While we can’t give all the details, each payment is encrypted with a unique 256-bit key. This is known as one-time pad encryption.
To scramble the data and prevent the encryption key from being revealed, AES-128 encryption is employed with a 128-bit key, and then a proprietary algorithm is used with another 128-bit key.
To detect any attempt to tamper with the encrypted data, a partial MD5 hash of the entire Track 1 encoded format is included within the encrypted data.
Finally, to prevent a fake payment being generated, the encrypted data is signed with an internally generated RSA private key. Not even your bank has access to the RSA private key, and so no one but the PocketKey can generate a valid payment.