HSMs use key block structures as basic structures to achieve secure key management. This article introduces into the Atalla Key Block, explains its principle and details why protecting keys is so important.

The Banking and financial services industry is challenged - for example by  PSD2. On top of this, they need to manage Identity and access management, cryptographic key management, use blockchains, go to the cloud and stay compliant. 

The time has come for all organizations to put serious consideration into the future of cryptography. The evolution of technology across the spectrum has brought us to the precipice of the next great technological shift. This is why the choice of the right Hardware Security Module (HSM) is a prerequisite for a crypto-agile architecture.

Organizations have been crucially reliant on the internet for their business workflows. Due to this enhanced exposure, organizations are facing new threats on a daily basis that dictates the incorporation of cryptographic services.

PSD2 is being touted as the biggest game changer to ever hit the payments industry in Europe. And not without good reason. PSD2 mandates banks to share customer account data with third parties (ones authorised by the customer), so that they can offer services to the customers while using the bank’s core systems as a backend. It gives the customer more control over her data and more options to choose from various service providers. 

The recent trends in information technology and communications have emerged as one of the main technological pillars of the modern age. The importance of cryptography has gained importance due to the requirement of security services (confidentiality, integrity, authenticity, and non-repudiation) in data storage/transmission.

 As business grew, so did the threat of compromise or theft of data.  To address these risks, both software methods and hardware devices were produced to secure networks, systems and data.  HSMs are dedicated devices, incorporated with both logical and physical protection mechanisms, designed to provide separate, secure operating environments where confidential or sensitive information could be treated without risk of exposure.   

Modern society and commerce are based on trust and digital identities. Companies and organizations build a reputation for being trustworthy. Consequently, the trust in their products is based on the trust in the organization.

Advanced and Qualified Electronic Signatures are electronic signatures that comply with EU Regulation 910/2014 on eIDAS electronic transactions in the European internal market. They enable long-term verification of electronic signatures. Today, we explain the difference between Qualified and Advanced Electronic Signatures, both in terms of legal status and technical requirements.