Select a function
Choose an HSM function from the sidebar to get started.
An open, educational simulator for payment HSM cryptography and payment network message flows.
Explore how terminals, acquirers, schemes and issuers communicate using AS2805 messages — for card issuance, PIN set, terminal provisioning and purchase transactions.
Explore →Step through individual HSM operations — generate LMKs and zone keys, encrypt PIN blocks, compute MACs, wrap keys with TR-31, and more. All inputs and outputs are visible.
Explore →Explore how money moves through a 4-party card scheme. Follow a transaction from clearing through settlement, and see how interchange fees, scheme fees, and merchant service fees are calculated at each step.
Explore →Paste raw hex bytes from an AS2805.2 message and decode it into human-readable fields, bitmaps, and a colour-coded hex dump.
Explore →The payment scheme simulator needs a screen width of at least 900px to display the network topology, activity records, and key material properly.
Try rotating to landscape, or use a tablet / desktop browser.
Financial Flows needs a screen width of at least 900px to display the settlement network, transaction flows, and account ledgers properly.
Try rotating to landscape, or use a tablet / desktop browser.
Paste the raw hex bytes of an AS2805.2 message (whitespace is ignored). Click Decode to parse it into human-readable fields.
Remote Key Injection — a method of loading cryptographic keys into a payment terminal that is already deployed in the field, without requiring physical access. The terminal generates an RSA keypair, sends its public key (as a KRD certificate) to the KIF, and the KIF wraps the IPEK or KIA under the terminal’s public key for secure delivery over the network. This contrasts with physical KIF injection where the terminal must be present on-site.
Choose an HSM function from the sidebar to get started.