How can I ensure my unit is injected with the correct key for my purposes?

ID TECH is a KIF (Key Injection Facility). We currently more than one hundred production keys. Every Key we manage has an ID TECH part number (i.g. IDT-KEYINJ-D01). If you need a unit injected with the specific key, an ID TECH sales person will be able to tell you if the key is already managed by ID TECH or if the key will need to be transferred to ID TECH via a Secure Key Transfer process.

ID TECH has a service where we can create a new key. This service is referred to as a Key Generation service.

Cryptographic Keys are identified/validated by the KCV key check value. When we Transfer Keys, the Key will be split into components (usually 2. sometime 3) in our HSM. Each component will be handled separately... by separate operators. The components will be placed in tamper evident bags and shipped to different receiving parties via different carriers. All of this ensures that the Key never exists in whole outside the protection of an HSM.

How to know with what key your reader is injected?

If you have a reader and you are not sure if it has been injected, you can look for the IDT_KEYINJ sticker like shown below:

We can look up this key part number and tell you what it is.

You can also look at the KSN (key serial number). This 10 Byte hex number is always available in plain text with any encrypted data. If the KSN begins with 629949, then it is a key ID TECH created and very likely injected into your reader. You can let us know the KSN and we can share what can be learned from it. Also, we can look up the readers sales history using the serial number on the reader. Often we can track down the sales invoice that may include key injection service that specifies the key to be injected