The Standard Transfer Specification (STS) is the technical standard that governs how prepaid electricity credit is securely encoded, transmitted and decoded across metering systems, used in South Africa and over 40 countries worldwide. Developed originally by Eskom and now maintained by the STS Association, STS defines the complete transaction chain from token generation at the vending system through encrypted transmission to decoding at the prepaid meter. Every prepaid electricity transaction processed in South Africa, whether purchased at a municipal office, a retail till point, a mobile application or a banking platform, relies on STS token technology.
STS Architecture: How Prepaid Token Systems Work
The STS architecture consists of three primary components that work together to ensure secure, interoperable prepaid electricity transactions.
Key Management Centre (KMC)
The KMC is the most security-critical element of the STS architecture. It generates and distributes the cryptographic keys that encode tokens. Each meter is provisioned with a unique Supply Group Code (SGC), Key Revision Number (KRN) and Tariff Index that together determine which key set the meter uses to decrypt incoming tokens. When a consumer purchases electricity, the vending system communicates with the KMC to generate a token encrypted specifically for the target meter's unique key parameters.
Vending Systems
STS vending systems are the consumer-facing platforms where electricity purchases occur. These systems connect to the KMC to request token generation, validate the purchase transaction and deliver the 20-digit numeric token to the consumer via printed receipt, SMS, mobile app notification or screen display. Vending platforms must be STS-certified to ensure they correctly implement the token generation protocol and handle error conditions such as duplicate purchases, refunds and key changeover transactions.
Prepaid Meters
The prepaid meter receives the 20-digit token via keypad entry or, in smart prepaid meters, via remote communication. The meter uses its provisioned key set to decrypt the token, validate the embedded counter value against its internal sequence register, extract the kilowatt-hour credit amount and add it to the available balance. This architecture ensures that a token generated for one meter cannot be used on any other meter in the network.
Token Encryption and Security
Token security is the cornerstone of STS compliance. Tokens are encrypted using either the original Data Encryption Standard (DES) algorithm or, in newer implementations, the Standard Transfer Specification Encryption Algorithm (STEA). STEA provides significantly stronger cryptographic protection against brute-force attacks, rainbow table exploits and token replay compared to the ageing DES algorithm.
- Each token contains an embedded counter value that prevents reuse: once accepted, the same token is permanently rejected
- STEA encryption provides cryptographic strength far exceeding the original DES algorithm
- Key changeover mechanisms allow utilities to rotate encryption keys across their entire meter fleet remotely
- Token fraud detection identifies anomalous vending patterns indicating attempted key compromise
- Unique per-meter keying ensures that intercepted tokens have zero value on any other device
STS token encryption ensures that a token generated for one specific meter cannot be decoded by any other meter in the network, and each token can only be used once due to embedded counter validation.
Multi-Vendor Interoperability
Multi-vendor interoperability is a defining feature of STS that distinguishes it from proprietary prepaid metering systems. Because STS is an open standard with published specifications, any STS-certified meter can accept tokens generated by any STS-certified vending system, provided the meter's key parameters are correctly registered in the vending platform.
This interoperability protects municipalities from vendor lock-in. A municipality can deploy meters from one manufacturer, use vending software from another provider and allow consumers to purchase electricity through third-party retail channels, banking apps or mobile wallet platforms. The STS standard guarantees that all these components work together seamlessly.
NRS 049, SABS Certification and Compliance Requirements
For a prepaid meter to be deployed in South African municipal networks, it must comply with NRS 049, the national specification for prepaid electricity dispensing meters. NRS 049 references the STS specification and adds South Africa-specific requirements.
- IEC 62052 and IEC 62053 accuracy class compliance for energy measurement
- Environmental testing covering temperature extremes, humidity and altitude conditions found across South Africa
- Surge withstand capability protecting against lightning and switching transients on South African networks
- Terminal mechanical strength requirements ensuring physical durability in field conditions
- Display characteristics including minimum digit size, viewing angle and backlight requirements
- SABS type-test certification verifying correct STS token decoding, tariff calculation and tamper handling
Utilities planning new deployments or replacing legacy meter stock should evaluate the vendor's STS Association membership status, support for the latest STS Edition (currently Edition 2), STEA encryption capability, key changeover functionality and integration compatibility with the municipality's existing KMC and vending infrastructure.
What This Means for South African Utilities
STS compliance is not a nice-to-have feature for prepaid meters deployed in South Africa; it is a regulatory and operational requirement. Meters that lack full STS compliance create interoperability risks, expose utilities to token security vulnerabilities and may not meet the conditions attached to National Treasury grant funding for metering modernisation. Utilities should insist on verified STS Association membership, current SABS certification and demonstrated STEA encryption capability from every meter vendor under consideration.
Hexing Electrical SA manufactures a full range of STS-compliant single-phase and three-phase prepaid meters at its Johannesburg production facility, with current SABS certification and NRS 049 type-test approvals. Every Hexing prepaid meter supports STS Edition 2, STEA encryption, multi-vendor vending interoperability and over-the-air key changeover for deployed meter populations. Our engineering team works directly with municipal KMC administrators and vending system providers to ensure seamless integration during rollout.
Contact Hexing Electrical SA to discuss STS-compliant metering solutions for your utility.