Using Identity Protection with Protected Transaction Display

Using Identity Protection with Protected Transaction Display

I'm looking for more information about PTD - I want to use it in a security application I'm developing.

There is a very highlevel description of it here: http://www.intel.co.uk/content/www/uk/en/architecture-and-technology/ide...

I would like to know if there's any form of SDK or developer focussed documentation available? I want to understand its capabilities and how to develop using it.

Thanks

10 posts / 0 new
Last post
For more complete information about compiler optimizations, see our Optimization Notice.

I am looking into  getting information on this. I will get back to you as soon as possible

Joe

 

Quote:

Joseph O. (Intel) wrote:

I am looking into  getting information on this. I will get back to you as soon as possible

Joe

Thanks Joe, I'd really appreciate that!

Hey James

Identity Protection Technology (IPT) with Protected Transaction Display starts out using the underlying component of IPT with PKI.

The driver is s located on the Intel download center as is a sample Protected Transaction Display application, which resides within the tools folder of the download.

Any further assistance with IPT should be with Microsoft as they own the Microsoft Crypto API

Joe

link correction on 12/09/2016

Joe, thanks for the feedback that's helpful information. However, I'm currently having problems getting IPT to install properly. I have procured a laptop computer which I've been assured by my supplier will support IPT. The laptop has an Intel Core i5-6300U CPU @ 2.40GHz and Intel HD Graphics 520 display interface. I believe this is a supported CPU (according to here: https://downloadcenter.intel.com/download/25952/Intel-Security-Unifier?p...)

When I try to install the Security Unifier from here https://downloadcenter.intel.com/download/25952/Intel-Security-Unifier?p... it fails part way through, with a message "Failed to download a software package. Please check your internet connection and try again". I can confirm that I have tested this with a direct internet connection with no firewall in place (+ Windows 10 firewall disabled), so I don't believe this is a connectivity issue. Unfortunately the Security Unifier application offers no more specific details on the problem it's encountered so I am at a loss as to what to try next.

If I try to install the driver from the link you mentioned here https://downloadcenter.intel.com/download/25509/Intel-Identity-Protectio... this also fails with the error message "...This platform may not be compatible with Intel(R) Identity Protection Technology 1.2.32.0, or another error may have occurred". Likewise if I try to install IPT+PKI from here https://downloadcenter.intel.com/download/24801/Intel-IPT-with-PKI?produ... I get the error "Install Error: This platform does not support Intel(R) Identity Protection Technology with PKI".

Obviously I'm beginning to get a pretty clear message that my laptop isn't compatible. (I should add that I'm running Windows 10 64-bit and have patched the BIOS and OS up to the latest versions available). What isn't clear to me is specifically what component of it is incompatible? The Security Unifier page above talks of compatibility only in terms of the processor and mine is on the supported list. I have Intel intergrated graphics, which I believe I need, but obviously something isn't right. If I were to attempt to source an alternative machine, I need more information to know exactly what it must have onboard so as to be compatible.

I appreciate your help on this one, as so far, no-one else within Intel has been able to offer any advice or support!

Thanks.

 

 

Hey James

All indications are indicating a device that doesn't support IPT. Please keep in mind IPT requires more than a supporting processor, but also requires the appropriate chipset and BIOS support.

As the processor is indeed a IPT enabled SKU, one of the other components must not be enabled for you to be receiving the error message. I can look further if I had the OEM, model and SKU# of the device in question.

As to purchasing, I do not have a list of specific supporting models.  However IPT is part of the vPro Technology suite, so if you purchase a vPro device, IPT should be enabled on it as well.

Joe

Hi Joe,

That would be really helpful if you can: It's a DELL Latitude E5570, Service Tag(S/N) 617GQC2. Interestingly it has a "Intel CORE i5 vPro Inside" sticker under the lid...

I've looked through all of the BIOS options I can find to check whether there's anything I can enable but not seen much of relevance.

Thanks

James

Hi James

That is interesting information... Is this a OEM OS image on the device and have you updated the BIOS?

Try the following

  1. go to services.msc and look for Intel(R) Management and Security Application Local Management Service (aka LMS)

    1. If this is not present please download the ChipSet driver from the Dell website. Windows by default only installs drivers and the complete driver package has the LMS service, which may be the issue.

      1. Retry the installing the driver previously specified and the PTD application I specified earlier, 
  2. ​Update the BIOS
    1. retry the driver previously specified and the PTD application I specified earlier, 

If the above  fails please download the SCS Platform Discovery Tool 

  1. ​go to the command prompt and use the following string:  platformdiscovery.exe -logfile
  2. inspect and email me the resulting xml file. This tool should also give an indication if IPT w/ PKI is enabled

Let me know your results

Joe

Hi Joe,

The OS image was supplied on disc in the box from the OEM. BIOS has been updated to the latest version via the Dell Support site (along with all of the other hardware drivers applicable to that service tag).

So I've followed your guidance and the service is running and the BIOS is the latest available from Dell, but I still get the same errors trying to install the application or run the Security Unifier tool.

I've run the SCS Platform Discovery Tool and the application log and console output text are below. It really does look as if it should work?

Thanks again

James

Downloadtext/plain PlatformDiscovery_desktop-7fak3nt_2016-11-15-09-06-35_output.txt

Downloadtext/plain PlatformDiscovery_desktop-7fak3nt_2016-11-15-09-06-35.log.txt

Hey James

Thanks for connecting with me offline. In summary of the situation, download center wasn't displaying the most up to date drivers.

The correct drivers are located here:

Intel® Identity Protection Technology with public key infrastructure 

Joe

Leave a Comment

Please sign in to add a comment. Not a member? Join today