Revoking Keys
Authorized users can revoke cryptographic keys in the Encryption Key Entry form.
If a key is revoked, IBM® Safer
Payments
securely deletes the usage private key that is stored on disk, and removes the two usage public keys
from main memory in all cluster instances.
Note: Only inactive keys can be revoked.
However, you must manually delete the revoked keys from all other storage locations by using a secure wipe tool. For example, the media used for key distribution. See Running a secure wipe tool for details.