition of touch screens to SSTs, a customer PIN may be input via one of two peripheral devices each having their own encryption keys. As a result, the host has a further data processing and step when processing transactions form such SSTs as the proper encryption key for decrypting a PIN number needs to be determined based on the PIN input device used rather than just simply retrieved based on an identifier of the SST.